urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37di...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ...
Submission Tags: phishing
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2081.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on September 29th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
18 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2001:489a:220... 8070 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 52.178.17.234 8075 (MICROSOFT...)
24 4
1    2a02:26f0:ab00::214:8e6b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
links-2.govdelivery.com
18    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    2001:489a:2206:20::2a (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    52.178.17.234 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
20 office.com
forms.office.com — Cisco Umbrella Rank: 2081
c.office.com — Cisco Umbrella Rank: 18286
442 KB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 76
870 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
769 B
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 85146
113 KB
1 govdelivery.com
links-2.govdelivery.com — Cisco Umbrella Rank: 22617
255 B
24 5
Domain Requested by
18 forms.office.com forms.office.com
4 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 lists.gcc.osi.office365.us
1 links-2.govdelivery.com 1 redirects
24 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-09-29 -
2025-09-24		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2024-09-05 -
2025-09-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-09-14 -
2025-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Frame ID: F36E8664B010327418A686A48EC5A92C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Oral Health in All Policies

Page URL History Show full URLs

  1. https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGU... HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

556 kB
Transfer

1476 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u%26route=shorturl/2/01010192e8fce04b-71c62785-5c7f-4d25-ba68-fddee993dfb8-000000/fs3e5xLa_eZyEStS6PV75ztwWo02rjrH-8xGL9i9nSM=377 HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&RedC=c.office.com&MXFR=3BC798A685F4682917D08D8C81F463F2 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&MUID=3BC798A685F4682917D08D8C81F463F2

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u%26route=shorturl/2...
  • https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
914df771c87729fa1f75882f81f30d235462942d270b9b202b8e296b67644ace
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-72877367-c12f-42fa-84a2-8c2e1e4ec342' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-72877367-c12f-42fa-84a2-8c2e1e4ec342' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Fri, 01 Nov 2024 19:01:11 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-GCC" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
81b9804d-231c-4fd3-84ec-ddd0352b1e82
x-msedge-ref
Ref A: 65084492D74E4E74A0058362FDFB029D Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.18228.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
81b9804d-231c-4fd3-84ec-ddd0352b1e82
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.18227.42051
x-routingsessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
x-usersessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 01 Nov 2024 19:01:11 GMT
expires
Fri, 01 Nov 2024 19:01:11 GMT
location
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
pragma
no-cache
ls-response.de.3508566c2.js
forms.office.com/gcc/cdn/scripts/dists/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.3508566c2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF22981F05538
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 9383E34187014255B0CB83C6C40DD222 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
54090ce0-001e-0073-2045-284f51000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:38:46 GMT
x-ms-blob-type
BlockBlob
dll-dompurify.min.11aa374.js
forms.office.com/gcc/cdn/scripts/dists/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.11aa374.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF2297CE76920
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 232137CA09724D34B5D930C761334D52 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
3fd8d922-201e-00a3-7bfb-27f3f3000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:38:38 GMT
x-ms-blob-type
BlockBlob
light-response-page.min.634dd1d.js
forms.office.com/gcc/cdn/scripts/dists/ 		479 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8cc8a30ea4d642a1f36689b9e458e92c3d5b7bdae82253d709f2ba6193afb8a

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B9AC4384
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 858C98E1D6EA48A5A1B5F33D7A5464DE Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
d62bb9f3-401e-006a-2c9f-295e40000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:37 GMT
x-ms-blob-type
BlockBlob
runtimeFormsWithResponses('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')
forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/light/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/light/runtimeFormsWithResponses('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
51a3577ab31333059d20312cfbc72129588be63a6fd4f45111d631309ce3e8b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

X-UserSessionId
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type
application/json
__RequestVerificationToken
U7yvTpdoxDsKgOOR040OEglfoOk0pt52nPmXIbnRjvhw_TeSkyNSGhDbf0vYvXKQXC6aqB0HvnH5puPuvHZeFM2d4ISR1qFaXnTjyGCBUgU1

Response headers

x-officefe
FormsSingleBox_IN_1
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
x-routingcorrelationid
81ae48e1-1b55-4c45-8b0c-22345fa22500
x-usersessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 2160F5FF525C4787949DDB3ADF36AD5E Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-routingofficefe
FormsSingleBox_IN_1, FormsSingleBox_IN_1
x-routingofficeversion
16.0.18227.42051, 16.0.18228.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18228.42500
x-correlationid
81ae48e1-1b55-4c45-8b0c-22345fa22500
light-response-page.chunk.lrp_ext.9763998.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
127 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF12B84
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 6F5451AD611E4EDD9477CB2A4B7736C3 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
07fdf416-501e-008e-679f-297033000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.130cef2.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.130cef2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF4FB7A
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 9F929564589C4BA587D5233C20D93D92 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
0c79332b-901e-0054-139f-29d518000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_cover.83edd23.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.83edd23.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFEC2347
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: CC245176090E4FBB9BF6ECC809EEB2E6 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
72436b93-c01e-008b-139f-29844c000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.158f1c1.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.158f1c1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B993A722
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 4DA50CE53EFA4F3E8FA124E3548C35AC Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
08867616-e01e-003e-379f-291117000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:36 GMT
x-ms-blob-type
BlockBlob
favicon.ico
forms.office.com/gcc/cdn/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCF229634909AA
x-msedge-ref
Ref A: 0FBAB2078D4341E8893F2E9D364F6D49 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
6dd3ca36-101e-0001-20c7-273e6f000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
7886
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
image/x-icon
last-modified
Mon, 21 Oct 2024 23:37:55 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_ext.9763998.js
forms.office.com/gcc/cdn/scripts/dists/ 		420 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9ec4b44827e1211e5da1ddce231052f2488904c48de5b6a05e5d8ca96764509

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF12B84
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 6F5451AD611E4EDD9477CB2A4B7736C3 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
07fdf416-501e-008e-679f-297033000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.130cef2.js
forms.office.com/gcc/cdn/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.130cef2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44d94c65118236b49ceada980fc1e1be9cb3b90ebc343db335eb39d80dbc7070

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF4FB7A
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 9F929564589C4BA587D5233C20D93D92 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
0c79332b-901e-0054-139f-29d518000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.158f1c1.js
forms.office.com/gcc/cdn/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.158f1c1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52c294c0743f5261072eb6d021b1b082ba7c32b670c5f6de9a024ab081ba26b1

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B993A722
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 4DA50CE53EFA4F3E8FA124E3548C35AC Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:11Z
x-ms-request-id
08867616-e01e-003e-379f-291117000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:11 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:36 GMT
x-ms-blob-type
BlockBlob
d7499c06-25e7-43d1-bda1-62e6e2c8afee
lists.gcc.osi.office365.us/Images/eb14b046-24c4-4519-8f26-b89c2159828c/1d2158dc-76fb-462c-a213-729a961bf813/TENUDVJJ0YJ1UROC76TCLFAO9Z/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/eb14b046-24c4-4519-8f26-b89c2159828c/1d2158dc-76fb-462c-a213-729a961bf813/TENUDVJJ0YJ1UROC76TCLFAO9Z/d7499c06-25e7-43d1-bda1-62e6e2c8afee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7624ee3e0fabb742dc96f7d2025a0a8faee4a667126bb3f5805a5caa6371ad09
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_1
x-routingsessionid
0c178e6f-f0a1-4040-8c72-31300d3193c6
x-routingofficeversion
16.0.18228.42525
x-routingcorrelationid
8a751bdb-cd0d-4a62-98c5-337ff1cf28fd
x-officecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
image/jpeg
x-usersessionid
0c178e6f-f0a1-4040-8c72-31300d3193c6
x-officeversion
16.0.18228.42525
x-officefe
CollabDBReverseProxyWithMappingService_IN_0
light-response-page.chunk.sw.9c1bfed.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
891e1b89410a3c1b4cfb9089b060a8bcccc646a20c101308d840f7e36cd8f0c0

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B9A1C807
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 3C2686C1A0574E6CB2F5700E95BABB95 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:12Z
x-ms-request-id
c0701720-c01e-0039-6b8f-2c7d74000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:37 GMT
x-ms-blob-type
BlockBlob
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCF22963EB72FB
x-msedge-ref
Ref A: 1F35645B25E34D26A85580DFF55FA23B Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:12Z
x-ms-request-id
4277b541-a01e-0031-6c60-286445000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
5895
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
image/png
last-modified
Mon, 21 Oct 2024 23:37:56 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.1ds.4815435.js
forms.office.com/gcc/cdn/scripts/dists/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF2294D3E87C7
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 7866FDD089DD4AB194F454EF9240B6CA Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:12Z
x-ms-request-id
79d8b706-a01e-0010-272e-284300000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:37:18 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.utel.5faea0a.js
forms.office.com/gcc/cdn/scripts/dists/ 		139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.5faea0a.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
931239a6873ede7c93fe6c3cb436e0b0598ae87967efb850f50e8165b13e00ca

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2F006D2F5
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: DD2B2ABB47F54A6AB1179BC2674AA3C6 Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:12Z
x-ms-request-id
28becff4-b01e-0025-509f-29a721000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&RedC=c.office.com&MXFR=3BC798A685F4682917D08D8C81F463F2
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&MUID=3BC798A685F4682917D08D8C81F463F2
42 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&MUID=3BC798A685F4682917D08D8C81F463F2
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7B21929F750489B82926C2EA0A69541&MUID=3BC798A685F4682917D08D8C81F463F2
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E55259DFFFD4EB7A84FBBEA61C74F17 Ref B: FRAEDGE1922 Ref C: 2024-11-01T19:01:12Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 01 Nov 2024 19:01:12 GMT
x-powered-by
ASP.NET
'de'
forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/forms('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u'... 		2 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/forms('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

authorization
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
x-ms-form-request-ring
gcc
__requestverificationtoken
U7yvTpdoxDsKgOOR040OEglfoOk0pt52nPmXIbnRjvhw_TeSkyNSGhDbf0vYvXKQXC6aqB0HvnH5puPuvHZeFM2d4ISR1qFaXnTjyGCBUgU1
x-ms-form-request-source
ms-formweb
x-usersessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
odata-maxverion
4.0
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept
application/json
content-type
application/json
odata-version
4.0
x-correlationid
bb69eca0-4219-4f9c-b282-8e00d8c88ba8

Response headers

x-officefe
FormsSingleBox_IN_1
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
x-routingcorrelationid
bb69eca0-4219-4f9c-b282-8e00d8c88ba8
x-usersessionid
a14bd5dc-ae6c-4d5a-91a2-b723ace3e146
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 19:01:12 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 405F93AF6ACE4DEEB989727FDDE3B23B Ref B: AMS231032604051 Ref C: 2024-11-01T19:01:12Z
x-routingofficefe
FormsSingleBox_IN_3, FormsSingleBox_IN_1
x-routingofficeversion
16.0.18227.42051, 16.0.18228.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18228.42500
x-correlationid
bb69eca0-4219-4f9c-b282-8e00d8c88ba8
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		25 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1730487673308
time-delta-to-apply-millis
use-collector-delta
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
25
date
Fri, 01 Nov 2024 19:01:13 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
221
access-control-allow-headers
time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Fri, 01 Nov 2024 19:01:12 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c83245cf10aff07d96b023860e1657156d8a7f511bf3fdb2a03f464ffe0588eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1730487674796
time-delta-to-apply-millis
use-collector-delta
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
154
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date
Fri, 01 Nov 2024 19:01:14 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
155
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Fri, 01 Nov 2024 19:01:14 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_c3d1d8ca9cfb419112b9 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: ec01d1d8-f437-4516-bc54-703a49583876
forms.office.com/ Name: __RequestVerificationToken
Value: IHEdPU-0IOjkGFNeScjIKYqDxklHZe4BQfdUMEHQshEtsSWRYnyJ25p34tqlEfhULX-SH1oVnvORZtu9hTbQTKjQqsk6WxhmYeHDpdGgPJw1
.office.com/ Name: MUID
Value: 3BC798A685F4682917D08D8C81F463F2
.bing.com/ Name: MUID
Value: 3BC798A685F4682917D08D8C81F463F2
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3BC798A685F4682917D08D8C81F463F2
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=7b591360e75d4151b3982d597e35a644&HASH=7b59&LV=202411&V=4&LU=1730487674951
.microsoft.com/ Name: MS0
Value: 8de05aa5ea594f6690bf43b2a83943a8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-72877367-c12f-42fa-84a2-8c2e1e4ec342' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
links-2.govdelivery.com
lists.gcc.osi.office365.us
13.74.129.1
2001:489a:2206:20::2a
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:ab00::214:8e6b
52.178.17.234
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4
44d94c65118236b49ceada980fc1e1be9cb3b90ebc343db335eb39d80dbc7070
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51a3577ab31333059d20312cfbc72129588be63a6fd4f45111d631309ce3e8b6
52c294c0743f5261072eb6d021b1b082ba7c32b670c5f6de9a024ab081ba26b1
7624ee3e0fabb742dc96f7d2025a0a8faee4a667126bb3f5805a5caa6371ad09
891e1b89410a3c1b4cfb9089b060a8bcccc646a20c101308d840f7e36cd8f0c0
914df771c87729fa1f75882f81f30d235462942d270b9b202b8e296b67644ace
931239a6873ede7c93fe6c3cb436e0b0598ae87967efb850f50e8165b13e00ca
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c83245cf10aff07d96b023860e1657156d8a7f511bf3fdb2a03f464ffe0588eb
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f8cc8a30ea4d642a1f36689b9e458e92c3d5b7bdae82253d709f2ba6193afb8a
f9ec4b44827e1211e5da1ddce231052f2488904c48de5b6a05e5d8ca96764509