urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aka.ms/flow-mail
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ...
Submission: On January 19 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5847.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.87.130.101 16625 (AKAMAI-AS)
13 2620:1ec:a92:... 8068 (MICROSOFT...)
3 2.19.194.227 20940 (AKAMAI-ASN1)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
6 20.42.65.88 8075 (MICROSOFT...)
24 6
1    104.87.130.101 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-130-101.deploy.static.akamaitechnologies.com
aka.ms
13    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
3    2.19.194.227 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-194-227.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
6    20.42.65.88 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
15 office.com
forms.office.com — Cisco Umbrella Rank: 5847
c.office.com — Cisco Umbrella Rank: 22661
290 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 244
2 KB
3 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8409
121 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1673
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
662 B
1 aka.ms
aka.ms — Cisco Umbrella Rank: 6622
543 B
24 6
Domain Requested by
13 forms.office.com forms.office.com
cdn.forms.office.net
6 browser.events.data.microsoft.com js.monitor.azure.com
forms.office.com
3 cdn.forms.office.net forms.office.com
2 c.office.com 1 redirects
1 js.monitor.azure.com forms.office.com
1 c.bing.com 1 redirects
1 aka.ms 1 redirects
24 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-12-07 -
2023-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Frame ID: C7A68144ED8EC01F6E15B8B59742FA18
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manage PowerApps and Flows Subscription List

Page URL History Show full URLs

  1. http://aka.ms/flow-mail HTTP 307
    https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5Q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

478 kB
Transfer

1293 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aka.ms/flow-mail HTTP 307
    https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&RedC=c.office.com&MXFR=054CF946049761D50D1DEBD800976AAC HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&MUID=054CF946049761D50D1DEBD800976AAC

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • http://aka.ms/flow-mail
  • https://aka.ms/flow-mail
  • https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
052ce3336f74981570da90bf3b53565a58f4d103123747451933124abe545232
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 19 Jan 2023 07:23:49 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
6c359801-28a2-431f-ba5f-af94b8d0f648
x-msedge-ref
Ref A: 8144BB8BCE2945099ACE74C5EC898215 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
x-officecluster
wcus-100.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16118.42052
x-robots-tag
noindex, nofollow
x-routingcorrelationid
6c359801-28a2-431f-ba5f-af94b8d0f648
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.16117.42501
x-routingsessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-usersessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Jan 2023 07:23:50 GMT
Expires
Thu, 19 Jan 2023 07:23:50 GMT
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Pragma
no-cache
Request-Context
appId=cid-v1:7d63747b-487e-492a-872d-762362f77974
Server
Kestrel
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Response-Cache-Status
True
ls-response.de.c7382686d.js
cdn.forms.office.net/forms/scripts/dists/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.c7382686d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.194.227 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-194-227.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9d5e66de53d44df3ccaba626f3ab45b4437e8913c10b454815abeb26b4caf3ea

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
content-md5
xBgkCRLbCTfckiBNQSyFfg==
content-length
10064
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 05:14:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF912D9513C96
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4c11f05b-301e-0063-0d04-2befdc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 19 Jan 2024 07:23:50 GMT
light-response-page.min.6a4af9e.css
cdn.forms.office.net/forms/css/dist/ 		144 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.6a4af9e.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.194.227 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-194-227.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bea552e35fce839a40affa358b973dc549adb265cba6fb2f87181e83953db808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
content-md5
R+9v5r4F5mH/xcTsnRxWAA==
content-length
23635
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 05:13:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF912B822280C
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6ab1cdc4-501e-0073-0503-2bd93a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 19 Jan 2024 07:23:50 GMT
light-response-page.min.ad0195c.js
cdn.forms.office.net/forms/scripts/dists/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.194.227 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-194-227.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1be00b54213bd8770c2207d30861b392e161d5b5bda33a6e65703ba8d1fd3daf

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
content-md5
KHhLUdMUvm6fK3ykuyyi8g==
content-length
88579
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:59:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9D1875BB108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75489b28-201e-005e-2cd0-2b5afa000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 19 Jan 2024 07:23:50 GMT
runtimeFormsWithResponses('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')
forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/light/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/light/runtimeFormsWithResponses('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
24b75ce823293bfaacbc2492277534668e46f632ca00a0b6738127101b355a1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
X-UserSessionId
7b57df60-a48d-4d87-bc29-99fa99ff91ab
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
y5YD0btNNVCwyhwTXHhci0qe9lQ7Y4N_QYC7tMCbxlVX1RyJ0lhLLAUAiBJP8GMC2F-tDdexY1TqvInX0uQl2ce0zlB87F0RFdu7sKyYYmM1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 19 Jan 2023 07:23:49 GMT
x-officeversion
16.0.16118.42052
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16117.42501, 16.0.16118.42052
x-correlationid
0421ef8c-a651-40aa-847f-7807aac441a1
x-officecluster
wcus-100.forms.office.com
x-usersessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-msedge-ref
Ref A: 7613D06FEBFC4E36BF2117456DC1B4C2 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
0421ef8c-a651-40aa-847f-7807aac441a1
x-routingsessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com, wcus-100.forms.office.com
light-response-page.chunk.lrp_ext.a2bcc43.js
forms.office.com/cdn/scripts/dists/ 		0
65 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_ext.a2bcc43.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:49 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 37F7E686EB2744F0A3A8432B56B26FAA Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599BAF6988
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
440d00a5-a01e-0157-6974-2bc38a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.aebf46b.js
forms.office.com/cdn/scripts/dists/ 		0
37 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_cover.aebf46b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:49 GMT
content-encoding
br
x-cache
TCP_MISS
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:56:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 9409B134682C4D6284B22BEA9AC3AFD7 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9D12A274B3E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a8b1c428-801e-011d-49d6-2b6005000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.af9af54.js
forms.office.com/cdn/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.af9af54.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:49 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 712F807A70BD4EC285DF618C034B81EF Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599B994CB0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2e70cfa4-201e-00ff-4666-2ba329000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_ext.a2bcc43.js
forms.office.com/cdn/scripts/dists/ 		192 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_ext.a2bcc43.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
87c35e871e3b87e9c75eca7899d13cbcd2b3f3381e845a8e99119492ff2cf166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:49 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: B491ED31825A458F8A9816A9F1D6286B Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599BAF6988
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
440d00a5-a01e-0157-6974-2bc38a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.aebf46b.js
forms.office.com/cdn/scripts/dists/ 		126 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_cover.aebf46b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2924d561099140b6b717c6294f286f732f121bce6eea9bf72b2ab3993cb11274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:49 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:56:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 15F9CB79F3174CC382CE2262C322DE84 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9D12A274B3E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a8b1c428-801e-011d-49d6-2b6005000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.af9af54.js
forms.office.com/cdn/scripts/dists/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.af9af54.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b24f7b326518cef07d0c0dc8b77460d8a48fc07adb1c3e5703707a6d30728cf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 850D4CDD587E43A3A0533FD3B63E0393 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599B994CB0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2e70cfa4-201e-00ff-4666-2ba329000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.sw.0b67d9e.js
forms.office.com/cdn/scripts/dists/ 		1 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.sw.0b67d9e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: F97A2E99B12E42E5908F4350E909280A Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599BB1B323
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
343c658f-c01e-011c-0fab-2b3fd9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.min.6a4af9e.css
forms.office.com/cdn/css/dist/ 		144 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/css/dist/light-response-page.min.6a4af9e.css
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bea552e35fce839a40affa358b973dc549adb265cba6fb2f87181e83953db808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:55:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 66A09875227D4BBFB1F0A8865DF75CF9 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9D0F65F2421
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fe8ea00b-501e-0087-74d6-2b00d1000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.1ds.4a73f96.js
forms.office.com/cdn/scripts/dists/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ad0195c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:40:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: F1FDFED291674C12A774666E54DE9847 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
etag
0x8DAF9599B9D6ACB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3ae2ccc6-101e-00db-57ab-2b5589000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&RedC=c.office.com&MXFR=054CF946049761D50D1DEBD800976AAC
  • https://c.office.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&MUID=054CF946049761D50D1DEBD800976AAC
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&MUID=054CF946049761D50D1DEBD800976AAC
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 07:23:50 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
server
Microsoft-IIS/10.0
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 07:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A490633CC594F74A930C3CE7416D788 Ref B: FRAEDGE1312 Ref C: 2023-01-19T07:23:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=4E73078A51464B8D8F8BFEFB6535EFB5&MUID=054CF946049761D50D1DEBD800976AAC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/forms('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u'... 		2 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/forms('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_ext.a2bcc43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
aa478736-bb82-47b3-9a20-f5abfb938f97
x-usersessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-ms-form-request-ring
msft
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
y5YD0btNNVCwyhwTXHhci0qe9lQ7Y4N_QYC7tMCbxlVX1RyJ0lhLLAUAiBJP8GMC2F-tDdexY1TqvInX0uQl2ce0zlB87F0RFdu7sKyYYmM1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 19 Jan 2023 07:23:50 GMT
x-officeversion
16.0.16118.42052
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16117.42501, 16.0.16118.42052
x-correlationid
aa478736-bb82-47b3-9a20-f5abfb938f97
x-officecluster
wcus-100.forms.office.com
x-usersessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-msedge-ref
Ref A: 867311F05CA54023AA1B8EDE96C3F345 Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:50Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
aa478736-bb82-47b3-9a20-f5abfb938f97
x-routingsessionid
7b57df60-a48d-4d87-bc29-99fa99ff91ab
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com, wcus-100.forms.office.com
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.af9af54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-azure-ref-originshield
0hu7IYwAAAACH+MMsoxUkSqDn1h04qbIgRlJBMjMxMDUwNDE3MDI5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
yrkf9GZ1Xvz6HYOCdF/nTw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
etag
0x8DABD08CF2EB3C0
x-azure-ref
0B/DIYwAAAADcaKCM394tRqq1h45B56s0RlJBMzFFREdFMDQwNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
fdf2b889-c01e-00fe-75d5-2b9fc3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
wave-pattern-v1.svg
forms.office.com/cdn/images/aio/ 		2 KB
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/cdn/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Jan 2023 07:23:50 GMT
content-encoding
br
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Wed, 18 Jan 2023 13:39:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 2488328E97C344A0B84DEA89F25623AE Ref B: AMS231032602033 Ref C: 2023-01-19T07:23:51Z
etag
0x8DAF9597664DD12
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a87d1c34-801e-0132-5f74-2b6dce000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5e6c86eac91c7fc86e1ad61088ec46194673d46644a388f1c6e48aa068c369ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1674113032141
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 19 Jan 2023 07:23:52 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
710
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 19 Jan 2023 07:23:51 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e98c7bf9af62d60d5880a9cdf4d99317f64eeb424243287db62940fef78c4256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1674113033143
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
time-delta-to-apply-millis
710
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 19 Jan 2023 07:23:52 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
130
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 19 Jan 2023 07:23:52 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/cdn/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
58bf828f7f023f2cf9230dedca7d257b31d5cc9322fc66f9e614b2aae126adb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1674113033210
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 19 Jan 2023 07:23:52 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
157
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.88 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 19 Jan 2023 07:23:52 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

10 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: Qu94OMW8RVdRxgODlCyCJSJ6pRWn7OKT3EXDvmqRdvnMe7eEnLy6cNu7rxHaKNT46K1C5cOvmQgah5DNWWtm8H3fTVEFEB4jUUdhYcDlX_41
.office.com/ Name: MUID
Value: 054CF946049761D50D1DEBD800976AAC
forms.office.com/ Name: ai_session
Value: CUeWngD+C+qTISsLnsA+ND|1674113031137|1674113031137
.bing.com/ Name: MUID
Value: 054CF946049761D50D1DEBD800976AAC
.c.bing.com/ Name: SRM_B
Value: 054CF946049761D50D1DEBD800976AAC
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=6d370dba829248f8b980c2d7ce328799&HASH=6d37&LV=202301&V=4&LU=1674113032851
.microsoft.com/ Name: MS0
Value: b0e3533d895d4b988c5d13e3c41896b4
forms.office.com/ Name: MSFPC
Value: GUID=6d370dba829248f8b980c2d7ce328799&HASH=6d37&LV=202301&V=4&LU=1674113032851

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
104.87.130.101
2.19.194.227
20.234.93.27
20.42.65.88
2620:1ec:4f:1::44
2620:1ec:a92::194
2620:1ec:c11::200
052ce3336f74981570da90bf3b53565a58f4d103123747451933124abe545232
1be00b54213bd8770c2207d30861b392e161d5b5bda33a6e65703ba8d1fd3daf
24b75ce823293bfaacbc2492277534668e46f632ca00a0b6738127101b355a1a
2924d561099140b6b717c6294f286f732f121bce6eea9bf72b2ab3993cb11274
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58bf828f7f023f2cf9230dedca7d257b31d5cc9322fc66f9e614b2aae126adb1
5e6c86eac91c7fc86e1ad61088ec46194673d46644a388f1c6e48aa068c369ba
87c35e871e3b87e9c75eca7899d13cbcd2b3f3381e845a8e99119492ff2cf166
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d5e66de53d44df3ccaba626f3ab45b4437e8913c10b454815abeb26b4caf3ea
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8
b24f7b326518cef07d0c0dc8b77460d8a48fc07adb1c3e5703707a6d30728cf3
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5
bea552e35fce839a40affa358b973dc549adb265cba6fb2f87181e83953db808
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98c7bf9af62d60d5880a9cdf4d99317f64eeb424243287db62940fef78c4256