urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ciclo-tech.com/
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWO...
Submission: On September 08 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 13165.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 160.153.131.195 20773 (GODADDY)
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
8 104.83.4.106 20940 (AKAMAI-ASN1)
2 52.109.68.85 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:46::45 8068 (MICROSOFT...)
5 52.178.17.3 8075 (MICROSOFT...)
20 7
1    160.153.131.195 (Amsterdam, Netherlands)

ASN20773 (GODADDY, DE)
PTR: ip-160-153-131-195.ip.secureserver.net
ciclo-tech.com
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
8    104.83.4.106 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-106.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    52.109.68.85 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
5    52.178.17.3 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
8 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 24530
237 KB
8 office.com
forms.office.com — Cisco Umbrella Rank: 13165
lists.office.com — Cisco Umbrella Rank: 41946
c.office.com — Cisco Umbrella Rank: 52864
192 KB
5 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 839
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 393
2 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 4587
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 408
664 B
1 ciclo-tech.com
ciclo-tech.com
144 B
20 6
Domain Requested by
8 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 browser.events.data.microsoft.com js.monitor.azure.com
4 forms.office.com 1 redirects forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
2 lists.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 ciclo-tech.com 1 redirects
20 9

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
lists.office.com
Microsoft RSA TLS CA 02		 2022-05-24 -
2023-05-24		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-06-26 -
2023-06-21		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2022-05-21 -
2023-05-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Frame ID: 0FD0A3E347FA1C1AE081FB59C20F5104
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

.-

Page URL History Show full URLs

  1. https://ciclo-tech.com/ HTTP 302
    https://forms.office.com/r/5f0Nfx5Kn4?email= HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LS... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

20
Requests

95 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

7
IPs

5
Countries

496 kB
Transfer

1070 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ciclo-tech.com/ HTTP 302
    https://forms.office.com/r/5f0Nfx5Kn4?email= HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&RedC=c.office.com&MXFR=18B9EA32E9DB6FA73E22F82BEDDB6465 HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&MUID=18B9EA32E9DB6FA73E22F82BEDDB6465

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://ciclo-tech.com/
  • https://forms.office.com/r/5f0Nfx5Kn4?email=
  • https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
534c30e7266ce636ee47821bb799be36ac8367e3d80f0215426f427548c9645d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
14100
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 13:01:18 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
030d2b19-1d52-4cfb-be6b-fd1e1860e8a2
x-failurereason
Unknown
x-msedge-ref
Ref A: AE9962013B0145CEA905BB8574CDF6E7 Ref B: AMS04EDGE2020 Ref C: 2022-09-08T13:01:18Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.15705.36676
x-robots-tag
noindex, nofollow
x-routingcorrelationid
030d2b19-1d52-4cfb-be6b-fd1e1860e8a2
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.15705.36676
x-routingsessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
x-usersessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 08 Sep 2022 13:01:18 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
36e761c5-0593-4fd7-bff8-0a055d636e5c
x-msedge-ref
Ref A: 102D188DD52D43DEA54B44D31E908B35 Ref B: AMS04EDGE2020 Ref C: 2022-09-08T13:01:18Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.15701.36677
x-usersessionid
36e761c5-0593-4fd7-bff8-0a055d636e5c
ls-response.nl.b0bdc03d3.js
cdn.forms.office.net/forms/scripts/dists/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.nl.b0bdc03d3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f36ef710a48ebc1fb8821de2d832d5a786c2023179c0c2834d25bedbfad763cc

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
+gHM2F4bjHpslkO1Pd858A==
content-length
8289
x-ms-lease-status
unlocked
last-modified
Tue, 06 Sep 2022 04:13:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA8FBE1AD28ADE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f2db8199-e01e-0048-2f81-c29b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.min.f1a5b38.css
cdn.forms.office.net/forms/css/dist/ 		139 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.f1a5b38.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7cc7871d666c218e4e9c487255def4174e7ddae1a68586320d0e001896951cea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
eZVfpCmXC8KiXgsvgG3QwA==
content-length
23045
x-ms-lease-status
unlocked
last-modified
Tue, 06 Sep 2022 04:12:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA8FBDFC2814C8
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7546d38e-401e-0067-467f-c21a5e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.min.b3504e2.js
cdn.forms.office.net/forms/scripts/dists/ 		277 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2ff1ce4734fa21a142be01922ca88b76f0b1592d0237de74d8eb4727341f5965

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
EjnqySjin6AkdRpJMBT0Sw==
content-length
81049
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 23:45:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA912B1CF969FB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
823eb5f1-401e-006c-7749-c3022a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
runtimeFormsWithResponses('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u')
forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/light/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/light/runtimeFormsWithResponses('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2a91b9bae2fbff40f76fc53f4cbbd1bc10e1b20df54a8f4e0db8f307b36d617
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
X-UserSessionId
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
accept-language
nl-NL,nl;q=0.9
__RequestVerificationToken
QLp5zneI6FVSfJ9nx_AEQnT7neah4B-hTK4KT2jyFHircoHitQWdSI4n7tjUs4DJCvT2OyykWWOknM5EImi-yisb6V7xmxd3boxSne7rYXo1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15701.36677
x-officefe
FormsSingleBox_IN_3
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.15701.36677
x-correlationid
1221b5d1-0bb9-4d5b-bd01-96c9226c15fa
x-officecluster
weu-101.forms.office.com
x-usersessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
date
Thu, 08 Sep 2022 13:01:19 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
1221b5d1-0bb9-4d5b-bd01-96c9226c15fa
x-routingsessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
x-msedge-ref
Ref A: A9EACA53D0EA4E80879FE1EE87B6A9A8 Ref B: AMS04EDGE2020 Ref C: 2022-09-08T13:01:18Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com
light-response-page.chunk.lrp_ext.d949f62.js
cdn.forms.office.net/forms/scripts/dists/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.d949f62.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
41HnTyIYj1DThw6nMw2OAg==
content-length
59108
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 23:45:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA912B1CF8F4E1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
924a9bb1-201e-0033-3749-c3f0d4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.chunk.lrp_post.boot.0b0a22c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0b0a22c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
6is8QuAdMrm1++sEQS8sMQ==
content-length
3926
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 23:45:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA912B1CF60F1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
41e288e2-901e-0021-0949-c3c4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.chunk.lrp_ext.d949f62.js
cdn.forms.office.net/forms/scripts/dists/ 		205 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.d949f62.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67544599c05d4b417a48e75241739993c54b2a4cc49e2571bfe29fe50a646211

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
41HnTyIYj1DThw6nMw2OAg==
content-length
59108
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 23:45:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA912B1CF8F4E1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
924a9bb1-201e-0033-3749-c3f0d4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.chunk.lrp_post.boot.0b0a22c.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0b0a22c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eda5cd8027ccfde284f47c10c79b4006c258fc48c9312fc7d0ed31f1189b2014

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
6is8QuAdMrm1++sEQS8sMQ==
content-length
3926
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 23:45:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA912B1CF60F1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
41e288e2-901e-0021-0949-c3c4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ 		945 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.1d1896c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.b3504e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Sep 2022 13:01:19 GMT
content-encoding
br
content-md5
NbTYEDd7scl+DuxIv4nXxA==
content-length
406
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 02:46:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA83E88CD44CAB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
649ecf48-001e-0006-730d-b65e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:01:19 GMT
0830e354-c8b2-4544-99d5-24a6bd756c4a
lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/0830e354-c8b2-4544-99d5-24a6bd756c4a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.85 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da7acc6b9d42ea5c03d6721f769bfb26a6ae43960c1d2191e265a5301a23bc3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:01:19 GMT
x-routingofficeversion
16.0.15626.36250
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
x-routingcorrelationid
fe460c2e-f1d4-4a96-a069-096dcfdaea1c
cache-control
no-cache
x-routingsessionid
ae0b99ce-fff9-42d3-a7ab-3133d2d7a81a
x-hivering
3
x-routingofficecluster
frc-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_4
expires
-1
36f26d28-dd07-4614-8d8e-a0fb4a9c2769
lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/36f26d28-dd07-4614-8d8e-a0fb4a9c2769
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.85 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2288e753882cc2b06878a3da785b143f356b27959178b1b3ff290b33505b8562
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:01:19 GMT
x-routingofficeversion
16.0.15626.36250
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
x-routingcorrelationid
3e77a7ff-cb12-44be-a42f-7a1795e7ec51
cache-control
no-cache
x-routingsessionid
d8ee73e0-0efa-4525-902f-5d658670d1ed
x-hivering
3
x-routingofficecluster
frc-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_4
expires
-1
'nl'
forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/forms('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u'... 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/forms('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u')/localeResource/'nl'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.d949f62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
a412be58-834c-4782-8d16-0bbdd3cf925e
x-usersessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
x-ms-form-request-ring
business
authorization
content-type
application/json
accept-language
nl-NL,nl;q=0.9
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
odata-maxverion
4.0
__requestverificationtoken
QLp5zneI6FVSfJ9nx_AEQnT7neah4B-hTK4KT2jyFHircoHitQWdSI4n7tjUs4DJCvT2OyykWWOknM5EImi-yisb6V7xmxd3boxSne7rYXo1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15701.36677
x-officefe
FormsSingleBox_IN_3
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.15701.36677
x-correlationid
a412be58-834c-4782-8d16-0bbdd3cf925e
x-officecluster
neu-101.forms.office.com
x-usersessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
date
Thu, 08 Sep 2022 13:01:19 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a412be58-834c-4782-8d16-0bbdd3cf925e
x-routingsessionid
aede2bdb-88fc-4c6b-91ea-31bf3ffe909d
x-msedge-ref
Ref A: B3C98DFE41C249649ECAFA37ECD564F7 Ref B: AMS04EDGE2020 Ref C: 2022-09-08T13:01:19Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&RedC=c.office.com&MXFR=18B9EA32E9DB6FA73E22F82BEDDB6465
  • https://c.office.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&MUID=18B9EA32E9DB6FA73E22F82BEDDB6465
42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&MUID=18B9EA32E9DB6FA73E22F82BEDDB6465
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:01:19 GMT
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"de363c295b2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:01:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8D6FC59C7060441BB9365E17F501A154 Ref B: AMBEDGE0718 Ref C: 2022-09-08T13:01:19Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&MUID=18B9EA32E9DB6FA73E22F82BEDDB6465
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0b0a22c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:01:18 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Wed, 31 Aug 2022 16:53:36 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.6.min.js
content-md5
7cu3ev19VA1NTXfpBIiLPA==
etag
0x8DA8B7159250BCA
x-azure-ref
0n+cZYwAAAADLgUsPtPEiTY3EC4RKQ4R1TE9OMjFFREdFMTcxMQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7874fdbf-201e-0030-6580-c356ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0b7ec81d52448b87872e37a7a74c620f6a2e76e7a6cc9579bcf76f3258e4ab62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1662642080531
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 08 Sep 2022 13:01:20 GMT
time-delta-millis
189
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 08 Sep 2022 13:01:20 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a46bfdb28eff58485e4c44059ad0fd3d42c05d4bb29994e437681af00e5d77ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1662642081532
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
time-delta-to-apply-millis
189
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 08 Sep 2022 13:01:21 GMT
time-delta-millis
95
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 08 Sep 2022 13:01:21 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1662642081878&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.d949f62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 08 Sep 2022 13:01:21 GMT
time-delta-millis
54
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

13 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: FormsWebSessionId
Value: 3bccf210-8212-4b26-a215-affd6058214f
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: Ylydx6xwu4dTn0SWukJvWUI1wQ2U_6SRZnQj9eEWPetTJb8x_nBfLxfIfeWn35H9maaLkN5tUpoOzfofPDH9hdekdJQW8FG1t4XzKTXOEW41
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: d707d598-4d92-46c8-940d-29bc644f8637
forms.office.com/ Name: ai_session
Value: 1fujL0/c4QSXa5zHkK9iv3|1662642079527|1662642079527
.office.com/ Name: MUID
Value: 18B9EA32E9DB6FA73E22F82BEDDB6465
.bing.com/ Name: MUID
Value: 18B9EA32E9DB6FA73E22F82BEDDB6465
.c.bing.com/ Name: SRM_B
Value: 18B9EA32E9DB6FA73E22F82BEDDB6465
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=0df615b90c1c44ac962dd78eb82f838b&HASH=0df6&LV=202209&V=4&LU=1662642080720
.microsoft.com/ Name: MS0
Value: 4b54849486c046d3a5e1ffe4e0a7e69d
forms.office.com/ Name: MSFPC
Value: GUID=0df615b90c1c44ac962dd78eb82f838b&HASH=0df6&LV=202209&V=4&LU=1662642080720

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
ciclo-tech.com
forms.office.com
js.monitor.azure.com
lists.office.com
104.83.4.106
160.153.131.195
20.234.93.27
2620:1ec:46::45
2620:1ec:a92::194
2620:1ec:c11::200
52.109.68.85
52.178.17.3
0b7ec81d52448b87872e37a7a74c620f6a2e76e7a6cc9579bcf76f3258e4ab62
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
2288e753882cc2b06878a3da785b143f356b27959178b1b3ff290b33505b8562
2ff1ce4734fa21a142be01922ca88b76f0b1592d0237de74d8eb4727341f5965
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
534c30e7266ce636ee47821bb799be36ac8367e3d80f0215426f427548c9645d
67544599c05d4b417a48e75241739993c54b2a4cc49e2571bfe29fe50a646211
7cc7871d666c218e4e9c487255def4174e7ddae1a68586320d0e001896951cea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a46bfdb28eff58485e4c44059ad0fd3d42c05d4bb29994e437681af00e5d77ab
da7acc6b9d42ea5c03d6721f769bfb26a6ae43960c1d2191e265a5301a23bc3a
e2a91b9bae2fbff40f76fc53f4cbbd1bc10e1b20df54a8f4e0db8f307b36d617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda5cd8027ccfde284f47c10c79b4006c258fc48c9312fc7d0ed31f1189b2014
f36ef710a48ebc1fb8821de2d832d5a786c2023179c0c2834d25bedbfad763cc