urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1c4a91fa04af-000000/p...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DO...
Submission: On June 22 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5882.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.208.106.2 16509 (AMAZON-02)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 5 2620:1ec:a92:... 8068 (MICROSOFT...)
8 23.48.23.38 20940 (AKAMAI-ASN1)
1 52.109.88.76 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:49::45 8075 (MICROSOFT...)
5 51.116.246.105 8075 (MICROSOFT...)
20 7
1    52.208.106.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-106-2.eu-west-1.compute.amazonaws.com
8gd8j5d4.r.eu-west-1.awstrack.me
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
5    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
8    23.48.23.38 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-38.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    52.109.88.76 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
5    51.116.246.105 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
8 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9489
222 KB
8 office.com
forms.office.com — Cisco Umbrella Rank: 5882
lists.office.com — Cisco Umbrella Rank: 14732
c.office.com — Cisco Umbrella Rank: 23988
37 KB
5 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 226
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 109
2 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2972
58 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 182
665 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4421
290 B
1 awstrack.me
8gd8j5d4.r.eu-west-1.awstrack.me
136 B
20 7
Domain Requested by
8 cdn.forms.office.net forms.office.com
cdn.forms.office.net
5 forms.office.com 1 redirects forms.office.com
cdn.forms.office.net
4 browser.events.data.microsoft.com js.monitor.azure.com
2 c.office.com 1 redirects
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 lists.office.com
1 bit.ly 1 redirects
1 8gd8j5d4.r.eu-west-1.awstrack.me 1 redirects
20 10

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
lists.office.com
Microsoft RSA TLS CA 02		 2022-05-24 -
2023-05-24		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-03-27 -
2023-03-22		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2022-04-08 -
2023-04-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Frame ID: 31DF9E0E42A8F6314923A26FA1E3377A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QUESTIONARIO DI GRADIMENTO DEI SERVIZI

Page URL History Show full URLs

  1. https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1... HTTP 302
    https://bit.ly/3KMr8OG HTTP 301
    https://forms.office.com/r/G2P7uv4mB2 HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

20
Requests

90 %
HTTPS

33 %
IPv6

7
Domains

10
Subdomains

7
IPs

4
Countries

322 kB
Transfer

892 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1c4a91fa04af-000000/pNRkEJORpTh8OpYdNjjm8o8U6IE=274 HTTP 302
    https://bit.ly/3KMr8OG HTTP 301
    https://forms.office.com/r/G2P7uv4mB2 HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&RedC=c.office.com&MXFR=27F5F3446E2D6709139DE28F6A2D6CEC HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&MUID=27F5F3446E2D6709139DE28F6A2D6CEC

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1c4a91fa04af-000000/pNRkEJORpTh8OpYdNjjm8o8U6IE=274
  • https://bit.ly/3KMr8OG
  • https://forms.office.com/r/G2P7uv4mB2
  • https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
46 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26e3b520da7d0674974df0aa9c8eb8d53ee9433622f8f8a7cd7738ead09490f6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
content-encoding
br
content-length
12678
content-type
text/html; charset=utf-8
date
Wed, 22 Jun 2022 13:50:45 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
3f2c7723-3caf-4266-8f69-9067d4a49cc3
x-failurereason
Unknown
x-msedge-ref
Ref A: C8DC4C01327E4176B88DE38E7604FB3D Ref B: VIEEDGE2113 Ref C: 2022-06-22T13:50:46Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormsSingleBox_IN_23
x-officeversion
16.0.15411.36676
x-robots-tag
noindex, nofollow
x-routingcorrelationid
3f2c7723-3caf-4266-8f69-9067d4a49cc3
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_23
x-routingofficeversion
16.0.15411.36676
x-routingsessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 22 Jun 2022 13:50:45 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
f1eeb2ec-0a6c-4529-8f89-1aa1132e86bb
x-msedge-ref
Ref A: 9C80F0A981374AD4BD0ABD1995DF12F5 Ref B: VIEEDGE2113 Ref C: 2022-06-22T13:50:45Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormIntelligenceService_IN_0
x-officeversion
16.0.15411.36676
x-routingcorrelationid
f1eeb2ec-0a6c-4529-8f89-1aa1132e86bb
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_17
x-routingofficeversion
16.0.15411.36676
x-routingsessionid
f1762824-5b9e-4c7b-8207-11d651a86877
x-usersessionid
f1762824-5b9e-4c7b-8207-11d651a86877
ls-response.it.a30d4c81e.js
cdn.forms.office.net/forms/scripts/dists/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.it.a30d4c81e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22ef920eefb34b747f040a39a5437b6bb725a751eec77bfd6da6b39ac7f645b9

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
mVI60vI4he9rwUM1OVlI1A==
content-length
7854
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 04:19:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA49CF36410318
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
095df776-b01e-0036-64d1-7b04ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
light-response-page.min.54facba.css
cdn.forms.office.net/forms/css/dist/ 		134 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.54facba.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
726bf9bac601aa85c3418949343bdb181818f46a833f2680e2172589f8054166

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
Av2RmlA41cnfky5lgmZiwA==
content-length
22416
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 04:10:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5272D556CB3E
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
258c8c51-701e-0009-5966-84b377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
light-response-page.min.83ec491.js
cdn.forms.office.net/forms/scripts/dists/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3070799d1a61e36670b52220922620aed44f3ccc610f31320d024ed8ad8a8797

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
ohhAw0/eFBieGMMxDoHh/A==
content-length
77108
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 23:25:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA53142B5D543E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c7b6f1de-501e-005a-6514-85af78000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
runtimeFormsWithResponses('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u')
forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/light/ 		29 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/light/runtimeFormsWithResponses('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad6973ea52e0cc95205cbf49364dbe927f210c3ae7b35381d38d83ab3eea82b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
X-UserSessionId
b9d33235-9001-4cf1-9175-bce4aa7ca37a
accept-language
it-IT,it;q=0.9
__RequestVerificationToken
I_89dLISS4WYUje2KHDb81Y2rXVuOnR_4DEiQASla4HL7xpVFMpe_bwQ_E783kA6Nsa8oFPOzQT1JiMvF4zZzg-B_TWpuDJGdgybJgkJHgw1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15411.36676
x-officefe
FormsSingleBox_IN_15
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_8
x-routingofficeversion
16.0.15411.36676
x-correlationid
09353bc1-5db5-4106-8c76-cb63a387922e
x-officecluster
neu-100.forms.office.com
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
date
Wed, 22 Jun 2022 13:50:46 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
09353bc1-5db5-4106-8c76-cb63a387922e
x-routingsessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-msedge-ref
Ref A: 8F11B905C8734FDD9C9C58D7204115C1 Ref B: VIEEDGE2113 Ref C: 2022-06-22T13:50:46Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.1fcee69.js
cdn.forms.office.net/forms/scripts/dists/ 		0
53 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1fcee69.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
IjE6gpvuiVc4c3gYymulAA==
content-length
53987
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 23:25:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA53142B35D510
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c3508c35-701e-0020-3c14-85c535000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
light-response-page.chunk.lrp_post.boot.4c6c090.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.4c6c090.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
m6dTbqd8t9ugOZTbwCXFxw==
content-length
3954
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jun 2022 04:37:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA4F51F1BD2B90
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
277fdd5b-d01e-0040-4b4b-818017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
light-response-page.chunk.lrp_ext.1fcee69.js
cdn.forms.office.net/forms/scripts/dists/ 		186 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1fcee69.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
79dfcd530f9506a716f1d3b252fb403a72ae447b8f1d4f5b3f7dcd6b1a6ff39e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
IjE6gpvuiVc4c3gYymulAA==
content-length
53987
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 23:25:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA53142B35D510
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c3508c35-701e-0020-3c14-85c535000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
light-response-page.chunk.lrp_post.boot.4c6c090.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.4c6c090.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d3a94e3b1871a1a451598084b27ce9d8cafbcae782e2e32418cd29afebc64481

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
m6dTbqd8t9ugOZTbwCXFxw==
content-length
3954
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jun 2022 04:37:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA4F51F1BD2B90
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
277fdd5b-d01e-0040-4b4b-818017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
light-response-page.chunk.sw.eb6086d.js
cdn.forms.office.net/forms/scripts/dists/ 		1012 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.eb6086d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.83ec491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
content-md5
omXkuJEG2teCk26VMZQneA==
content-length
416
x-ms-lease-status
unlocked
last-modified
Fri, 29 Apr 2022 04:40:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA299A6D820A77
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5174e1ae-d01e-0062-4088-5bee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 22 Jun 2023 13:50:46 GMT
GetThemes
forms.office.com/pages/responsepage.aspx/ 		226 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx/GetThemes
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1fcee69.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
19742c25d78e65c41c63fbf5ba097a9875c68af1a111ea1d9772f63ad2f25863
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
undefined
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-ms-form-request-ring
business
authorization
content-type
application/json
accept-language
it-IT,it;q=0.9
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
odata-maxverion
4.0
__requestverificationtoken
I_89dLISS4WYUje2KHDb81Y2rXVuOnR_4DEiQASla4HL7xpVFMpe_bwQ_E783kA6Nsa8oFPOzQT1JiMvF4zZzg-B_TWpuDJGdgybJgkJHgw1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15419.36680
x-officefe
FormsSingleBox_IN_22
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
140
x-routingofficefe
FormsSingleBox_IN_22
x-routingofficeversion
16.0.15419.36680
x-correlationid
bc312842-9c98-4f1b-ac7e-5aced520c4a9
x-officecluster
weu-100.forms.office.com
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
date
Wed, 22 Jun 2022 13:50:46 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
bc312842-9c98-4f1b-ac7e-5aced520c4a9
cache-control
private, max-age=0
x-failurereason
Unknown
x-routingsessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-msedge-ref
Ref A: DE3F72C008C2439391E03EBB6AF0B244 Ref B: VIEEDGE2113 Ref C: 2022-06-22T13:50:46Z
x-routingofficecluster
weu-100.forms.office.com
e3b7dc54-6674-4d66-b391-3db71ececb6b
lists.office.com/Images/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/1133862c-80bd-45ca-9780-7a8832c611e0/T62LXGDDT4954N4JZNC9YETHR5/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/1133862c-80bd-45ca-9780-7a8832c611e0/T62LXGDDT4954N4JZNC9YETHR5/e3b7dc54-6674-4d66-b391-3db71ececb6b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.76 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e471b14b6fa44dcf994c7e9f4ef447e4f7eaa5ad492ad19b55d5c49be4c8872
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 13:50:46 GMT
x-routingofficeversion
16.0.15414.36253
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
x-routingcorrelationid
a91d6580-2043-44ae-aaec-7f177f2e5a15
cache-control
no-cache
x-routingsessionid
4140b306-9c1b-4de1-96fe-0bd04631b567
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_3
expires
-1
'it'
forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/forms('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u'... 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/forms('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u')/localeResource/'it'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1fcee69.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
fc8e965c-2ad0-42b2-9687-7791fd37912b
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-ms-form-request-ring
business
authorization
content-type
application/json
accept-language
it-IT,it;q=0.9
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
odata-maxverion
4.0
__requestverificationtoken
I_89dLISS4WYUje2KHDb81Y2rXVuOnR_4DEiQASla4HL7xpVFMpe_bwQ_E783kA6Nsa8oFPOzQT1JiMvF4zZzg-B_TWpuDJGdgybJgkJHgw1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15411.36676
x-officefe
FormsSingleBox_IN_15
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.15411.36676
x-correlationid
fc8e965c-2ad0-42b2-9687-7791fd37912b
x-officecluster
weu-101.forms.office.com
x-usersessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
date
Wed, 22 Jun 2022 13:50:46 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
fc8e965c-2ad0-42b2-9687-7791fd37912b
x-routingsessionid
b9d33235-9001-4cf1-9175-bce4aa7ca37a
x-msedge-ref
Ref A: 479AE0AAD9BE4173B2C6BDB5C8CE6300 Ref B: VIEEDGE2113 Ref C: 2022-06-22T13:50:46Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&RedC=c.office.com&MXFR=27F5F3446E2D6709139DE28F6A2D6CEC
  • https://c.office.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&MUID=27F5F3446E2D6709139DE28F6A2D6CEC
42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&MUID=27F5F3446E2D6709139DE28F6A2D6CEC
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 13:50:46 GMT
last-modified
Fri, 20 May 2022 21:53:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"17a28a3946cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 22 Jun 2022 13:50:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 73D1D923EB254A4AB9FA6A91FA7B057D Ref B: ZRHEDGE1913 Ref C: 2022-06-22T13:50:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&MUID=27F5F3446E2D6709139DE28F6A2D6CEC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.4c6c090.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
505d3664b4318563b0e7e5096e930a98debdad10c637be2df5fea2f005e8ca10

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 13:50:46 GMT
content-encoding
br
x-azure-ref-originshield
0uBezYgAAAABDbgSLhmzrSbDQXJcgt2gVRlJBMjMxMDUwNDE3MDM5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
rTER0/T3X+0ON2+ZMJNo9Q==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.3
last-modified
Tue, 14 Jun 2022 19:58:10 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.3.min.js
etag
0x8DA4E403540518B
x-azure-ref
0Nh6zYgAAAAAYfCO0KS/zSqeJ3cwcjMFZRlJBMjMxMDUwNDE5MDE5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2d9aa7d5-601e-0098-3c39-86c814000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.246.105 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ee821dce5f00399b2c202c65e1531158387458aef52289b8c5d640231ebcf838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1655905848085
accept-language
it-IT,it;q=0.9
client-version
1DS-Web-JS-3.2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 22 Jun 2022 13:50:47 GMT
time-delta-millis
376
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.246.105 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 22 Jun 2022 13:50:47 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.246.105 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c507c336515da6bf4f7659618ca654ef41399ca24c9d8484a3eb94a741a04ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1655905849091
accept-language
it-IT,it;q=0.9
client-version
1DS-Web-JS-3.2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
time-delta-to-apply-millis
376
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 22 Jun 2022 13:50:48 GMT
time-delta-millis
57
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.246.105 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 22 Jun 2022 13:50:48 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1655905849302&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.1fcee69.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.116.246.105 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 22 Jun 2022 13:50:48 GMT
time-delta-millis
140
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

15 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m5mdOJ-1f9b0d8fbe2a90a134-00W
forms.office.com/ Name: DcLcid
Value: ui=1040&data=1040
.forms.office.com/ Name: FormsWebSessionId
Value: 36fa6787-3ed7-4379-9e2e-9f28ade1ab14
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: RxPM9oMgqg5eaRq2KnwwF0ZM6KTCW_El3-N1Y1qupQWixVIFCtx9_Gz6qakkrQ74chl_LtfyglBiVRKSa1Nvbmwt0a7qs7kmv5F8Eux3b4E1
.office.com/ Name: MUID
Value: 27F5F3446E2D6709139DE28F6A2D6CEC
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 9f9ae4d8-d369-4d42-98a6-e042d03e00e1
forms.office.com/ Name: ai_session
Value: ES4kf0o1ju+VcVsiQFl6dZ|1655905847078|1655905847078
.bing.com/ Name: MUID
Value: 27F5F3446E2D6709139DE28F6A2D6CEC
.c.bing.com/ Name: SRM_B
Value: 27F5F3446E2D6709139DE28F6A2D6CEC
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=d9f1075d65c04c0cbf40d5d0c2e0968d&HASH=d9f1&LV=202206&V=4&LU=1655905848461
.microsoft.com/ Name: MS0
Value: 86d7209de6594b5faaa000f23ee19561
forms.office.com/ Name: MSFPC
Value: GUID=d9f1075d65c04c0cbf40d5d0c2e0968d&HASH=d9f1&LV=202206&V=4&LU=1655905848461

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8gd8j5d4.r.eu-west-1.awstrack.me
bit.ly
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
20.234.93.27
23.48.23.38
2620:1ec:49::45
2620:1ec:a92::194
2620:1ec:c11::200
51.116.246.105
52.109.88.76
52.208.106.2
67.199.248.11
19742c25d78e65c41c63fbf5ba097a9875c68af1a111ea1d9772f63ad2f25863
1e471b14b6fa44dcf994c7e9f4ef447e4f7eaa5ad492ad19b55d5c49be4c8872
22ef920eefb34b747f040a39a5437b6bb725a751eec77bfd6da6b39ac7f645b9
26e3b520da7d0674974df0aa9c8eb8d53ee9433622f8f8a7cd7738ead09490f6
3070799d1a61e36670b52220922620aed44f3ccc610f31320d024ed8ad8a8797
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505d3664b4318563b0e7e5096e930a98debdad10c637be2df5fea2f005e8ca10
726bf9bac601aa85c3418949343bdb181818f46a833f2680e2172589f8054166
79dfcd530f9506a716f1d3b252fb403a72ae447b8f1d4f5b3f7dcd6b1a6ff39e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c
ad6973ea52e0cc95205cbf49364dbe927f210c3ae7b35381d38d83ab3eea82b6
c507c336515da6bf4f7659618ca654ef41399ca24c9d8484a3eb94a741a04ec1
d3a94e3b1871a1a451598084b27ce9d8cafbcae782e2e32418cd29afebc64481
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee821dce5f00399b2c202c65e1531158387458aef52289b8c5d640231ebcf838