urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qr.page/g/1O63LhJ7yKD
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXM...
Submission Tags: falconsandbox
Submission: On May 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2366.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on April 1st 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:1901:0:4... 396982 (GOOGLE-CL...)
1 99.86.91.69 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:300... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a01:111:f100... 8075 (MICROSOFT...)
5 20.50.80.213 8075 (MICROSOFT...)
35 9
1    2600:1901:0:4320:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
qr.page
1    99.86.91.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-69.cdg50.r.cloudfront.net
qrcodes.pro
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:3000::170a:f91a (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a01:111:f100:9001::1761:929d (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
5    20.50.80.213 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7336
2 MB
6 office.com
forms.office.com — Cisco Umbrella Rank: 2366
c.office.com — Cisco Umbrella Rank: 18668
lists.office.com — Cisco Umbrella Rank: 12387
74 KB
5 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 966
968 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
763 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
59 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
81 KB
1 qrcodes.pro
qrcodes.pro — Cisco Umbrella Rank: 376181
2 KB
1 qr.page
qr.page — Cisco Umbrella Rank: 556936
221 B
35 8
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
5 eu-mobile.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com qrcodes.pro
forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects forms.office.com
1 lists.office.com forms.office.com
1 c.bing.com 1 redirects
1 connect.facebook.net qrcodes.pro
1 www.googletagmanager.com qrcodes.pro
1 qrcodes.pro
1 qr.page 1 redirects
35 10

This site contains links to these domains. Also see Links.

Domain
www.herts.police.uk
go.microsoft.com
Subject Issuer Validity Valid
qr.tapnscan.me
Amazon RSA 2048 M01		 2023-07-09 -
2024-08-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-08 -
2024-06-06		 3 months crt.sh
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-01 -
2025-03-27		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-16 -
2025-04-11		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-02-28 -
2025-02-22		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-30 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Frame ID: FC24EB0DCB96BAAC09EA46AE3A599D23
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Community Policing Survey

Page URL History Show full URLs

  1. https://qr.page/g/1O63LhJ7yKD HTTP 302
    https://qrcodes.pro/1O63LhJ7yKD Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1N... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

94 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

9
IPs

5
Countries

1889 kB
Transfer

3336 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qr.page/g/1O63LhJ7yKD HTTP 302
    https://qrcodes.pro/1O63LhJ7yKD Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://qr.page/g/1O63LhJ7yKD HTTP 302
  • https://qrcodes.pro/1O63LhJ7yKD
Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&RedC=c.office.com&MXFR=11521D11BE116FE9387B099EBA116455 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&MUID=11521D11BE116FE9387B099EBA116455

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1O63LhJ7yKD
qrcodes.pro/
Redirect Chain
  • https://qr.page/g/1O63LhJ7yKD
  • https://qrcodes.pro/1O63LhJ7yKD
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-69.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
f6cbc6ddaacf46bf8ac3d980a53d933773f2a5ed65af651ab454ae24a8bbe30a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, x-csrftoken
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin
None
cache-control
private, max-age=1
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 14:33:23 GMT
server
nginx
vary
Accept-Encoding,Accept-Language,Cookie
via
1.1 e225339d299ad31ad0818dbdb8c65826.cloudfront.net (CloudFront)
x-amz-cf-id
AD8aPwdzi9sJ1ASUlut5eSth7VwTt5WDKqgacVQSzb8v9TCedZZqag==
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 30 May 2024 14:33:23 GMT
location
https://qrcodes.pro/1O63LhJ7yKD
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 google
x-cloud-trace-context
7c74f6cc84319b969d308e62eb87db0f
js
www.googletagmanager.com/gtag/ 		221 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-None
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qrcodes.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82023
x-xss-protection
0
last-modified
Thu, 30 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 14:33:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://qrcodes.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 May 2024 14:33:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
pI+fAfk6C8dIzhWGIlls4OKAfbngdyG/fxcGhXe8f4UYy/bPWeA1+OfaTi/nemrnRfiCIh/5idNR8QJzvgaCjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Primary Request responsepage.aspx
forms.office.com/pages/ 		64 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcb863d69dc22be8b5f1b03ae484e20ce356b574db6106cc1a04f4b9a95b6ae
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-8b7b8238-5dfb-42ad-a6a2-6a6290ca4560' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qrcodes.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-8b7b8238-5dfb-42ad-a6a2-6a6290ca4560' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 14:33:23 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
b3d31ebd-8af5-4c69-bb57-3a2b93e2eb5f
x-msedge-ref
Ref A: 2407E0F242374FB686EA9E9E71D81F9D Ref B: AMS231032606011 Ref C: 2024-05-30T14:33:24Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.17726.42050
x-robots-tag
noindex, nofollow
x-routingcorrelationid
b3d31ebd-8af5-4c69-bb57-3a2b93e2eb5f
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.17726.42050
x-routingsessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
x-usersessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
ls-response.de.1507064db.js
cdn.forms.office.net/forms/scripts/dists/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.1507064db.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
748104ec60597180ca4137cf33fe15ae55d016f523e1650a97dba7ef54714fbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
wUr05Tqf323Dr8WOWbeowg==
content-length
13721
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9EE85173
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6d2b76b7-001e-006b-35d2-b0f4af000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f57797fb-801e-0058-332d-62ad82000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.min.8740c38.js
cdn.forms.office.net/forms/scripts/dists/ 		479 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1af8ebcab133314c3392f80ab677db2a29a03ec180c5c667695feae7557324c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
3SSo1pS3WrzXduH+GH73AA==
content-length
128637
x-ms-lease-status
unlocked
last-modified
Wed, 29 May 2024 12:36:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7FDBFD9BC023
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
556ab1d1-501e-001e-3927-b27314000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
runtimeFormsWithResponses('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')
forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/light/ 		70 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/light/runtimeFormsWithResponses('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5e658964472d463b37cd87f89b56479259d073063ea867cb674c07c93fa110b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-UserSessionId
3f8dccb8-b56f-4d95-8380-188eb787b16a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
__RequestVerificationToken
O9IbjX1bOx0QsakS_CrXLwwbKy7jx5-ZkUZ-VIEji_3gM65z8yqaDVxPW84HeBwKNbyTb4g42uhJ8lsn3s83lQ_by7-wgrnD9Ityii9H4to1
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 30 May 2024 14:33:23 GMT
x-officeversion
16.0.17726.42050
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.17726.42050
x-correlationid
b9edf989-d448-4b13-ae6f-5c90d373be4f
x-officecluster
frc-100.forms.office.com
x-usersessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
x-msedge-ref
Ref A: 020E7906736A494ABD1B1F05BB9E0C74 Ref B: AMS231032606011 Ref C: 2024-05-30T14:33:24Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
b9edf989-d448-4b13-ae6f-5c90d373be4f
x-routingsessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
light-response-page.chunk.lrp_ext.4a282c6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
106 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.4a282c6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
cTRiYXNFkqfsBUOT8dJBKQ==
content-length
107994
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C1EC379
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
64f52891-d01e-000f-05d2-b0440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_saveresponse.f624573.js
cdn.forms.office.net/forms/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.f624573.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
xJ+NZymqjhLPSeHOFgHVCA==
content-length
9320
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C294946
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac215ae5-a01e-006d-75d2-b003d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_groupnote.9be6062.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.9be6062.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
Pb+mmKO9oHJz5uMJYoMgGg==
content-length
1608
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C1E4E5C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac215af6-a01e-006d-7dd2-b003d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_cover.9e92ec1.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.9e92ec1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
9B3VDyQPNagdvtEnjFkv+g==
content-length
17886
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C1C79DE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f0489bf6-901e-002a-4ed2-b0dcbc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_post.boot.1f1ae2a.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.1f1ae2a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
DVLhqYIkJP1GTp/vedcQQg==
content-length
5077
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C25C758
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d44ddd95-d01e-0040-03d2-b08017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_ext.4a282c6.js
cdn.forms.office.net/forms/scripts/dists/ 		381 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.4a282c6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9c63071d1280148f90ed89a647593c64fbe41125f76a5ccb1cbcd7fca811d243

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
cTRiYXNFkqfsBUOT8dJBKQ==
content-length
107994
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C1EC379
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
64f52891-d01e-000f-05d2-b0440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.themes.c288f9f.js
cdn.forms.office.net/forms/scripts/dists/ 		309 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.themes.c288f9f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
047fec89dfc905c0180464905739e50ee59c78b76d0bd9345e4ba5e851f4828b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
9WyUzmcjXzy/AFDruX8hCQ==
content-length
27898
x-ms-lease-status
unlocked
last-modified
Fri, 12 May 2023 04:25:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB52A0E25C6F50
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66c6be5e-e01e-000c-2b95-844708000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_saveresponse.f624573.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.f624573.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
af01ec2409bce5f0a2c4b2ef8c82484c31427d2e468ac1452fb3fa56b3aa664a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
xJ+NZymqjhLPSeHOFgHVCA==
content-length
9320
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C294946
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac215ae5-a01e-006d-75d2-b003d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_copilot.f04bff7.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_copilot.f04bff7.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2a08b0c54f15b1119b30a798932f879e845361c73df0ca54c6dbb2aa828ac604

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
kOEW4zUR9cpknEgiXx2kMg==
content-length
530
x-ms-lease-status
unlocked
last-modified
Thu, 23 May 2024 05:12:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7AE6FD233AAC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2ec50274-801e-0035-55d7-ac07ac000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.lrp_post.boot.1f1ae2a.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.1f1ae2a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f015d13124fa6a23926cf55dd6ec0a7c11dbdc8bbe7ff289e072ebd7da80e7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
DVLhqYIkJP1GTp/vedcQQg==
content-length
5077
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C25C758
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d44ddd95-d01e-0040-03d2-b08017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:36:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F429D278D
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7038f12-901e-004c-4de5-186ee6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
nY8PCaNNXKMbNv65yICtKg==
content-length
585
x-ms-lease-status
unlocked
last-modified
Wed, 06 Mar 2024 05:29:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC3D9E71C8E737
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5805a98f-f01e-0075-1c8b-6f2e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.officebrowserfeedback.03003e7.js
cdn.forms.office.net/forms/scripts/dists/ 		0
135 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.03003e7.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
fWHpXNbI+YAVC+cnpDBlRw==
content-length
137413
x-ms-lease-status
unlocked
last-modified
Tue, 28 May 2024 05:54:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7EDA9C2FD800
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2eb265d6-901e-0008-77d2-b0b28a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
K1wotL4HRbGauz+Vu/VA/w==
content-length
34470
x-ms-lease-status
unlocked
last-modified
Wed, 21 Feb 2024 05:49:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC32A0EE652AE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0abf1bb-f01e-0031-228c-64f22e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.utel.ac1e624.js
cdn.forms.office.net/forms/scripts/dists/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.ac1e624.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1ac8015e8495a8eab98f615768b1fcd84a1c8520462834635601175469fb743b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
qhyte09Wkgiv1x9vbW4lKw==
content-length
5766
x-ms-lease-status
unlocked
last-modified
Tue, 21 May 2024 05:11:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC79547114C341
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
943f0d12-401e-0001-5949-aba804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&RedC=c.office.com&MXFR=11521D11BE116FE9387B099EBA116455
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&MUID=11521D11BE116FE9387B099EBA116455
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&MUID=11521D11BE116FE9387B099EBA116455
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 14:33:24 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 30 May 2024 14:33:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FE4A3D043121419B8DB9AACE5F998327 Ref B: FRAEDGE1217 Ref C: 2024-05-30T14:33:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=395ACB874E364FD7879F1074B00D7FEC&MUID=11521D11BE116FE9387B099EBA116455
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
f036acb8-dc38-46ba-8ea8-f6836cc89f1a
lists.office.com/Images/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/93f36eb5-77cf-45ac-805e-b9efeab77d32/T0E55K3NR80V7AASQTW231JX39/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/93f36eb5-77cf-45ac-805e-b9efeab77d32/T0E55K3NR80V7AASQTW231JX39/f036acb8-dc38-46ba-8ea8-f6836cc89f1a
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:929d Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a7235f5936a35ede5a1cedc5da8c9678b5343ba8c0f4b105e4eaea8fe2726c7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 14:33:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17721.42525
content-type
image/png
x-routingcorrelationid
5504af9e-723a-4dcf-89bc-529cbaa99fb3
cache-control
no-cache
x-routingsessionid
402cc302-ef0b-4a6c-8356-b191f898129f
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
expires
-1
'de'
forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/forms('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQl... 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/forms('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.4a282c6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ms-form-request-ring
business
Accept-Language
de-DE,de;q=0.9;q=0.9
authorization
odata-maxverion
4.0
sec-ch-ua-platform
"Win32"
odata-version
4.0
x-correlationid
f0c08c7a-66ba-45b7-835c-3cd857e351a5
x-usersessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
x-ms-form-request-source
ms-formweb
__requestverificationtoken
O9IbjX1bOx0QsakS_CrXLwwbKy7jx5-ZkUZ-VIEji_3gM65z8yqaDVxPW84HeBwKNbyTb4g42uhJ8lsn3s83lQ_by7-wgrnD9Ityii9H4to1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 30 May 2024 14:33:24 GMT
x-officeversion
16.0.17726.42050
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.17726.42050
x-correlationid
f0c08c7a-66ba-45b7-835c-3cd857e351a5
x-officecluster
frc-100.forms.office.com
x-usersessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
x-msedge-ref
Ref A: 97AA1FE6D5704EFD83A37DBBBE0ED460 Ref B: AMS231032606011 Ref C: 2024-05-30T14:33:24Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
f0c08c7a-66ba-45b7-835c-3cd857e351a5
x-routingsessionid
3f8dccb8-b56f-4d95-8380-188eb787b16a
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
buildings-sun.jpg
cdn.forms.office.net/forms/formsresources/intelligence/themes/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/formsresources/intelligence/themes/buildings-sun.jpg
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3404d0cd31a5f440541b40d238fd07d5faf9bb87e670a51f9847a7f727b59ae5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:25 GMT
content-md5
8DQ5jT651gkzNBTBwA7x2A==
content-length
1186582
x-ms-lease-status
unlocked
last-modified
Wed, 29 May 2024 11:06:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7FCF604C332C
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
d89a4183-201e-0055-6b9e-b2428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:25 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 05:32:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9EE3626888F3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a222bac8-a01e-0044-38dc-d07595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
light-response-page.chunk.utel_1ds.c419280.js
cdn.forms.office.net/forms/scripts/dists/ 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel_1ds.c419280.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8740c38.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
feec3269001a82dd131d49fe8536753a81bd0e7e4049aebbeff7ec0a29e341e7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:24 GMT
content-encoding
br
content-md5
nD0YPrlZe/E4LOff0ugtHA==
content-length
31781
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 06:18:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC375BE3175F19
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
879b2fb5-001e-000d-6549-6946f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:24 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.213 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 30 May 2024 14:33:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.213 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
upload-time
1717079605243
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 14:33:24 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
322
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::170a:f91a Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 May 2024 14:33:26 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Sat, 10 Dec 2022 07:48:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADA82E16BBA79
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
29cc22b1-b01e-0072-3c9e-0dd8c7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 30 May 2025 14:33:26 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		154 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.213 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0048300fea714355c32e51ab30d2d431951cab446925e1b5c0105c075736ae55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
upload-time
1717079606717
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 14:33:26 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
426
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.213 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 30 May 2024 14:33:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		24 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.213 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
upload-time
1717079607034
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
time-delta-to-apply-millis
322
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 14:33:26 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
234
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
24

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

15 Cookies

Domain/Path Name / Value
qrcodes.pro/ Name: visitor-id
Value: 1717079603VfIyEH
qrcodes.pro/ Name: mappable_id
Value: 1717079603VfIyEH_1717079603
qrcodes.pro/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtYXBwYWJsZUlEIjoiMTcxNzA3OTYwM1ZmSXlFSF8xNzE3MDc5NjAzIiwidGltZXN0YW1wIjoxNzE3MDc5NjAzODk4LCJpYXQiOjE3MTcwNzk1NzMsImV4cCI6MTcxNzA3OTkwM30.K2e4Y58uVStKuAAQFtYT6q3CWilM1RaUO1P4z3sEvmU
.qrcodes.pro/ Name: _gcl_au
Value: 1.1.227133507.1717079604
forms.office.com/ Name: FormsWebSessionId
Value: afda7618-f4fe-485a-81df-d3cf9e51b39f
forms.office.com/ Name: __RequestVerificationToken
Value: vWQgjI_yE1cXJfZLmAnaGh5QIL3jHD2dW1-0iOA8mFU9xFFk1RCs38xEYnqzwS84lQA4Nl3gXhy-P3l0KAQci7qZQt1DjlAKk4O620Fav-M1
.office.com/ Name: MUID
Value: 11521D11BE116FE9387B099EBA116455
.bing.com/ Name: MUID
Value: 11521D11BE116FE9387B099EBA116455
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 11521D11BE116FE9387B099EBA116455
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=a2a4f0e487034b72a49472a8f8de8a3c&HASH=a2a4&LV=202405&V=4&LU=1717079607143
.microsoft.com/ Name: MS0
Value: 50450ef8b12a4ace8e145fed111f2338

5 Console Messages

Source Level URL
Text
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.office.com
cdn.forms.office.net
connect.facebook.net
eu-mobile.events.data.microsoft.com
forms.office.com
lists.office.com
qr.page
qrcodes.pro
www.googletagmanager.com
20.50.80.213
2600:1901:0:4320::
2620:1ec:a92::194
2620:1ec:c11::237
2a00:1450:4001:809::2008
2a01:111:f100:9001::1761:929d
2a02:26f0:3000::170a:f91a
2a03:2880:f084:d:face:b00c:0:3
68.219.88.97
99.86.91.69
0048300fea714355c32e51ab30d2d431951cab446925e1b5c0105c075736ae55
047fec89dfc905c0180464905739e50ee59c78b76d0bd9345e4ba5e851f4828b
0fcb863d69dc22be8b5f1b03ae484e20ce356b574db6106cc1a04f4b9a95b6ae
1ac8015e8495a8eab98f615768b1fcd84a1c8520462834635601175469fb743b
1af8ebcab133314c3392f80ab677db2a29a03ec180c5c667695feae7557324c3
2a08b0c54f15b1119b30a798932f879e845361c73df0ca54c6dbb2aa828ac604
3404d0cd31a5f440541b40d238fd07d5faf9bb87e670a51f9847a7f727b59ae5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
5f015d13124fa6a23926cf55dd6ec0a7c11dbdc8bbe7ff289e072ebd7da80e7e
748104ec60597180ca4137cf33fe15ae55d016f523e1650a97dba7ef54714fbe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7235f5936a35ede5a1cedc5da8c9678b5343ba8c0f4b105e4eaea8fe2726c7
9c63071d1280148f90ed89a647593c64fbe41125f76a5ccb1cbcd7fca811d243
af01ec2409bce5f0a2c4b2ef8c82484c31427d2e468ac1452fb3fa56b3aa664a
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e658964472d463b37cd87f89b56479259d073063ea867cb674c07c93fa110b
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f6cbc6ddaacf46bf8ac3d980a53d933773f2a5ed65af651ab454ae24a8bbe30a
feec3269001a82dd131d49fe8536753a81bd0e7e4049aebbeff7ec0a29e341e7