urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://adobenoidasmb.ormimas.com/api/mailings/click/PMRGSZBCHIYTANBUGY4DOOJMEJ2XE3BCHIRGQ5DUOBZTULZPMZXXE3LTFZXWMZTJMNSS4Y3PNUXXE...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMM...
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6737.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.240.52.74 16509 (AMAZON-02)
1 5 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.109.88.76 8075 (MICROSOFT...)
1 2620:1ec:46::44 8075 (MICROSOFT...)
7 20.42.72.131 8075 (MICROSOFT...)
35 6
1    44.240.52.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-74.us-west-2.compute.amazonaws.com
adobenoidasmb.ormimas.com
5    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:e300::211:9340 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.109.88.76 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
1    2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
7    20.42.72.131 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10638
558 KB
8 office.com
forms.office.com — Cisco Umbrella Rank: 6737
c.office.com — Cisco Umbrella Rank: 26269
lists.office.com — Cisco Umbrella Rank: 15818
72 KB
7 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 194
2 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1834
77 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 258
739 B
1 ormimas.com
adobenoidasmb.ormimas.com — Cisco Umbrella Rank: 996777
138 B
35 6
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
5 forms.office.com 1 redirects forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 lists.office.com
1 c.bing.com 1 redirects
1 adobenoidasmb.ormimas.com 1 redirects
35 8

This site contains links to these domains. Also see Links.

Domain
www.adobe.com
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
lists.office.com
Microsoft Azure TLS Issuing CA 05		 2023-01-11 -
2024-01-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-06-21 -
2024-06-15		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2023-06-06 -
2024-05-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Frame ID: 85AFB8393DE1E80FCE6C7FDF7F6AC0B7
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Request a Personalized Demo - Customize Your Experience

Page URL History Show full URLs

  1. https://adobenoidasmb.ormimas.com/api/mailings/click/PMRGSZBCHIYTANBUGY4DOOJMEJ2XE3BCHIRGQ5DUOBZTULZPMZXXE3LTF... HTTP 302
    https://forms.office.com/r/01xL0GH5Vv HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRU... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

6
IPs

4
Countries

709 kB
Transfer

1341 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://adobenoidasmb.ormimas.com/api/mailings/click/PMRGSZBCHIYTANBUGY4DOOJMEJ2XE3BCHIRGQ5DUOBZTULZPMZXXE3LTFZXWMZTJMNSS4Y3PNUXXELZQGF4EYMCHJA2VM5RCFQRG64THEI5CEYTDMM4DANDGG4WTCZJUMUWTIYTGG4WWEZBSGUWTCYTGGRQTQOBUMIYDMZJCFQRHMZLSONUW63RCHIRDIIRMEJZWSZZCHIRFKS3CFVXTG3KOKFGWST3KMR3G4T2FGNSFK3ZXJB2UON3QPEZHOVZUKVBXKQLSNNZFA3SFHURH2=== HTTP 302
    https://forms.office.com/r/01xL0GH5Vv HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&RedC=c.office.com&MXFR=2D7434E183D16E2F03D527A287D165F4 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&MUID=2D7434E183D16E2F03D527A287D165F4

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://adobenoidasmb.ormimas.com/api/mailings/click/PMRGSZBCHIYTANBUGY4DOOJMEJ2XE3BCHIRGQ5DUOBZTULZPMZXXE3LTFZXWMZTJMNSS4Y3PNUXXELZQGF4EYMCHJA2VM5RCFQRG64THEI5CEYTDMM4DANDGG4WTCZJUMUWTIYTGG4WWEZBS...
  • https://forms.office.com/r/01xL0GH5Vv
  • https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
61 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59e275da7e29020096c38a87e78a52d85d464a0eab283208c841f32f590b857a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 12:39:22 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
9855b3d5-4f8c-4145-a596-d108c5876e65
x-msedge-ref
Ref A: 9BEA2FDF567440819BB9B33675668BB1 Ref B: AMS231032605035 Ref C: 2023-07-03T12:39:22Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.16625.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
9855b3d5-4f8c-4145-a596-d108c5876e65
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.16625.42500
x-routingsessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-usersessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 03 Jul 2023 12:39:22 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
b8dfab47-cf3d-403f-994d-f22326b33288
x-msedge-ref
Ref A: 74C27C3EA519416DAF51BEB989151A9C Ref B: AMS231032605035 Ref C: 2023-07-03T12:39:22Z
x-officecluster
eus2-101.forms.office.com
x-officefe
FormIntelligenceService_IN_3
x-officeversion
16.0.16625.42500
x-usersessionid
b8dfab47-cf3d-403f-994d-f22326b33288
ls-response.de.321267df4.js
cdn.forms.office.net/forms/scripts/dists/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.321267df4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
496b5d32021592eccddd98614343ef1635155defadaf44a58bcb224a62bbc2cb

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:22 GMT
content-encoding
br
content-md5
NiiGJpa/Vo2xWC8X3R+qug==
content-length
12777
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A026CB21FB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f18490d6-c01e-001b-1d95-a9876b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:22 GMT
dll-dompurify.min.3c32c70.js
cdn.forms.office.net/forms/scripts/dists/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:22 GMT
content-encoding
br
content-md5
oxUBT686mhsG6wWk22Bvig==
content-length
6037
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 08:48:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5845D4D45F35
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
86b62bb7-a01e-0022-151a-8cc7cf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:22 GMT
light-response-page.min.9aca5bb.js
cdn.forms.office.net/forms/scripts/dists/ 		405 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e571e4cc9ede5d8fbcdd2e2dcb5f07195388d98b8d1d4b3d502f91e7499684c

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:22 GMT
content-encoding
br
content-md5
e253sqQHAuvVvqV01ntjXA==
content-length
113886
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024F327FF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44be6a80-401e-000a-0394-a9b070000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:22 GMT
runtimeFormsWithResponses('Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u')
forms.office.com/formapi/api/fa7b1b5a-7b34-4387-94ae-d2c178decee1/users/84a81f17-4dad-4724-b20e-56824a1a4158/light/ 		21 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/fa7b1b5a-7b34-4387-94ae-d2c178decee1/users/84a81f17-4dad-4724-b20e-56824a1a4158/light/runtimeFormsWithResponses('Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67abf8ceb3fa5ab2ce89a170f33759f0f80e34144b850b6640634a8598a03a36
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
X-UserSessionId
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
V53x660pco4DQli0lZlWDogZfPSjBlV6DqshnbnSwdWdntADwIPZshdYQfXGqOg_-EJaEG02k_uxCCte6u0Fj02bUWhVXhIi_WgIwgU94qs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 03 Jul 2023 12:39:23 GMT
x-officeversion
16.0.16625.42500
x-officefe
FormsSingleBox_IN_10
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.16625.42500
x-correlationid
83fa6998-2727-4eee-a490-ff69369b30b0
x-officecluster
neu-101.forms.office.com
x-usersessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-msedge-ref
Ref A: 467AE85C382D420285802612BDFB4208 Ref B: AMS231032605035 Ref C: 2023-07-03T12:39:22Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
83fa6998-2727-4eee-a490-ff69369b30b0
x-routingsessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.lrp_ext.3e715de.js
cdn.forms.office.net/forms/scripts/dists/ 		0
95 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3e715de.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
8LTv4BARHKoltM+k164vmw==
content-length
97201
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024D1C268
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2f24aa4d-001e-0006-7794-a95e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_phishing.d0b8f55.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.d0b8f55.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
3CATu6oCXGk1/lumFmxEPQ==
content-length
2466
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024D7DBF4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5a33116-701e-0009-6794-a9b377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_saveresponse.c5e99b8.js
cdn.forms.office.net/forms/scripts/dists/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.c5e99b8.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
g+keS5+ye/u0Y149iQ3Nxg==
content-length
8012
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024DB0FC8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6a050505-e01e-006a-0f94-a9f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_cover.714226d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.714226d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
5rS0bsUTDwOOLS9TqpyTTQ==
content-length
17113
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024CC1DF6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7745baa3-a01e-0066-2d94-a91ba3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_post.boot.79d98be.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.79d98be.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
N+aeU7Q+5j0Y52K8g6JLAw==
content-length
4848
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024DA4CA4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6dac085e-101e-0030-7094-a9f3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_ext.3e715de.js
cdn.forms.office.net/forms/scripts/dists/ 		325 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3e715de.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a45b548c5f3cfba6edce228c0f5bcb83e20085186b12fad01ddea30b0ac4e022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
8LTv4BARHKoltM+k164vmw==
content-length
97201
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024D1C268
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2f24aa4d-001e-0006-7794-a95e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_phishing.d0b8f55.js
cdn.forms.office.net/forms/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.d0b8f55.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9eb7961e62949a76664896edfb5e046bf976a8ea7d631428d51e9f8bd318a97c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
3CATu6oCXGk1/lumFmxEPQ==
content-length
2466
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024D7DBF4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5a33116-701e-0009-6794-a9b377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_saveresponse.c5e99b8.js
cdn.forms.office.net/forms/scripts/dists/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.c5e99b8.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
85c1f68740d03fcf213dbf4acacb0058cc82ca6a3053dfe58240c82f291bb0e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
g+keS5+ye/u0Y149iQ3Nxg==
content-length
8012
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024DB0FC8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6a050505-e01e-006a-0f94-a9f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_post.boot.79d98be.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.79d98be.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1532ebdf78269ad8e9bcbf9203b2bc877f14fc7f51cf3618682a936420a13b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
N+aeU7Q+5j0Y52K8g6JLAw==
content-length
4848
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024DA4CA4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6dac085e-101e-0030-7094-a9f3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_poll.bc2a760.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.bc2a760.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3073f53e02900e7482c46f6e3d13ec424c0718315d57d07ee1d093da63b50eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
oWaoQSV/QpUbgwkXLZ/pyw==
content-length
4276
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024D8C635
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
37e1a1fc-201e-0055-7d94-a9428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.sw.cc78b7e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.cc78b7e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
/bST3o0meRKqWr0QEug+yw==
content-length
587
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B40D055
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
57037bc4-e01e-0043-2980-a28310000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:36:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F429D278D
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
37d913e3-701e-0002-3ce3-18ab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d731798e-101e-003b-240e-78eba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.officebrowserfeedback.39bdf71.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
g077WZtojOm9a9CkyPtrow==
content-length
107103
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 04:56:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB55C9E92A04E9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
26c06687-c01e-0010-15be-879f1f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
content-length
1754
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DAFBC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b8b4828-401e-004e-0dc4-6d6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.1ds.37175a1.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
PqnFnxXbSt+XKL+eCr6cgw==
content-length
33797
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 04:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB68A25C1B3429
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e951ee2f-d01e-0069-1194-9af655000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
light-response-page.chunk.utel.0f008aa.js
cdn.forms.office.net/forms/scripts/dists/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.0f008aa.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc06e1cb4760e02443f2b5628c3e9e9da4cdac600987c1b800e31142364b0d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
jX6y8kx2w2+tWZ+pZQJ2HQ==
content-length
7163
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 06:22:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB76D6E5E9670A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0bd9839c-001e-0006-21c6-a85e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&RedC=c.office.com&MXFR=2D7434E183D16E2F03D527A287D165F4
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&MUID=2D7434E183D16E2F03D527A287D165F4
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&MUID=2D7434E183D16E2F03D527A287D165F4
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 12:39:23 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 12:39:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 264E4711901344F7862DA5AABADCD098 Ref B: FRAEDGE1909 Ref C: 2023-07-03T12:39:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F533CC2A39FC44F4AC71040D622407DD&MUID=2D7434E183D16E2F03D527A287D165F4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
10d109dc-c249-4213-88ed-271add8ac9ae
lists.office.com/Images/fa7b1b5a-7b34-4387-94ae-d2c178decee1/84a81f17-4dad-4724-b20e-56824a1a4158/TECQPCV99QVJMRBODEL02T1Y88/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/fa7b1b5a-7b34-4387-94ae-d2c178decee1/84a81f17-4dad-4724-b20e-56824a1a4158/TECQPCV99QVJMRBODEL02T1Y88/10d109dc-c249-4213-88ed-271add8ac9ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.76 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b020930d69540540f08cfd04ba070a8c19ac88685c09f57e23002c715763f770
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 12:39:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16626.42105
content-type
image/png
x-routingcorrelationid
37af80e3-8cc3-48d4-9f99-34cad1f445ec
cache-control
no-cache
x-routingsessionid
fb95d61b-5bea-4019-80b3-97b97028e182
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
expires
-1
'de'
forms.office.com/formapi/api/fa7b1b5a-7b34-4387-94ae-d2c178decee1/users/84a81f17-4dad-4724-b20e-56824a1a4158/forms('Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u'... 		2 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/fa7b1b5a-7b34-4387-94ae-d2c178decee1/users/84a81f17-4dad-4724-b20e-56824a1a4158/forms('Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3e715de.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
892b4873-3da6-44d9-8809-c174ceb6abbe
x-usersessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-ms-form-request-ring
business
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
V53x660pco4DQli0lZlWDogZfPSjBlV6DqshnbnSwdWdntADwIPZshdYQfXGqOg_-EJaEG02k_uxCCte6u0Fj02bUWhVXhIi_WgIwgU94qs1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 03 Jul 2023 12:39:23 GMT
x-officeversion
16.0.16625.42500
x-officefe
FormsSingleBox_IN_10
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.16625.42500
x-correlationid
892b4873-3da6-44d9-8809-c174ceb6abbe
x-officecluster
neu-101.forms.office.com
x-usersessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-msedge-ref
Ref A: 9F4E74DA282A4E368FABC5F16E992167 Ref B: AMS231032605035 Ref C: 2023-07-03T12:39:23Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
892b4873-3da6-44d9-8809-c174ceb6abbe
x-routingsessionid
5ac0dbb8-0593-4d1d-abfd-8a56c1f9393f
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.lrp_trial.47a6140.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.47a6140.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9aca5bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9340 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
content-md5
S3UsyfbHOOG4WcnztkFcPg==
content-length
16047
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 06:23:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB77A024DD8067
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2c658ae5-001e-0024-6794-a930b7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 12:39:23 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		180 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.79d98be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 12:39:24 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
vary
Accept-Encoding
x-azure-ref
20230703T123924Z-mvghswr08p6zt88zuvu5da7qew000000014000000001h3sb
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5aaad07d-901e-00df-55ca-a925f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=Wht7-jR7h0OUrtLBeN7O4RcfqIStTSRHsg5WgkoaQVhURUNRUENWOTlRVkpNUkJPREVMMDJUMVk4OC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 12:39:23 GMT
content-encoding
br
last-modified
Thu, 29 Jun 2023 07:48:53 GMT
x-msedge-ref
Ref A: 4572E34E278D404DA8141004F5E6C7A6 Ref B: AMS231032605035 Ref C: 2023-07-03T12:39:24Z
etag
0x8DB787548E6B011
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a8bf5e9e-801e-004f-035c-ade2e0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 12:39:24 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
75f478152f3fb1f6936d6928b2cdbc2b93fd32e02ca16dd0bba36c0b8944c014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688387965124
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 12:39:25 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
229
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 12:39:25 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
69dbf9c957277ec26f8b610c5b7165b13450e29dd2e589a89cc46dbac3f6ecba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688387966125
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
229
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 12:39:25 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
134
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 12:39:26 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
8da6481143cfb35de0b233d1c52f47afa04c86dea905fef8684216c088108a6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688387966147
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 12:39:26 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
206
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
154
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 12:39:26 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: e5ad73d5-0926-4136-94be-34b91ef209d5
.forms.office.com/ Name: RpsAuthNonce
Value: e5ad73d5-0926-4136-94be-34b91ef209d5
forms.office.com/ Name: __RequestVerificationToken
Value: OBqCCC6ckTQ7WqvAfPKuvqOLU2_YFTGJS_HyZ-QLO6Stk_8b4QP7dGhyDNUMZ4dtk8o4w1BPyKtXB_N4h8-jb4xNaw9izpfkQti5iNmjp7I1
.office.com/ Name: MUID
Value: 2D7434E183D16E2F03D527A287D165F4
.bing.com/ Name: MUID
Value: 2D7434E183D16E2F03D527A287D165F4
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2D7434E183D16E2F03D527A287D165F4
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
forms.office.com/ Name: ai_session
Value: W7LhnIyQWqyJrU6TXgJdIy|1688387964120|1688387964120
.microsoft.com/ Name: MC1
Value: GUID=ebefc519134e4c24879594ec88e5ff42&HASH=ebef&LV=202307&V=4&LU=1688387965353
.microsoft.com/ Name: MS0
Value: a84e3dd1e9fa4175ade5262b5ed6fc67
forms.office.com/ Name: MSFPC
Value: GUID=ebefc519134e4c24879594ec88e5ff42&HASH=ebef&LV=202307&V=4&LU=1688387965353

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adobenoidasmb.ormimas.com
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
20.42.72.131
2620:1ec:46::44
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:e300::211:9340
44.240.52.74
52.109.88.76
68.219.88.97
1532ebdf78269ad8e9bcbf9203b2bc877f14fc7f51cf3618682a936420a13b22
3073f53e02900e7482c46f6e3d13ec424c0718315d57d07ee1d093da63b50eaa
496b5d32021592eccddd98614343ef1635155defadaf44a58bcb224a62bbc2cb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50
59e275da7e29020096c38a87e78a52d85d464a0eab283208c841f32f590b857a
67abf8ceb3fa5ab2ce89a170f33759f0f80e34144b850b6640634a8598a03a36
69dbf9c957277ec26f8b610c5b7165b13450e29dd2e589a89cc46dbac3f6ecba
75f478152f3fb1f6936d6928b2cdbc2b93fd32e02ca16dd0bba36c0b8944c014
7e571e4cc9ede5d8fbcdd2e2dcb5f07195388d98b8d1d4b3d502f91e7499684c
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
85c1f68740d03fcf213dbf4acacb0058cc82ca6a3053dfe58240c82f291bb0e6
8da6481143cfb35de0b233d1c52f47afa04c86dea905fef8684216c088108a6b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eb7961e62949a76664896edfb5e046bf976a8ea7d631428d51e9f8bd318a97c
a45b548c5f3cfba6edce228c0f5bcb83e20085186b12fad01ddea30b0ac4e022
b020930d69540540f08cfd04ba070a8c19ac88685c09f57e23002c715763f770
bc06e1cb4760e02443f2b5628c3e9e9da4cdac600987c1b800e31142364b0d04
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40