urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:4::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.362362c.aqualuxcentral.com/#aHR0cHM6Ly9mb3Jtcy5vZmZpY2UuY29tL1BhZ2VzL1Jlc3BvbnNlUGFnZS5hc3B4P2lkPUhIcFJLRDcwUDAtdl90c3NheTB...
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT...
Submission: On January 27 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2620:1ec:4::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.136.17.102 58820 (IDNIC-PTA...)
2 2620:1ec:4::194 8068 (MICROSOFT...)
11 23.55.163.70 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 40.77.226.250 8075 (MICROSOFT...)
1 52.114.128.9 8075 (MICROSOFT...)
19 8
1    103.136.17.102 (Indonesia)

ASN58820 (IDNIC-PTAMI-AS-ID APIK Media Networks, ID)
www.362362c.aqualuxcentral.com
2    2620:1ec:4::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
11    23.55.163.70 (United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az725175.vo.msecnd.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    52.114.128.9 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
11 cdn.forms.office.net forms.office.com
cdn.forms.office.net
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 c.office.com 1 redirects
2 forms.office.com www.362362c.aqualuxcentral.com
forms.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 az725175.vo.msecnd.net cdn.forms.office.net
1 www.362362c.aqualuxcentral.com
19 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
GlobalSign Organization Validation CA - SHA256 - G3		 2020-02-19 -
2022-02-19		 2 years crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 01		 2020-10-07 -
2021-10-07		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
Frame ID: BCF00E9A55DB9F1592FBDD6AD9985FE1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.362362c.aqualuxcentral.com/ Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQ... Page URL

Page Statistics

19
Requests

95 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

308 kB
Transfer

766 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.362362c.aqualuxcentral.com/ Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&RedC=c.office.com&MXFR=0A59FEE462B8666502A7F12866B86D7F HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&MUID=0A59FEE462B8666502A7F12866B86D7F

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.362362c.aqualuxcentral.com/ 		634 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.362362c.aqualuxcentral.com/?
Protocol
HTTP/1.1
Server
103.136.17.102 , Indonesia, ASN58820 (IDNIC-PTAMI-AS-ID APIK Media Networks, ID),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
www.362362c.aqualuxcentral.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html
Last-Modified
Mon, 09 Nov 2020 20:12:34 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
359
Date
Wed, 27 Jan 2021 15:33:03 GMT
Server
LiteSpeed
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
Requested by
Host: www.362362c.aqualuxcentral.com
URL: http://www.362362c.aqualuxcentral.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96c3097c4b95034ba463bc3147c0c346277e5f212c4a9bd674db416901f4227d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://www.362362c.aqualuxcentral.com/?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.362362c.aqualuxcentral.com/?

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-length
16515
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Tue, 27-Apr-2021 15:33:09 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=1GrpQuWBa1c5gjn_N_AuGMJpmfRkzOBD9PDANlWmm1NwDcdzg_rwqWPqLoF7HcACtojBUyEB3Rl6xvGB6iIxgQXSfaTqkfeIyADjbE-u4_01; path=/; samesite=none; secure; HttpOnly AADNonce.forms=b26f191e-4944-4390-a3e2-5eced6a5a851.637473583890159163; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-routingofficecluster
neu-001.forms.office.com
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.13720.34202
x-routingsessionid
2553a6eb-451e-441d-ac49-961ee2b37f46
x-routingcorrelationid
fc19a93e-d961-4141-84f8-293b93b771aa
x-correlationid
fc19a93e-d961-4141-84f8-293b93b771aa
x-usersessionid
2553a6eb-451e-441d-ac49-961ee2b37f46
x-officefe
FormsSingleBox_IN_11
x-officeversion
16.0.13720.34202
x-officecluster
neu-001.forms.office.com
x-failurereason
MissingCookieOrToken
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-aspnet-version
x-powered-by
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-msedge-ref
Ref A: 6836323E748544BFA015D83B1EF4EC3E Ref B: VIEEDGE1415 Ref C: 2021-01-27T15:33:09Z
date
Wed, 27 Jan 2021 15:33:08 GMT
light-response-page.min.da0c3d6.css
cdn.forms.office.net/forms/css/dist/ 		122 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.da0c3d6.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e4dc50e1e146624f54534ad44dda16c2ffc8a11f971dac0fed6ee362f599c2a

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
BgRW7QEyWkT3YUgqO4/U5w==
content-length
21251
x-ms-lease-status
unlocked
last-modified
Tue, 19 Jan 2021 05:47:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8BC3DBA92C4F9
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
59310a80-701e-0092-6a47-eec362000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.min.90a17c0.js
cdn.forms.office.net/forms/scripts/dists/ 		232 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dea4e539a29b035ef94df2ffae4a71212bfe4dfc108b54ba87192d525ac43d3a

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
TMO1e/ZcjkpWCWrnF2ZkZg==
content-length
64020
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jan 2021 05:32:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C1BBCB4091CA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
626b6aa8-901e-013d-2eb3-f3a7a7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
runtimeForms('HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u')
forms.office.com/formapi/api/28517a1c-f43e-4f3f-affe-db2c6b2d2063/users/44b588e6-21fe-4d32-9c09-89139ad50d76/light/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/28517a1c-f43e-4f3f-affe-db2c6b2d2063/users/44b588e6-21fe-4d32-9c09-89139ad50d76/light/runtimeForms('HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b13704d67aa1b93d05b76cc479b44b405afb3151466cf627cf7eabdfad47b1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
X-UserSessionId
2553a6eb-451e-441d-ac49-961ee2b37f46
__RequestVerificationToken
Mjasw_n5peeX9YwhgH60vITK2tgfn4ALOKXleKMjjtv4LlAMBAaryIXbShya2MnV6dQp_xpPFXy-GDBcG94xqjX9DdU62clnN5zX9dCsa4k1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
x-officeversion
16.0.13720.34202
x-officefe
FormsSingleBox_IN_13, FormsSingleBox_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1593
x-routingofficefe
FormsSingleBox_IN_2
pragma
no-cache
x-routingofficeversion
16.0.13720.34202
x-correlationid
43df0c80-af59-454a-9df1-2062d27b2491
x-officecluster
neu-001.forms.office.com
x-usersessionid
2553a6eb-451e-441d-ac49-961ee2b37f46
x-powered-by
date
Wed, 27 Jan 2021 15:33:08 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
43df0c80-af59-454a-9df1-2062d27b2491
cache-control
no-cache
x-failurereason
MissingCookieOrToken
x-routingsessionid
2553a6eb-451e-441d-ac49-961ee2b37f46
x-msedge-ref
Ref A: 908B2315B3554B69BFC8D2733C70AFE6 Ref B: VIEEDGE1415 Ref C: 2021-01-27T15:33:09Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-001.forms.office.com
expires
-1
light-response-page.chunk.vendors.fa5c30c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.fa5c30c.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
BcXn6Ztlssgza/YJFfSbaA==
content-length
43213
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jan 2021 05:57:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C0F6292474CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec9b1e5f-e01e-0072-6fee-f225ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.ext.eea4b48.js
cdn.forms.office.net/forms/scripts/dists/ 		0
42 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.eea4b48.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
RGKUXXdhB/Ca0KUzIp/V8w==
content-length
42023
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jan 2021 05:32:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C1BBCAF5230C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9a486d02-501e-00e3-18b3-f3b15b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.post.boot.192cab2.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.192cab2.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
l2rHx6qK7uUDLXiCc9x99Q==
content-length
3452
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jan 2021 05:32:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C1BBCB08D5BA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e4810ef9-a01e-003a-49b3-f31777000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.vendors.fa5c30c.js
cdn.forms.office.net/forms/scripts/dists/ 		133 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.fa5c30c.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
85bcdc93f63226065332fdb6c3ce45bdb1ef4a42b42bf3d6fe36e5759c090bd3

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
BcXn6Ztlssgza/YJFfSbaA==
content-length
43213
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jan 2021 05:57:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C0F6292474CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec9b1e5f-e01e-0072-6fee-f225ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.ext.eea4b48.js
cdn.forms.office.net/forms/scripts/dists/ 		158 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.eea4b48.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
850d542d6ce49cecf713b926233726c4539bb271308ef51c556467f3e92d259b

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
RGKUXXdhB/Ca0KUzIp/V8w==
content-length
42023
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jan 2021 05:32:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C1BBCAF5230C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9a486d02-501e-00e3-18b3-f3b15b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.post.boot.192cab2.js
cdn.forms.office.net/forms/scripts/dists/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.192cab2.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd6206c7e7d5db4f0d8597a5d6b7f99e6acf07280396e58f2fcc3a4c11e6c588

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
l2rHx6qK7uUDLXiCc9x99Q==
content-length
3452
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jan 2021 05:32:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C1BBCB08D5BA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e4810ef9-a01e-003a-49b3-f31777000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
ir_white.svg
cdn.forms.office.net/forms/images/ 		877 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/ir_white.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
370b218c01e76ac9b23f6dd4a95489803259321ef45ae44598838e5db90664be

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-md5
VG5Gh2nghg0JGmBE3y2bfg==
content-length
877
x-ms-lease-status
unlocked
last-modified
Tue, 22 Sep 2020 08:50:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D85ED49CB61EBD
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
329aa6f4-201e-008a-4fec-90eef7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
immersive-reader-icon.svg
cdn.forms.office.net/forms/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/immersive-reader-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ddb375b347ae88ac75633df5aa4edeb1bc054e452d94edf457899e7dc31f06b

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-md5
r1angkTJSDA+TsbrQ9UlBg==
content-length
1277
x-ms-lease-status
unlocked
last-modified
Mon, 21 Sep 2020 01:52:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D85DD10447A0E4
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
da0da26a-e01e-00fa-15ba-8f9d33000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
light-response-page.chunk.sw.dc1dfd8.js
cdn.forms.office.net/forms/scripts/dists/ 		746 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.dc1dfd8.js?ring=Business
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.90a17c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.70 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee411abe3cbfebb0f29eacc47da7d2bb0ce44b7f79b962cdeb4a1a0fff417303

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
br
content-md5
98T6ZDAGSmfxo0EP+Gpxvw==
content-length
345
x-ms-lease-status
unlocked
last-modified
Mon, 25 Jan 2021 05:57:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8C0F62920555E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4f4642d5-601e-0123-52ee-f27d4a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 27 Jan 2022 15:33:09 GMT
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.192cab2.js?ring=Business
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7E) /
Resource Hash
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jan 2021 15:33:09 GMT
content-encoding
gzip
content-md5
rYVFtUp9d7HvDgKvthWhBw==
age
1014
x-cache
HIT
content-length
18415
x-ms-lease-status
unlocked
last-modified
Thu, 12 Nov 2020 19:39:26 GMT
server
ECAcc (mil/6C7E)
etag
0x8D88742AA533F08
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
x-ms-request-id
882e0c1d-601e-0053-0dbf-f4d324000000
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin
https://forms.office.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&RedC=c.office.com&MXFR=0A59FEE462B8666502A7F12866B86D7F
  • https://c.office.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&MUID=0A59FEE462B8666502A7F12866B86D7F
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&MUID=0A59FEE462B8666502A7F12866B86D7F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jan 2021 15:33:09 GMT
last-modified
Tue, 12 Jan 2021 21:18:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3ad5376928e9d61:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 27 Jan 2021 15:33:09 GMT
x-msedge-ref
Ref A: 2B45CE4B3D8541148535D8A50A90F807 Ref B: FRAEDGE1310 Ref C: 2021-01-27T15:33:09Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=951E45E5A6F24912B9A9F75760F11DFC&MUID=0A59FEE462B8666502A7F12866B86D7F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-01-27T15%3A33%3A09.721Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%27de43d5e7-6fd8-463c-85d5-b68f2e7be66b%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DHHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u%27&-referrerUri=%27http%3A%2F%2Fwww.362362c.aqualuxcentral.com%2F%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27MICROSOFT%20TEAM%20ONLINE%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93033f35435c4643d56ceb93235bf6141e74b1d378bb8546dc9e29d0a0ae345d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jan 2021 15:33:09 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
n3sTvs1LwEmBEl8xIxey1Q.0
Content-Type
application/javascript
Content-Length
281
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D3a11703285f443baa63c3a1f73cc54fb%26HASH%3D3a11%26LV%3D202101%26V%3D4%26LU%3D1611761589889%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1611761591970&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.eea4b48.js?ring=Business
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.128.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=HHpRKD70P0-v_tssay0gY-aItUT-ITJNnAmJE5rVDXZUMDhKQzk1Q1U3REc1QjZLODBXT1RVM1MzVC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 27 Jan 2021 15:33:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
605
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache function| setPublicPath function| replaceChunkSrc object| webpackJsonp object| lrpIoC object| awa string| behaviorKey

3 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: AADNonce.forms
Value: b26f191e-4944-4390-a3e2-5eced6a5a851.637473583890159163
forms.office.com/ Name: __RequestVerificationToken
Value: 1GrpQuWBa1c5gjn_N_AuGMJpmfRkzOBD9PDANlWmm1NwDcdzg_rwqWPqLoF7HcACtojBUyEB3Rl6xvGB6iIxgQXSfaTqkfeIyADjbE-u4_01
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033