Submitted URL: https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37di...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ...
Submission Tags: phishing
Submission: On November 01 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2081.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on September 29th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
18 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2001:489a:220... 8070 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 52.178.17.234 8075 (MICROSOFT...)
24 4
Apex Domain
Subdomains
Transfer
20 office.com
forms.office.com — Cisco Umbrella Rank: 2081
c.office.com — Cisco Umbrella Rank: 18286
442 KB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 76
869 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
767 B
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 85146
113 KB
1 govdelivery.com
links-2.govdelivery.com — Cisco Umbrella Rank: 22617
255 B
24 5
Domain Requested by
18 forms.office.com forms.office.com
4 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 lists.gcc.osi.office365.us
1 links-2.govdelivery.com 1 redirects
24 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07
2024-09-29 -
2025-09-24
a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA
2024-09-05 -
2025-09-05
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07
2024-09-14 -
2025-09-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Frame ID: 3DCE46FF33B248EE44934172BEFED96D
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Oral Health in All Policies

Page URL History Show full URLs

  1. https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGU... HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

556 kB
Transfer

1476 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u%26route=shorturl/1/01010192e8fce04b-71c62785-5c7f-4d25-ba68-fddee993dfb8-000000/x6CDOsjDoXC20GDmEo6_Zc0wiePQ-H2IX21vyOGDEPQ=377 HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&RedC=c.office.com&MXFR=176E157A1D146A35201A0050191461E8 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&MUID=176E157A1D146A35201A0050191461E8

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://links-2.govdelivery.com/CL0/https:%2F%2Fforms.office.com%2Fpages%2Fresponsepage.aspx%3Fid=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u%26route=shorturl/1...
  • https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
54 KB
16 KB
Document
General
Full URL
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce51070fd47203fdc4528d82b89da78d8ce674a378740815919588a371827d98
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-1b7a22d0-bf1c-4060-bca4-106e3d022cf2' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-1b7a22d0-bf1c-4060-bca4-106e3d022cf2' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Fri, 01 Nov 2024 19:01:07 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-GCC" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
612833e8-af0a-48ba-a94e-e6ceaeda2cd8
x-msedge-ref
Ref A: 1B40D044BEAE4C088BFFB16FD7512AD2 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:07Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.18228.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
612833e8-af0a-48ba-a94e-e6ceaeda2cd8
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.18227.42051
x-routingsessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
x-usersessionid
547d71c7-882d-459f-9590-0345e9d8b0d2

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 01 Nov 2024 19:01:07 GMT
expires
Fri, 01 Nov 2024 19:01:07 GMT
location
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
pragma
no-cache
ls-response.de.3508566c2.js
forms.office.com/gcc/cdn/scripts/dists/
42 KB
14 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.3508566c2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF22981F05538
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: FE3F9B06EAFB4B9EA8109B70017755AF Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
54090ce0-001e-0073-2045-284f51000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:38:46 GMT
x-ms-blob-type
BlockBlob
dll-dompurify.min.11aa374.js
forms.office.com/gcc/cdn/scripts/dists/
44 KB
14 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.11aa374.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF2297CE76920
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 6ECE6453416B4EAE9CA895CFD8DE3685 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
3fd8d922-201e-00a3-7bfb-27f3f3000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:38:38 GMT
x-ms-blob-type
BlockBlob
light-response-page.min.634dd1d.js
forms.office.com/gcc/cdn/scripts/dists/
479 KB
140 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8cc8a30ea4d642a1f36689b9e458e92c3d5b7bdae82253d709f2ba6193afb8a

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Origin
https://forms.office.com
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B9AC4384
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 1D4DAD662B4042D99C4D845219745A5D Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
d62bb9f3-401e-006a-2c9f-295e40000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:37 GMT
x-ms-blob-type
BlockBlob
runtimeFormsWithResponses('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')
forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/light/
15 KB
4 KB
XHR
General
Full URL
https://forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/light/runtimeFormsWithResponses('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
51a3577ab31333059d20312cfbc72129588be63a6fd4f45111d631309ce3e8b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

X-UserSessionId
547d71c7-882d-459f-9590-0345e9d8b0d2
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type
application/json
__RequestVerificationToken
QZEJLBGEUYsmDCv_sMwAPJHRKGKsnSzhnR5NWzJYb7PuZdkwvJIQw_fgNvgww0llQbAz7TZAcPHrF6uwzHGQHCRvqyy15Qxa1cdDL7JJSsU1

Response headers

x-officefe
FormsSingleBox_IN_1
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
x-routingcorrelationid
1796e55c-7a70-4238-bd9f-639dfeeb5ad5
x-usersessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: C0701066E7ED4C7BAB02E8F192CAC911 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_2
x-routingofficeversion
16.0.18227.42051, 16.0.18228.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
weu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18228.42500
x-correlationid
1796e55c-7a70-4238-bd9f-639dfeeb5ad5
light-response-page.chunk.lrp_ext.9763998.js
forms.office.com/gcc/cdn/scripts/dists/
0
127 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF12B84
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 2A330DD6ED6D44F1BC8B0930265727B1 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
07fdf416-501e-008e-679f-297033000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.130cef2.js
forms.office.com/gcc/cdn/scripts/dists/
0
10 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.130cef2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF4FB7A
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 1E1D26C9F6854C07872D1C431EFE3714 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
0c79332b-901e-0054-139f-29d518000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_cover.83edd23.js
forms.office.com/gcc/cdn/scripts/dists/
0
19 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.83edd23.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFEC2347
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 470B04CB44D44FE38D135C287647BF4C Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
72436b93-c01e-008b-139f-29844c000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.158f1c1.js
forms.office.com/gcc/cdn/scripts/dists/
0
6 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.158f1c1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B993A722
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 59D8FFC2332C4758BA43EE58D884711F Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
08867616-e01e-003e-379f-291117000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:36 GMT
x-ms-blob-type
BlockBlob
favicon.ico
forms.office.com/gcc/cdn/images/
8 KB
8 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCF229634909AA
x-msedge-ref
Ref A: D1882EB138254B84A73A80B6728403F7 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
6dd3ca36-101e-0001-20c7-273e6f000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
7886
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
image/x-icon
last-modified
Mon, 21 Oct 2024 23:37:55 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_ext.9763998.js
forms.office.com/gcc/cdn/scripts/dists/
420 KB
0
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9ec4b44827e1211e5da1ddce231052f2488904c48de5b6a05e5d8ca96764509

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF12B84
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 2A330DD6ED6D44F1BC8B0930265727B1 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
07fdf416-501e-008e-679f-297033000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.130cef2.js
forms.office.com/gcc/cdn/scripts/dists/
32 KB
0
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.130cef2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44d94c65118236b49ceada980fc1e1be9cb3b90ebc343db335eb39d80dbc7070

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2EFF4FB7A
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 1E1D26C9F6854C07872D1C431EFE3714 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
0c79332b-901e-0054-139f-29d518000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.158f1c1.js
forms.office.com/gcc/cdn/scripts/dists/
15 KB
0
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.158f1c1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52c294c0743f5261072eb6d021b1b082ba7c32b670c5f6de9a024ab081ba26b1

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B993A722
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 59D8FFC2332C4758BA43EE58D884711F Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:08Z
x-ms-request-id
08867616-e01e-003e-379f-291117000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:07 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:36 GMT
x-ms-blob-type
BlockBlob
d7499c06-25e7-43d1-bda1-62e6e2c8afee
lists.gcc.osi.office365.us/Images/eb14b046-24c4-4519-8f26-b89c2159828c/1d2158dc-76fb-462c-a213-729a961bf813/TENUDVJJ0YJ1UROC76TCLFAO9Z/
112 KB
113 KB
Image
General
Full URL
https://lists.gcc.osi.office365.us/Images/eb14b046-24c4-4519-8f26-b89c2159828c/1d2158dc-76fb-462c-a213-729a961bf813/TENUDVJJ0YJ1UROC76TCLFAO9Z/d7499c06-25e7-43d1-bda1-62e6e2c8afee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7624ee3e0fabb742dc96f7d2025a0a8faee4a667126bb3f5805a5caa6371ad09
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
x-routingsessionid
e7167acf-4e3c-4715-bc71-decae38fe40f
x-routingofficeversion
16.0.18228.42525
x-routingcorrelationid
e8ed7a0e-4669-465e-9746-07e2c5af15d1
x-officecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
image/jpeg
x-usersessionid
e7167acf-4e3c-4715-bc71-decae38fe40f
x-officeversion
16.0.18228.42525
x-officefe
CollabDBReverseProxyWithMappingService_IN_0
light-response-page.chunk.sw.9c1bfed.js
forms.office.com/gcc/cdn/scripts/dists/
1 KB
1018 B
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
891e1b89410a3c1b4cfb9089b060a8bcccc646a20c101308d840f7e36cd8f0c0

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2B9A1C807
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 25A28678012947F49E372258A6D1CB94 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:09Z
x-ms-request-id
c0701720-c01e-0039-6b8f-2c7d74000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:43:37 GMT
x-ms-blob-type
BlockBlob
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/
6 KB
6 KB
Image
General
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCF22963EB72FB
x-msedge-ref
Ref A: 2FC5A8D5F23D4EA28818C4FC6C866E92 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:09Z
x-ms-request-id
4277b541-a01e-0031-6c60-286445000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
5895
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
image/png
last-modified
Mon, 21 Oct 2024 23:37:56 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.1ds.4815435.js
forms.office.com/gcc/cdn/scripts/dists/
108 KB
37 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF2294D3E87C7
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 900D244049D44861870A4559227D6E9C Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:09Z
x-ms-request-id
79d8b706-a01e-0010-272e-284300000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 23:37:18 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.utel.5faea0a.js
forms.office.com/gcc/cdn/scripts/dists/
139 KB
40 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.5faea0a.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.634dd1d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
931239a6873ede7c93fe6c3cb436e0b0598ae87967efb850f50e8165b13e00ca

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCF7B2F006D2F5
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 6D5E90D0F74E4DA688FC2696790C0962 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:09Z
x-ms-request-id
28becff4-b01e-0025-509f-29a721000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 00:45:08 GMT
x-ms-blob-type
BlockBlob
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&RedC=c.office.com&MXFR=176E157A1D146A35201A0050191461E8
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&MUID=176E157A1D146A35201A0050191461E8
42 B
333 B
Image
General
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&MUID=176E157A1D146A35201A0050191461E8
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Referer
https://forms.office.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=748FDEE85C0841EC87CF53A570CF85B1&MUID=176E157A1D146A35201A0050191461E8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3889063BA4384EBE996844B8A06E5B97 Ref B: FRAEDGE1708 Ref C: 2024-11-01T19:01:09Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 01 Nov 2024 19:01:09 GMT
x-powered-by
ASP.NET
'de'
forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/forms('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u'...
2 B
262 B
XHR
General
Full URL
https://forms.office.com/formapi/api/eb14b046-24c4-4519-8f26-b89c2159828c/users/1d2158dc-76fb-462c-a213-729a961bf813/forms('RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.9763998.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

authorization
Referer
https://forms.office.com/pages/responsepage.aspx?id=RrAU68QkGUWPJricIVmCjNxYIR37dixGohNympYb-BNURU5VRFZKSjBZSjFVUk9DNzZUQ0xGQU85Wi4u&route=shorturl
x-ms-form-request-ring
gcc
__requestverificationtoken
QZEJLBGEUYsmDCv_sMwAPJHRKGKsnSzhnR5NWzJYb7PuZdkwvJIQw_fgNvgww0llQbAz7TZAcPHrF6uwzHGQHCRvqyy15Qxa1cdDL7JJSsU1
x-ms-form-request-source
ms-formweb
x-usersessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
odata-maxverion
4.0
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept
application/json
content-type
application/json
odata-version
4.0
x-correlationid
8c0dd321-17b3-4c3e-a48e-0b5665133f27

Response headers

x-officefe
FormsSingleBox_IN_1
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
x-routingcorrelationid
8c0dd321-17b3-4c3e-a48e-0b5665133f27
x-usersessionid
547d71c7-882d-459f-9590-0345e9d8b0d2
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 19:01:08 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: D980F9305E05472A95324FE5B1ECB077 Ref B: AMS231032610053 Ref C: 2024-11-01T19:01:09Z
x-routingofficefe
FormsSingleBox_IN_0, FormsSingleBox_IN_2
x-routingofficeversion
16.0.18227.42051, 16.0.18228.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18228.42500
x-correlationid
8c0dd321-17b3-4c3e-a48e-0b5665133f27
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Fri, 01 Nov 2024 19:01:09 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/
25 B
292 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1730487670072
time-delta-to-apply-millis
use-collector-delta
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
25
date
Fri, 01 Nov 2024 19:01:09 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
462
access-control-allow-headers
time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/
154 B
577 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
eddf3761f5034de513c312265cd4177c97b49e1e31655d3cffd017a51cdf9cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1730487671558
time-delta-to-apply-millis
use-collector-delta
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
154
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date
Fri, 01 Nov 2024 19:01:10 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
85
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Fri, 01 Nov 2024 19:01:11 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_c3d1d8ca9cfb419112b9 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 1a64e5dc-c596-46c9-8168-279eed68560d
forms.office.com/ Name: __RequestVerificationToken
Value: zsyZGetKxNcPxIYMMH5f7GDYQ27VJ_9xZoWqAKElsefHQCxr1ygWX1cDjvRGrPnFy9uRCcq1sWnUVErEOSjz32E9SEpW7jtlXCTibPg0uMY1
.office.com/ Name: MUID
Value: 176E157A1D146A35201A0050191461E8
.bing.com/ Name: MUID
Value: 176E157A1D146A35201A0050191461E8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 176E157A1D146A35201A0050191461E8
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=5404aed2c65d4f6280c0178f1d6bac52&HASH=5404&LV=202411&V=4&LU=1730487671643
.microsoft.com/ Name: MS0
Value: 29cc701f6a9548cd9abcc12d4d697a59

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-1b7a22d0-bf1c-4060-bca4-106e3d022cf2' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
links-2.govdelivery.com
lists.gcc.osi.office365.us
13.74.129.1
2001:489a:2206:20::2a
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:ab00::214:8e4a
52.178.17.234
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4
44d94c65118236b49ceada980fc1e1be9cb3b90ebc343db335eb39d80dbc7070
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51a3577ab31333059d20312cfbc72129588be63a6fd4f45111d631309ce3e8b6
52c294c0743f5261072eb6d021b1b082ba7c32b670c5f6de9a024ab081ba26b1
7624ee3e0fabb742dc96f7d2025a0a8faee4a667126bb3f5805a5caa6371ad09
891e1b89410a3c1b4cfb9089b060a8bcccc646a20c101308d840f7e36cd8f0c0
931239a6873ede7c93fe6c3cb436e0b0598ae87967efb850f50e8165b13e00ca
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
ce51070fd47203fdc4528d82b89da78d8ce674a378740815919588a371827d98
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddf3761f5034de513c312265cd4177c97b49e1e31655d3cffd017a51cdf9cc6
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f8cc8a30ea4d642a1f36689b9e458e92c3d5b7bdae82253d709f2ba6193afb8a
f9ec4b44827e1211e5da1ddce231052f2488904c48de5b6a05e5d8ca96764509