urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://surl.li/ujnhc/
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQ...
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2188.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on April 1st 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
17 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2a01:111:f100... 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
25 5
1    2606:4700:20::ac43:454c (United States)

ASN13335 (CLOUDFLARENET, US)
surl.li
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
17    2a02:26f0:e300::211:9328 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
1    2a01:111:f100:9001::1761:95ae (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
17 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9327
464 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 2188
lists.office.com — Cisco Umbrella Rank: 14224
c.office.com — Cisco Umbrella Rank: 23619
557 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
765 B
1 surl.li
surl.li — Cisco Umbrella Rank: 982772
1 KB
0 microsoft.com Failed
browser.events.data.microsoft.com Failed
25 5
Domain Requested by
17 cdn.forms.office.net forms.office.com
cdn.forms.office.net
3 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 lists.office.com
1 surl.li 1 redirects
0 browser.events.data.microsoft.com Failed cdn.forms.office.net
25 7

This site contains links to these domains. Also see Links.

Domain
www.championx.com
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-01 -
2025-03-27		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-16 -
2025-04-11		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-25 -
2025-05-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Frame ID: 81632408CB40B064F7FD74F1357D7BED
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RSVP Majlis Perkahwinan Syazwi & Nazirah

Page URL History Show full URLs

  1. http://surl.li/ujnhc/ HTTP 307
    https://surl.li/ujnhc/ HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

25
Requests

84 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

1021 kB
Transfer

1887 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://surl.li/ujnhc/ HTTP 307
    https://surl.li/ujnhc/ HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&RedC=c.office.com&MXFR=27460343707C6B73037F17D8747C60EB HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&MUID=27460343707C6B73037F17D8747C60EB

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • http://surl.li/ujnhc/
  • https://surl.li/ujnhc/
  • https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
65 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32159ff206e1cb41c38c92bbce5f2fec5e4f66642871a53f395ecb0c96a60cc5
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-20cc6e40-5829-4be4-9e8f-e0184c59884e' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-20cc6e40-5829-4be4-9e8f-e0184c59884e' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Tue, 11 Jun 2024 03:20:45 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
4e54d308-ab3c-40e4-81a1-74add0b86a33
x-msedge-ref
Ref A: 534FB6CD77CD469D9BDABF8F056ADFCB Ref B: AMS231032603049 Ref C: 2024-06-11T03:20:46Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.17806.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
4e54d308-ab3c-40e4-81a1-74add0b86a33
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.17806.42500
x-routingsessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
x-usersessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
891e7798ec866aa3-AMS
content-type
text/html
date
Tue, 11 Jun 2024 03:20:46 GMT
location
https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EV9AAcUlns3pyXS%2F5wdsjHmypDRlpWVYZ0cKCEMdzuz0qHUI3T7acftndHs%2B46NQ2YaDRnV2dTohOzT37LqsY4aYDHexPzAfM5qYBZVy32PXkIts9XwM2SAmHUWK08MUkXeKTsI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.2.15
ls-response.de.1e19d8e53.js
cdn.forms.office.net/forms/scripts/dists/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.1e19d8e53.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3f52994c64391412521b4fccfbcf0ecca715c712c6e99fd7f72d344efc6478e1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
SZRvJJuKSocdG3lUspq4uw==
content-length
13653
x-ms-lease-status
unlocked
last-modified
Fri, 31 May 2024 07:05:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC814012E7EBC2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ef1755e9-e01e-0048-2e2d-b39b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
57034ebe-501e-0051-662a-62b70c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.min.f31a577.js
cdn.forms.office.net/forms/scripts/dists/ 		476 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7cecb20801ceafd5d1cb9687295299f23066ab0f8e37ed563f21b3301ef4271c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
73WwymRKpJ8arxrm5QMUtQ==
content-length
128280
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 05:55:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC85ED4B4DC662
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7f48ff48-601e-0059-79e4-b7ac7f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
runtimeFormsWithResponses('slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u')
forms.office.com/formapi/api/f43053b2-e911-4847-b825-5210584c418a/users/722f32a3-b9d0-4deb-9faa-4b78ed76a801/light/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/f43053b2-e911-4847-b825-5210584c418a/users/722f32a3-b9d0-4deb-9faa-4b78ed76a801/light/runtimeFormsWithResponses('slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6139d1f8e78817ef68743163d8d1b378e5011d7c16b290afd08ad28da3a347a4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-UserSessionId
e71069bc-2ddb-48bb-a5eb-3385442c8339
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
__RequestVerificationToken
K-Ntzlm_SMiEYxw-aNprVy1ZCFjBYhqA46aeXlUU1zmFPgZ7Z09faZjUr8INN6kPADzJdwwrcwpOlNzuhtItsalH-_xIUDsiR4Fr0AVnTAI1
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 11 Jun 2024 03:20:47 GMT
x-officeversion
16.0.17806.42500
x-officefe
FormsSingleBox_IN_8
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.17806.42500
x-correlationid
4e4858ef-c858-45aa-8605-778c99fd0e9b
x-officecluster
neu-101.forms.office.com
x-usersessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
x-msedge-ref
Ref A: 8D76A23BC266461D8A8BD9C11CBCF3DC Ref B: AMS231032603049 Ref C: 2024-06-11T03:20:46Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
4e4858ef-c858-45aa-8605-778c99fd0e9b
x-routingsessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.lrp_ext.ed841cd.js
cdn.forms.office.net/forms/scripts/dists/ 		0
106 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.ed841cd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
W8+5i3W//qWhEI38L6xByw==
content-length
107962
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 05:55:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC85ED4B39CC1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1051a62-601e-001d-1ce4-b77013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_saveresponse.f4765f5.js
cdn.forms.office.net/forms/scripts/dists/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.f4765f5.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
0WWT/mbExKyHeu9t9xWiBg==
content-length
9307
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1D076F7E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b764469d-b01e-0036-2607-b704ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_groupnote.62e1d7e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.62e1d7e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
EE3Ho/6hFwBuKh14abVU5g==
content-length
1606
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1CFFF687
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c80f214-c01e-0010-0d07-b79f1f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_cover.1e73883.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.1e73883.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
qnyGP9CUtrPHRWkux3rflQ==
content-length
17964
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1CFD10C0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54b0a868-e01e-0048-7e07-b79b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_post.boot.c5f2116.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c5f2116.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
7PCm88AMzmfhSsPZwwbj1Q==
content-length
5058
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1D07E49F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76b924e4-f01e-0018-0c07-b7846c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Sun, 28 Apr 2024 06:15:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC674AAC6815D2
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
608a1107-a01e-0000-74ad-99a9f9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_ext.ed841cd.js
cdn.forms.office.net/forms/scripts/dists/ 		382 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.ed841cd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1dafb300dc7bd53e96ff6a444b217e3dab12ac7de336fead73aa02b2927dba3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
W8+5i3W//qWhEI38L6xByw==
content-length
107962
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 05:55:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC85ED4B39CC1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1051a62-601e-001d-1ce4-b77013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_cover.1e73883.js
cdn.forms.office.net/forms/scripts/dists/ 		70 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.1e73883.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ddea9bed550a9cba2e641166ad963f9a2900f53d0348f7fd86dee25ab1e9869d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
qnyGP9CUtrPHRWkux3rflQ==
content-length
17964
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1CFD10C0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54b0a868-e01e-0048-7e07-b79b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
light-response-page.chunk.lrp_post.boot.c5f2116.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c5f2116.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
393f1eae2dc0211b540101c57ea9b7afde64729d0b9998c807b4a9744aae645b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:46 GMT
content-encoding
br
content-md5
7PCm88AMzmfhSsPZwwbj1Q==
content-length
5058
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1D07E49F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76b924e4-f01e-0018-0c07-b7846c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:46 GMT
3b2106ff-1ac6-430b-a9d9-60f5c9e7ed36
lists.office.com/Images/f43053b2-e911-4847-b825-5210584c418a/722f32a3-b9d0-4deb-9faa-4b78ed76a801/T3WWFUAC61VL6UD4DXTC8MLJV5/ 		532 KB
533 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/f43053b2-e911-4847-b825-5210584c418a/722f32a3-b9d0-4deb-9faa-4b78ed76a801/T3WWFUAC61VL6UD4DXTC8MLJV5/3b2106ff-1ac6-430b-a9d9-60f5c9e7ed36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:95ae Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2552b6365edf11a4a7d201d7b19a2376df86e1cfcec7b973cbc78611fd970b9e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 03:20:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17730.42101
content-type
image/jpeg
x-routingcorrelationid
d3374a07-e763-4663-88d3-5b99769a9115
cache-control
no-cache
x-routingsessionid
f8f57461-b8af-49b6-a6c5-a86d551fd33e
x-hivering
3
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_3
expires
-1
light-response-page.chunk.officebrowserfeedback.41b11b6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.41b11b6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:48 GMT
content-encoding
br
content-md5
Px2z6jH3F+kBPhlbqWk+gA==
content-length
119614
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 04:58:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC851C1D0CC5E0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0b9d86e2-201e-001a-4c07-b78696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:48 GMT
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:48 GMT
content-encoding
br
content-md5
K1wotL4HRbGauz+Vu/VA/w==
content-length
34470
x-ms-lease-status
unlocked
last-modified
Wed, 21 Feb 2024 05:49:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC32A0EE652AE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
efdd5bd3-d01e-0062-7e8c-64ee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:48 GMT
light-response-page.chunk.utel.db19439.js
cdn.forms.office.net/forms/scripts/dists/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.db19439.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4cfa9e513e1ac77105e7bb82190cc8353b3a8afe36b94be615a9d3789ab2cad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:48 GMT
content-encoding
br
content-md5
XAEFssafDUSUdLizQT8eNA==
content-length
5771
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 05:06:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC845415C79C59
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1171db88-201e-001a-7b4c-b68696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:48 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&RedC=c.office.com&MXFR=27460343707C6B73037F17D8747C60EB
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&MUID=27460343707C6B73037F17D8747C60EB
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&MUID=27460343707C6B73037F17D8747C60EB
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 03:20:48 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 11 Jun 2024 03:20:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BD2CC53FBFFA4D01950D4D51E8E64300 Ref B: FRA31EDGE0818 Ref C: 2024-06-11T03:20:49Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E37DA5302ECE4470A909DCC77DCD59DC&MUID=27460343707C6B73037F17D8747C60EB
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/f43053b2-e911-4847-b825-5210584c418a/users/722f32a3-b9d0-4deb-9faa-4b78ed76a801/forms('slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u'... 		2 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/f43053b2-e911-4847-b825-5210584c418a/users/722f32a3-b9d0-4deb-9faa-4b78ed76a801/forms('slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.ed841cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ms-form-request-ring
business
Accept-Language
de-DE,de;q=0.9;q=0.9
authorization
odata-maxverion
4.0
sec-ch-ua-platform
"Win32"
odata-version
4.0
x-correlationid
83dbdd8c-60e8-4517-8407-120ca6a8c7e6
x-usersessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
x-ms-form-request-source
ms-formweb
__requestverificationtoken
K-Ntzlm_SMiEYxw-aNprVy1ZCFjBYhqA46aeXlUU1zmFPgZ7Z09faZjUr8INN6kPADzJdwwrcwpOlNzuhtItsalH-_xIUDsiR4Fr0AVnTAI1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 11 Jun 2024 03:20:48 GMT
x-officeversion
16.0.17806.42500
x-officefe
FormsSingleBox_IN_8
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.17806.42500
x-correlationid
83dbdd8c-60e8-4517-8407-120ca6a8c7e6
x-officecluster
neu-101.forms.office.com
x-usersessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
x-msedge-ref
Ref A: 9373294A8EAB4A1A8AB3698665D569B5 Ref B: AMS231032603049 Ref C: 2024-06-11T03:20:48Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
83dbdd8c-60e8-4517-8407-120ca6a8c7e6
x-routingsessionid
e71069bc-2ddb-48bb-a5eb-3385442c8339
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:48 GMT
content-encoding
br
content-md5
nY8PCaNNXKMbNv65yICtKg==
content-length
585
x-ms-lease-status
unlocked
last-modified
Wed, 06 Mar 2024 05:29:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC3D9E71C8E737
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
afa56f50-f01e-0018-228c-6f846c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:48 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:48 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 05:32:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9EE3626888F3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a222bac8-a01e-0044-38dc-d07595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:48 GMT
light-response-page.chunk.utel_1ds.8c643b5.js
cdn.forms.office.net/forms/scripts/dists/ 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel_1ds.8c643b5.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.f31a577.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
379ae5517779d017d8890a28f50e433327b4a0f606c69b39d4fea7a1e8c0cef7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2024 03:20:49 GMT
content-encoding
br
content-md5
l51n9e4rUMQUI6cTXQhbzw==
content-length
31764
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 05:06:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC845415CCA4B5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fae2fdd7-e01e-0048-1c4c-b69b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 11 Jun 2025 03:20:49 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
surl.li/ Name: XSRF-TOKEN
Value: eyJpdiI6InlLY1B4OEIxVE1QQVhra0h3a1h6UEE9PSIsInZhbHVlIjoiSFg2NERxd3d2dGtTcDhjcTJadEZURzBZVHRnYnFtNlBGTVYvTVJkTDJCdU9PVWk0dkg1TEZHZ21sZTdLNm5KT3NReFdGZlluUnVnQmQ1dzhhbmIxdFpvVnJWSVJnVFJFeFg3T1dwT1Q4Zm05c0lUdHkrU0Z4aTIyVmRPNmIvTWMiLCJtYWMiOiI3NDM3OWJiMjRjYzkwMWNhYWZmOGE4MjVhZDQ3ZTA3YmU2OTNkNWUyNDA4ZGQyNDNiMGJkYzk1ZTZjMzI3ODRiIiwidGFnIjoiIn0%3D
surl.li/ Name: surli_application_session
Value: eyJpdiI6ImlTM2hUSFNOYkFTY1hPbjZDelhRK0E9PSIsInZhbHVlIjoiSmZheGRDQnU3bS9NcWVzSHhjeFFDRXYxZVlBcW9WL1JQbnoyQVBURFZDQnZWWGFJMlF1ckVTK255TmNDakxnOGcwRTF3bXdXSXVybE5FQ0ZLWTgrVkQydnBJSDNoSHVLemxKbUxvODJ5d0V1TGphRVdZUXg1ZFdCSXhaT1orSWwiLCJtYWMiOiJmZTFlNmQ4MDk2MzRhOTFjYzk4ZjZhMjkzYWUyN2M3MGM4NDcyMDhmMDE4NTQwODZiM2NlNGQzOGUyMDA3OTI0IiwidGFnIjoiIn0%3D
forms.office.com/ Name: FormsWebSessionId
Value: 1ac874c0-aee2-4a27-992d-a25d1a6f8ed9
forms.office.com/ Name: __RequestVerificationToken
Value: imq_tcquqmDEH1RV-CZNuKwnzPrmPP0odRW3Lc3hR0CvG4DFnWGHPLV-VdfNf2xvavd21DrTUvGR7odKdLKYZwGzuojAEd5QUV3aWzTynGs1
.office.com/ Name: MUID
Value: 27460343707C6B73037F17D8747C60EB
.bing.com/ Name: MUID
Value: 27460343707C6B73037F17D8747C60EB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 27460343707C6B73037F17D8747C60EB
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0

3 Console Messages

Source Level URL
Text
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=slMw9BHpR0i4JVIQWExBiqMyL3LQuetNn6pLeO12qAFUM1dXRlVBQzYxVkw2VUQ0RFhUQzhNTEpWNS4u&origin=QRCode&qrcodeorigin=presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-20cc6e40-5829-4be4-9e8f-e0184c59884e' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
lists.office.com
surl.li
browser.events.data.microsoft.com
2606:4700:20::ac43:454c
2620:1ec:a92::194
2620:1ec:c11::237
2a01:111:f100:9001::1761:95ae
2a02:26f0:e300::211:9328
68.219.88.97
1dafb300dc7bd53e96ff6a444b217e3dab12ac7de336fead73aa02b2927dba3a
2552b6365edf11a4a7d201d7b19a2376df86e1cfcec7b973cbc78611fd970b9e
32159ff206e1cb41c38c92bbce5f2fec5e4f66642871a53f395ecb0c96a60cc5
379ae5517779d017d8890a28f50e433327b4a0f606c69b39d4fea7a1e8c0cef7
393f1eae2dc0211b540101c57ea9b7afde64729d0b9998c807b4a9744aae645b
3f52994c64391412521b4fccfbcf0ecca715c712c6e99fd7f72d344efc6478e1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
6139d1f8e78817ef68743163d8d1b378e5011d7c16b290afd08ad28da3a347a4
7cecb20801ceafd5d1cb9687295299f23066ab0f8e37ed563f21b3301ef4271c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
d4cfa9e513e1ac77105e7bb82190cc8353b3a8afe36b94be615a9d3789ab2cad
ddea9bed550a9cba2e641166ad963f9a2900f53d0348f7fd86dee25ab1e9869d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1