urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.office.com/g/VhMTwpaEKA
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84W...
Submission: On July 30 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4283.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on June 30th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 2620:1ec:a92:... 8068 (MICROSOFT...)
2 2001:489a:220... 8070 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 20.189.173.10 8075 (MICROSOFT...)
27 5
21    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
2    2001:489a:2206:20::2a (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    20.189.173.10 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
23 office.com
forms.office.com — Cisco Umbrella Rank: 4283
c.office.com — Cisco Umbrella Rank: 45451
579 KB
3 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144 Failed
761 B
2 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 354607
535 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
769 B
27 4
Domain Requested by
21 forms.office.com 1 redirects forms.office.com
3 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
2 lists.gcc.osi.office365.us
1 c.bing.com 1 redirects
27 5

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-06-30 -
2025-06-25		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2024-06-09 -
2025-06-09		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-16 -
2025-06-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Frame ID: F62D0B31FA8F95BB63A52352C4F7962A
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

August 5, 2024, at 12-1 PM- IALEIA Virtual Lunch & Learn with LexisNexis

Page URL History Show full URLs

  1. https://forms.office.com/g/VhMTwpaEKA HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

27
Requests

93 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1114 kB
Transfer

1852 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/g/VhMTwpaEKA HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&RedC=c.office.com&MXFR=183A1E6B0A5369A328AA0AA70E536250 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&MUID=183A1E6B0A5369A328AA0AA70E536250

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/g/VhMTwpaEKA
  • https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
437b31e61c013b8acbea9697ac985ac897df2ce34cd8e29a8da4e4841174264f
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-3cea38e5-e753-4f47-aa19-48b43a991f1f' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-3cea38e5-e753-4f47-aa19-48b43a991f1f' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 13:32:38 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-GCC" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
6ff31e68-eed1-4d72-b77e-a9479f23bb30
x-msedge-ref
Ref A: 8E99B6E333364E9BA9D3E58877C8E356 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.17922.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
6ff31e68-eed1-4d72-b77e-a9479f23bb30
x-routingofficecluster
eus2-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.17924.42055
x-routingsessionid
e19a2f50-cf33-433a-b187-37e851d933cf
x-usersessionid
e19a2f50-cf33-433a-b187-37e851d933cf

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 30 Jul 2024 13:32:37 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
212aacad-a23c-470a-9ff7-ac669bd16165
x-msedge-ref
Ref A: F0DC8EF205B1444A8FA714CAAB3C9BF5 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:37Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.17922.42053
x-routingcorrelationid
212aacad-a23c-470a-9ff7-ac669bd16165
x-routingofficecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.17922.42053
x-routingsessionid
4520ee78-9975-42da-9103-608603c3b0fd
x-usersessionid
4520ee78-9975-42da-9103-608603c3b0fd
ls-response.en-us.cd64fa4de.js
forms.office.com/gcc/cdn/scripts/dists/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.en-us.cd64fa4de.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
95d4e930a5bcc2902ddcb3422c38b1946400eea51a40de879b9f41f572124523

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:42 GMT
x-msedge-ref
Ref A: CF1107D035B44F9B8B773319E2E2C6CF Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D72965A16
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fb4c3644-f01e-0050-7d32-e24438000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
dll-dompurify.min.bcf1a85.js
forms.office.com/gcc/cdn/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:45:44 GMT
x-msedge-ref
Ref A: CF9A69FD208D41209D698476B7B97B69 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCAAB0C92BA869
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e08f4192-501e-002b-6f51-dd06a4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.min.2a4cc4c.js
forms.office.com/gcc/cdn/scripts/dists/ 		480 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c8804ddcf8314599bd0b03269ae555a623976b57f12fd755d71ec40702c1902

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: B7AD8DD58C7148ACB9A2257B7ED98AD9 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D358024FA
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f75b9d6-e01e-009c-5532-e2442f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
runtimeFormsWithResponses('DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u')
forms.office.com/formapi/api/512da10d-071b-4b94-8abc-9ec4044d1516/users/637587cd-67f1-4779-a804-5bff56773d44/light/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/512da10d-071b-4b94-8abc-9ec4044d1516/users/637587cd-67f1-4779-a804-5bff56773d44/light/runtimeFormsWithResponses('DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
573bb9398a732f2cc5bfc671c94fa9311acdba6ec91dd78ae07ed0ca87e6494b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
X-UserSessionId
e19a2f50-cf33-433a-b187-37e851d933cf
__RequestVerificationToken
7iONP8_Cdo5y8-Weq4rSuiAup2ky9p3ZlPLuJP8Q65VOpwoALZs5e2YT-xCOvbJ7mr7pa7iWv9pwE85F7zzt4AXVqprR8KGj2MtafOXVm3w1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 30 Jul 2024 13:32:38 GMT
x-officeversion
16.0.17922.42053
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9, FormsSingleBox_IN_0
x-routingofficeversion
16.0.17924.42055, 16.0.17922.42053
x-correlationid
63fb0b8b-31c7-43bc-848e-8bf849b8cb7d
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
e19a2f50-cf33-433a-b187-37e851d933cf
x-msedge-ref
Ref A: 588374DF558243E386D49223EEB9C0CD Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
63fb0b8b-31c7-43bc-848e-8bf849b8cb7d
x-routingsessionid
e19a2f50-cf33-433a-b187-37e851d933cf
x-robots-tag
noindex, nofollow
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.645e8f9.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
120 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.645e8f9.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 807FE788175C4BE6AD86D502521B7661 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D35635274
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
17080545-a01e-009b-3032-e2b2aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.68337d7.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.68337d7.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:37 GMT
x-msedge-ref
Ref A: 243B28B9D8A3451993FDB239970B607D Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D6FED9886
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f77dc7aa-501e-0049-7632-e2c483000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_groupnote.fc3e28f.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_groupnote.fc3e28f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 2E80B543ADA44768975FE26BDBD9182A Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D3562DD53
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e36a1621-501e-00a7-0532-e20671000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.4f82c0b.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.4f82c0b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:37 GMT
x-msedge-ref
Ref A: 8B5DC18EA4B54996883BC649E34F9151 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D6FE40654
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
42ec02e5-c01e-0029-3d32-e2b81c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.874788b.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.874788b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 4650AF08702445F79C755BF022A029FA Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D3566864B
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e5bab3da-a01e-0075-3b32-e2b829000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
favicon.ico
forms.office.com/gcc/cdn/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
last-modified
Tue, 23 Jul 2024 00:43:29 GMT
x-msedge-ref
Ref A: 25F3DE8DEA8E47E79359F2EE38FFABAC Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCAAB078C146DB
x-cache
TCP_HIT
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
82f11780-301e-0070-7ba0-dd4c56000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
7886
x-cid
7
light-response-page.chunk.lrp_ext.645e8f9.js
forms.office.com/gcc/cdn/scripts/dists/ 		389 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.645e8f9.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d04f23abdbb32aaba664fe059f44224937ef928afeeac44fde693595e65194e

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 807FE788175C4BE6AD86D502521B7661 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D35635274
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
17080545-a01e-009b-3032-e2b2aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.68337d7.js
forms.office.com/gcc/cdn/scripts/dists/ 		33 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.68337d7.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae24bd44e4ba0beee14d7eac5693b685b92cbebc6b9e343714c1fd8e64803c42

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:37 GMT
x-msedge-ref
Ref A: 243B28B9D8A3451993FDB239970B607D Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D6FED9886
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f77dc7aa-501e-0049-7632-e2c483000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_copilot.437a9f3.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_copilot.437a9f3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8213c36c2958a3f5e9ef00b5e5bbdc3539d2b8c48ba69a5c45f08301a13eeafc

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 5EDC4AB6AB704E78B7EF7C928FF61BDF Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCB02D355F8270
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
64fc19e8-501e-0042-2632-e21486000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.874788b.js
forms.office.com/gcc/cdn/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.874788b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3e09c00a7901d9c7bd5deff051286c37260148356ed6d4f48ce3fd0b225c435

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:38 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:18:59 GMT
x-msedge-ref
Ref A: 4650AF08702445F79C755BF022A029FA Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:38Z
etag
0x8DCB02D3566864B
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e5bab3da-a01e-0075-3b32-e2b829000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
31f84e66-ce50-4a77-9c35-fb941f0618b6
lists.gcc.osi.office365.us/Images/512da10d-071b-4b94-8abc-9ec4044d1516/637587cd-67f1-4779-a804-5bff56773d44/TAEFK1YZ2UA99RNWIMZY6DEKV1/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/512da10d-071b-4b94-8abc-9ec4044d1516/637587cd-67f1-4779-a804-5bff56773d44/TAEFK1YZ2UA99RNWIMZY6DEKV1/31f84e66-ce50-4a77-9c35-fb941f0618b6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49f77b1e89cd45167510b252996dd53ad3d153be09cc1b0e04e45d1877e7074a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 13:32:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17922.42105
content-type
image/jpeg
x-routingcorrelationid
dd3ce4ed-8f29-4edc-abf3-09df5dbb9a70
cache-control
no-cache
x-routingsessionid
04daa5c4-5217-4c2e-ac1c-dde508f82696
x-hivering
6
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_1
expires
-1
light-response-page.chunk.sw.a6ac500.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:44:18 GMT
x-msedge-ref
Ref A: 417AA214F6E34DEC9FAB8F3EEED4483D Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCAAB095D91862
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0311e426-a01e-005c-50a4-ddce6b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.officebrowserfeedback.750724f.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
144 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.officebrowserfeedback.750724f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:37 GMT
x-msedge-ref
Ref A: E1E55F26202844ABBDE726B3042BA9BB Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCB02D6FF5311A
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5ef42fb8-601e-0042-3e33-e23fe8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.1ds.a8079b3.js
forms.office.com/gcc/cdn/scripts/dists/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:45:47 GMT
x-msedge-ref
Ref A: E5E514EC18C249E0BBAEA5CBD940575C Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCAAB0CB002FAA
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ef621c2c-101e-002a-6463-dd5978000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.utel.05820d1.js
forms.office.com/gcc/cdn/scripts/dists/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.05820d1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.2a4cc4c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f113f5ed6205de687ebe9f5a75b5a46a800cc479db2583fe77fa57013ca18a55

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 00:20:37 GMT
x-msedge-ref
Ref A: 9B7F04440BAA442A8A556459625F3B41 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCB02D6FFB1DE7
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e96cfe8c-901e-0046-5932-e2b2ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&RedC=c.office.com&MXFR=183A1E6B0A5369A328AA0AA70E536250
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&MUID=183A1E6B0A5369A328AA0AA70E536250
42 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&MUID=183A1E6B0A5369A328AA0AA70E536250
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 13:32:39 GMT
last-modified
Tue, 25 Jun 2024 19:54:30 GMT
server
Microsoft-IIS/10.0
etag
"df9747e39c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 13:32:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 603D28278B4C43668C521A5FE7116876 Ref B: MIAEDGE1306 Ref C: 2024-07-30T13:32:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E5C70292F84E479087AB3CA406BB8101&MUID=183A1E6B0A5369A328AA0AA70E536250
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
96fec38f-72b9-4e0e-8df1-c6078a2854e8
lists.gcc.osi.office365.us/Images/512da10d-071b-4b94-8abc-9ec4044d1516/637587cd-67f1-4779-a804-5bff56773d44/TD6IU6ASU799DXQ3XO8YVXARHO/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/512da10d-071b-4b94-8abc-9ec4044d1516/637587cd-67f1-4779-a804-5bff56773d44/TD6IU6ASU799DXQ3XO8YVXARHO/96fec38f-72b9-4e0e-8df1-c6078a2854e8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d4ee70502de6f9f83176b1e86e7fbaa1178e11913932fd6d2bebeb7657a1b26
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 13:32:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17922.42105
content-type
image/png
x-routingcorrelationid
2933b8eb-87a1-47c6-aca1-a8651574a933
cache-control
no-cache
x-routingsessionid
146d9f63-277d-4eaf-abf3-b907b6e60280
x-hivering
6
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_1
expires
-1
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DaEtURsHlEuKvJ7EBE0VFs2HdWPxZ3lHqARb_1Z3PURURDZJVTZBU1U3OTlEWFEzWE84WVZYQVJITy4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 13:32:39 GMT
last-modified
Tue, 23 Jul 2024 00:45:11 GMT
x-msedge-ref
Ref A: 1C5FE1DF746A4B91B11A152B39E25945 Ref B: MIA301000106037 Ref C: 2024-07-30T13:32:39Z
etag
0x8DCAAB0B541267D
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9b877bda-a01e-0010-7f5f-dd4300000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
5895
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 30 Jul 2024 13:32:40 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
1fe615a244b78f1cf997dd18fb8ea68bfec588a0a47379be783d58a71665a78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1722346362293
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 13:32:43 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1534
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 30 Jul 2024 13:32:41 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 1588d435-4a33-4891-b3ce-3b4728453f24
forms.office.com/ Name: __RequestVerificationToken
Value: GJKEOyHaX3QVPRJ3rygJV1RImhJfxM38l9FXO7wm9kYUkfeVo0spmXNhAkau85J_iJhmFgRh8lVA0PWlQA_0mE660mQu2cgiZdA3ce87ItA1
.office.com/ Name: MUID
Value: 183A1E6B0A5369A328AA0AA70E536250
.bing.com/ Name: MUID
Value: 183A1E6B0A5369A328AA0AA70E536250
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 183A1E6B0A5369A328AA0AA70E536250
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=3b0542409692418393907329fcd60cdb&HASH=3b05&LV=202407&V=4&LU=1722346363827
.microsoft.com/ Name: MS0
Value: 803be4d970c94ff0844ca91a824b80f1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-3cea38e5-e753-4f47-aa19-48b43a991f1f' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
lists.gcc.osi.office365.us
browser.events.data.microsoft.com
20.110.205.119
20.189.173.10
2001:489a:2206:20::2a
2620:1ec:a92::194
2620:1ec:c11::237
1c8804ddcf8314599bd0b03269ae555a623976b57f12fd755d71ec40702c1902
1fe615a244b78f1cf997dd18fb8ea68bfec588a0a47379be783d58a71665a78b
437b31e61c013b8acbea9697ac985ac897df2ce34cd8e29a8da4e4841174264f
49f77b1e89cd45167510b252996dd53ad3d153be09cc1b0e04e45d1877e7074a
573bb9398a732f2cc5bfc671c94fa9311acdba6ec91dd78ae07ed0ca87e6494b
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5d04f23abdbb32aaba664fe059f44224937ef928afeeac44fde693595e65194e
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
8213c36c2958a3f5e9ef00b5e5bbdc3539d2b8c48ba69a5c45f08301a13eeafc
8d4ee70502de6f9f83176b1e86e7fbaa1178e11913932fd6d2bebeb7657a1b26
95d4e930a5bcc2902ddcb3422c38b1946400eea51a40de879b9f41f572124523
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ae24bd44e4ba0beee14d7eac5693b685b92cbebc6b9e343714c1fd8e64803c42
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f113f5ed6205de687ebe9f5a75b5a46a800cc479db2583fe77fa57013ca18a55
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f3e09c00a7901d9c7bd5deff051286c37260148356ed6d4f48ce3fd0b225c435