urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQ...
Submission: On March 06 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5777.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2620:1ec:a92:... 8068 (MICROSOFT...)
11 92.123.225.19 20940 (AKAMAI-ASN1)
1 2620:1ec:46::45 8068 (MICROSOFT...)
1 52.109.88.137 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 13.89.179.8 8075 (MICROSOFT...)
1 20.44.10.122 8075 (MICROSOFT...)
22 8
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
11    92.123.225.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-19.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    52.109.88.137 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    13.89.179.8 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    20.44.10.122 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
11 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7907
236 KB
7 office.com
forms.office.com — Cisco Umbrella Rank: 5777
lists.office.com — Cisco Umbrella Rank: 13926
c.office.com — Cisco Umbrella Rank: 22901
47 KB
3 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 261
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 100
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
658 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3273
55 KB
22 5
Domain Requested by
11 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 forms.office.com forms.office.com
cdn.forms.office.net
2 browser.events.data.microsoft.com js.monitor.azure.com
2 c.office.com 1 redirects
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 lists.office.com
1 js.monitor.azure.com cdn.forms.office.net
22 8

This site contains links to these domains. Also see Links.

Domain
www.eiwitinfo.nl
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2021-12-27 -
2022-12-22		 a year crt.sh
lists.office.com
Microsoft RSA TLS CA 01		 2021-09-15 -
2022-09-15		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Frame ID: FCD58A8A90B4553F08CCFD8406330250
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Eiwitrijk eten, doe je dat puur met voeding of gebruik je supplementen?

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

22
Requests

91 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

8
IPs

4
Countries

343 kB
Transfer

878 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&RedC=c.office.com&MXFR=2959819726046EC1314590C822046567 HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&MUID=2959819726046EC1314590C822046567

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
108ae89825b8e7e071f411423817758aaba29ac54fefa71731bd8c5c32355cc3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
11830
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_19
x-routingofficeversion
16.0.15101.36681
x-routingsessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-routingcorrelationid
e71f4a99-e786-44b7-b05e-8ad67d092a15
x-correlationid
e71f4a99-e786-44b7-b05e-8ad67d092a15
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.15101.36681
x-officecluster
ncus-100.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 7C44D7C858874192B0020AFF8B226FB4 Ref B: AMS04EDGE2013 Ref C: 2022-03-06T13:58:01Z
date
Sun, 06 Mar 2022 13:58:01 GMT
runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u')
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffe3fb05d8e/light/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffe3fb05d8e/light/runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3506d845ff61bd5a4aba4f71c26078ef1e947c2043a80b01399c3071a839ab59
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
X-UserSessionId
638a2195-837a-4362-a1ee-a9246bc93f91
Accept-Language
nl-NL,nl;q=0.9
__RequestVerificationToken
wu6VvbocJFaKUg7YI5cKo0CZmsKGlThxNylV5iuedA9kf4OGBQeqXLkcg9_1irvO9rZeFdQqc2fcdGXBbfLHtu9nZNpnvAUj-mXdGuSCuBU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15027.36677
x-officefe
FormsSingleBox_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
2004
x-routingofficefe
FormsSingleBox_IN_17, FormsSingleBox_IN_0
pragma
no-cache
x-routingofficeversion
16.0.15027.36677, 16.0.15027.36677
x-correlationid
a5efcba4-21c1-4b39-80c4-5fb0ec4a68a3
x-officecluster
ncus-101.forms.office.com
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
date
Sun, 06 Mar 2022 13:58:02 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a5efcba4-21c1-4b39-80c4-5fb0ec4a68a3
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-msedge-ref
Ref A: A3C1C0B526AA40A792FC4B456827934B Ref B: AMS04EDGE2013 Ref C: 2022-03-06T13:58:02Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com, ncus-101.forms.office.com
expires
-1
ls-response.nl.7f077aa8c.js
cdn.forms.office.net/forms/scripts/dists/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.nl.7f077aa8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7b38a78897e81b9903a77fbf0bec8b3ad987bb6d6a2e79d79a106c94c9af6e9b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
c9LmLUAVbKqK7oIt5NlPkA==
content-length
7778
x-ms-lease-status
unlocked
last-modified
Mon, 14 Feb 2022 07:11:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9EF8928BC15EB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
736bd607-d01e-0004-777f-215c7b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.min.e2b662b.css
cdn.forms.office.net/forms/css/dist/ 		127 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.e2b662b.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
212c001e6fce6384c207510e217f4500832ee4c05bbd73f82b0284324fbefb89

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
+bI842zyJNOBLLCBtOqvcg==
content-length
21623
x-ms-lease-status
unlocked
last-modified
Mon, 21 Feb 2022 06:34:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F50447CFCEBA
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1be22702-801e-0071-52f2-26dbc0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.min.cbe83ef.js
cdn.forms.office.net/forms/scripts/dists/ 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
01ac592add3be351332e20039acdef5e35c2e3d554d13c29a68eee945d22e3ec

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
dB9fpeVZKtCDi6+3cXZcdQ==
content-length
72915
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 07:00:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FA87FF3DFD6B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
af41f2c1-c01e-0076-2375-2c2d45000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.chunk.lrp_ext.bb7a85e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
51 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bb7a85e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
DCUHQFduzZWREeVI5Tg4xQ==
content-length
51915
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 07:00:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FA87FF160934
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c373a90b-401e-0045-7275-2c7468000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.chunk.lrp_post.boot.ce257e4.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.ce257e4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
tzJymcB/NswFJI9pfKlHtQ==
content-length
3951
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 07:00:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FA87FF245ED1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aae7109a-a01e-0022-0475-2cc7cf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.chunk.lrp_ext.bb7a85e.js
cdn.forms.office.net/forms/scripts/dists/ 		181 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bb7a85e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f659e309d664d93658640dcd2fea15ef3c92d9beb6d6dbaf51d40f1e390e95a2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
DCUHQFduzZWREeVI5Tg4xQ==
content-length
51915
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 07:00:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FA87FF160934
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c373a90b-401e-0045-7275-2c7468000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
light-response-page.chunk.lrp_post.boot.ce257e4.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.ce257e4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3129c5f3706d40ca6f59cd35b48d3520f08feea76c839e6418984590d6b2a8c6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
tzJymcB/NswFJI9pfKlHtQ==
content-length
3951
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 07:00:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FA87FF245ED1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aae7109a-a01e-0022-0475-2cc7cf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
ir_white_title.svg
cdn.forms.office.net/forms/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/ir_white_title.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-md5
10Dd1PpC6lRQDD1f/z25Sw==
content-length
2271
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 05:27:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FC0D470984AF
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
be9c60b0-701e-0002-3693-2eab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
immersive-reader-icon_black.svg
cdn.forms.office.net/forms/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/immersive-reader-icon_black.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-md5
KcE1VrPtrNUxMzaM4LNsNw==
content-length
2384
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 05:27:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9FC0D4707FE3A
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d76b9df9-101e-003b-3993-2eeba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
light-response-page.chunk.sw.b689270.js
cdn.forms.office.net/forms/scripts/dists/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.b689270.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cbe83ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
233903926db3f1ad154a2c8be22394f71763d133ea5dc306d1f9e9184990a5b4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
content-md5
swR+VnIt41MGLlvtJfH0eg==
content-length
868
x-ms-lease-status
unlocked
last-modified
Mon, 27 Dec 2021 04:16:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9C8EFBA4F9D1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2a5e390e-701e-002b-1ddf-fadd41000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.ce257e4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2798f151600e63249fe8ecb9e50ee6075ade8bfb5da57d2394bdfe091274ddc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 13:58:02 GMT
content-encoding
br
x-ms-meta-jssdkver
3.1.11
last-modified
Fri, 04 Mar 2022 00:40:58 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.1.11.min.js
content-md5
o1adWcKopF4PFhenqd1UQw==
etag
0x8D9FD77A6AD1BE6
x-azure-ref
06r0kYgAAAAC+hcXHzPebSKPT5d8WzDKATE9OMjFFREdFMDIxNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a43dc4d8-c01e-0028-3261-3189dd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
GetThemes
forms.office.com/Pages/ResponsePage.aspx/ 		248 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx/GetThemes
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bb7a85e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47652c0ac066e8014f470255964722ff3004b08a76a75ae42e808d02553e0156
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
undefined
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-ms-form-request-ring
msa
authorization
content-type
application/json
Accept-Language
nl-NL,nl;q=0.9
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
odata-maxverion
4.0
__requestverificationtoken
wu6VvbocJFaKUg7YI5cKo0CZmsKGlThxNylV5iuedA9kf4OGBQeqXLkcg9_1irvO9rZeFdQqc2fcdGXBbfLHtu9nZNpnvAUj-mXdGuSCuBU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15101.36681
x-officefe
FormsSingleBox_IN_5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
133
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.15101.36681
x-correlationid
5b783711-31df-4a1c-ba5f-8aef02d35af6
x-officecluster
weu-100.forms.office.com
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
date
Sun, 06 Mar 2022 13:58:02 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
undefined
cache-control
max-age=0, private
x-failurereason
Unknown
x-routingsessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-msedge-ref
Ref A: 76A9EA9FE8E54BE6B3EFEDB49D198BD0 Ref B: AMS04EDGE2013 Ref C: 2022-03-06T13:58:02Z
x-routingofficecluster
weu-100.forms.office.com
70a590d7-25c3-4059-9e94-399aa4c2f631
lists.office.com/Images/9188040d-6c67-4c5b-b112-36a304b66dad/00000000-0000-0000-0003-7ffe3fb05d8e/T0A9B13OT1HEZQ8D3QCA1XTIHV/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/9188040d-6c67-4c5b-b112-36a304b66dad/00000000-0000-0000-0003-7ffe3fb05d8e/T0A9B13OT1HEZQ8D3QCA1XTIHV/70a590d7-25c3-4059-9e94-399aa4c2f631
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.137 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
631382bac5f8ac95f7b10cd5eed9a542ad733555595bc840ed13a5e52cd128a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Mar 2022 13:58:03 GMT
x-routingofficeversion
16.0.15025.36251
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
x-routingcorrelationid
2a0f778e-2d0c-4542-b878-cb15bfa70c3f
cache-control
no-cache
x-routingsessionid
be28a05c-20b2-4a6b-ada9-7514270dfdb6
x-hivering
2
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
expires
-1
'nl-nl'
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffe3fb05d8e/forms('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u'... 		2 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-7ffe3fb05d8e/forms('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u')/localeResource/'nl-nl'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bb7a85e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
fd95fdcd-be85-4631-853b-86cb680e36dd
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-ms-form-request-ring
msa
authorization
content-type
application/json
Accept-Language
nl-NL,nl;q=0.9
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAN__j-wXY5UMEE5QjEzT1QxSEVaUThEM1FDQTFYVElIVi4u
odata-maxverion
4.0
__requestverificationtoken
wu6VvbocJFaKUg7YI5cKo0CZmsKGlThxNylV5iuedA9kf4OGBQeqXLkcg9_1irvO9rZeFdQqc2fcdGXBbfLHtu9nZNpnvAUj-mXdGuSCuBU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15101.36681
x-officefe
FormsSingleBox_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
6
x-routingofficefe
FormsSingleBox_IN_13, FormsSingleBox_IN_0
pragma
no-cache
x-routingofficeversion
16.0.15027.36677, 16.0.15101.36681
x-correlationid
fd95fdcd-be85-4631-853b-86cb680e36dd
x-officecluster
ncus-100.forms.office.com
x-usersessionid
638a2195-837a-4362-a1ee-a9246bc93f91
date
Sun, 06 Mar 2022 13:58:02 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
fd95fdcd-be85-4631-853b-86cb680e36dd
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
638a2195-837a-4362-a1ee-a9246bc93f91
x-msedge-ref
Ref A: 5B88C71FF6D1415F92AEC39D5FEBD1DB Ref B: AMS04EDGE2013 Ref C: 2022-03-06T13:58:02Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com, ncus-100.forms.office.com
expires
-1
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&RedC=c.office.com&MXFR=2959819726046EC1314590C822046567
  • https://c.office.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&MUID=2959819726046EC1314590C822046567
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&MUID=2959819726046EC1314590C822046567
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Mar 2022 13:58:03 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 06 Mar 2022 13:58:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8764743FF3B641DEAE505A1EEE250AD3 Ref B: AMBEDGE0809 Ref C: 2022-03-06T13:58:03Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=99BF2392BB7B4953897697ACB38A3378&MUID=2959819726046EC1314590C822046567
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sw.js
forms.office.com/ 		0
0
chemistry.png
cdn.forms.office.net/forms/images/theme/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/theme/chemistry.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd2593eae002b0e66695d4796a8b2ece6303654fab62e08cd72294b5ddb99ad7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 06 Mar 2022 13:58:02 GMT
content-md5
fkzLKDLDVYzHVa0jv0zyAg==
content-length
16948
x-ms-lease-status
unlocked
last-modified
Fri, 20 Aug 2021 05:17:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D96399C2D9B5D0
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
88520447-b01e-006a-72ec-95087f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 06 Mar 2023 13:58:02 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1646575084092&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.179.8 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2731e8ba67e6de94e77b6c53523cea25462a1aadb73518e330fdd9c64cfda69f

Request headers

Referer
https://forms.office.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 06 Mar 2022 13:58:03 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
498
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1646575085094&time-delta-to-apply-millis=498&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.179.8 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22ae94715e94cd980f341e86065d52f303c44ba2240db0b0781a39ea9a9a8fa5

Request headers

Referer
https://forms.office.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 06 Mar 2022 13:58:04 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
58
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=5f4ebf0f9a11474199e89f94bc7e2f50-61b8420a-22b1-4220-b531-4a4b96e4edb9-7406&client-time-epoch-millis=1646575085602&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bb7a85e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 13:58:05 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
461
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.office.com
URL
https://forms.office.com/sw.js?ring=Business

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1043&data=1043
.forms.office.com/ Name: FormsWebSessionId
Value: a5a352c7-e4d6-4f53-b031-26d6e685a51c
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: fbablcCEwHmANvlkyYuZROvVI1344ihi77ALMAWt-lkNvCNEJr13Ug586Csc1P58FJKdzcJsoFyObNlmQdQtRUoqCJud87_wsRdUn9kWyEo1
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 004ccd2a-f049-4d52-8bff-2f5ce790111b
forms.office.com/ Name: ai_session
Value: M23ADu99CR6hA0jl5ipnJy|1646575083088|1646575083088
.office.com/ Name: MUID
Value: 2959819726046EC1314590C822046567
.bing.com/ Name: MUID
Value: 2959819726046EC1314590C822046567
.c.bing.com/ Name: SRM_B
Value: 2959819726046EC1314590C822046567
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=fe62586554e34b439e7f98e3141a32ab&HASH=fe62&LV=202203&V=4&LU=1646575084590
.microsoft.com/ Name: MS0
Value: 8849226cad5648ba82b1bac4910e18d8
forms.office.com/ Name: MSFPC
Value: GUID=fe62586554e34b439e7f98e3141a32ab&HASH=fe62&LV=202203&V=4&LU=1646575084590

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
forms.office.com
13.89.179.8
20.44.10.122
2620:1ec:46::45
2620:1ec:a92::194
2620:1ec:c11::200
52.109.88.137
52.142.114.2
92.123.225.19
01ac592add3be351332e20039acdef5e35c2e3d554d13c29a68eee945d22e3ec
108ae89825b8e7e071f411423817758aaba29ac54fefa71731bd8c5c32355cc3
212c001e6fce6384c207510e217f4500832ee4c05bbd73f82b0284324fbefb89
22ae94715e94cd980f341e86065d52f303c44ba2240db0b0781a39ea9a9a8fa5
233903926db3f1ad154a2c8be22394f71763d133ea5dc306d1f9e9184990a5b4
2731e8ba67e6de94e77b6c53523cea25462a1aadb73518e330fdd9c64cfda69f
3129c5f3706d40ca6f59cd35b48d3520f08feea76c839e6418984590d6b2a8c6
3506d845ff61bd5a4aba4f71c26078ef1e947c2043a80b01399c3071a839ab59
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
47652c0ac066e8014f470255964722ff3004b08a76a75ae42e808d02553e0156
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
631382bac5f8ac95f7b10cd5eed9a542ad733555595bc840ed13a5e52cd128a9
7b38a78897e81b9903a77fbf0bec8b3ad987bb6d6a2e79d79a106c94c9af6e9b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bd2593eae002b0e66695d4796a8b2ece6303654fab62e08cd72294b5ddb99ad7
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2798f151600e63249fe8ecb9e50ee6075ade8bfb5da57d2394bdfe091274ddc
f659e309d664d93658640dcd2fea15ef3c92d9beb6d6dbaf51d40f1e390e95a2