urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sanantonio.gov/dsd/survey.asp
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FW...
Submission: On August 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4283.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on June 30th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 161.226.176.43 3709 (NET-CITY-SA)
21 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2001:489a:220... 8070 (MICROSOFT...)
4 52.182.143.211 8075 (MICROSOFT...)
27 4
2    161.226.176.43 (United States)

ASN3709 (NET-CITY-SA, US)
PTR: reworkssa.org
www.sanantonio.gov
21    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2001:489a:2206:20::2a (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
4    52.182.143.211 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
23 office.com
forms.office.com — Cisco Umbrella Rank: 4283
c.office.com — Cisco Umbrella Rank: 45451
448 KB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144
872 B
2 sanantonio.gov
www.sanantonio.gov — Cisco Umbrella Rank: 794131
760 B
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 354607
41 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
771 B
27 5
Domain Requested by
21 forms.office.com forms.office.com
4 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
2 www.sanantonio.gov 2 redirects
1 lists.gcc.osi.office365.us
1 c.bing.com 1 redirects
27 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-06-30 -
2025-06-25		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2024-06-09 -
2025-06-09		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-03-30 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Frame ID: 0E50BC15B9E4987013BCE0E6CF668E7E
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Development Services Department Survey

Page URL History Show full URLs

  1. http://www.sanantonio.gov/dsd/survey.asp HTTP 307
    https://www.sanantonio.gov/dsd/survey.asp HTTP 307
    http://www.sanantonio.gov/dsd/survey.asp HTTP 301
    http://www.sanantonio.gov/DSD/About/Survey.aspx HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowS... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

27
Requests

96 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

490 kB
Transfer

1405 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sanantonio.gov/dsd/survey.asp HTTP 307
    https://www.sanantonio.gov/dsd/survey.asp HTTP 307
    http://www.sanantonio.gov/dsd/survey.asp HTTP 301
    http://www.sanantonio.gov/DSD/About/Survey.aspx HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&RedC=c.office.com&MXFR=1E2682301459681A2A9C96EA105963CA HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&MUID=1E2682301459681A2A9C96EA105963CA

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • http://www.sanantonio.gov/dsd/survey.asp
  • https://www.sanantonio.gov/dsd/survey.asp
  • http://www.sanantonio.gov/dsd/survey.asp
  • http://www.sanantonio.gov/DSD/About/Survey.aspx
  • https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
892756d2c097d1ad935a64a1ce959aa8e1a636c595d1709c99dcc3f057693f28
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-27d339d9-5e6b-4922-ac6a-fb20a50e0a53' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-27d339d9-5e6b-4922-ac6a-fb20a50e0a53' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 13:57:44 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-GCC" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
1ca14b82-99c1-471c-ac47-01b4f53773ca
x-msedge-ref
Ref A: 6D2E9636608A4CD783DEBFAD5A9C633F Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.18001.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
1ca14b82-99c1-471c-ac47-01b4f53773ca
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.18001.42053
x-routingsessionid
9561d345-fe39-437c-83eb-1f4ba9eb15c9
x-usersessionid
9561d345-fe39-437c-83eb-1f4ba9eb15c9

Redirect headers

Cache-Control
private
Content-Length
249
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Aug 2024 13:57:43 GMT
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
X-Powered-By
ASP.NET
X-Redirect-Reason
Tab External Url Requested
X-UA-Compatible
IE=edge
ls-response.de.a6896f307.js
forms.office.com/gcc/cdn/scripts/dists/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.a6896f307.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17f6004d54c7fb514c01a0b6b46feff94430e22aa8daae6e27ed3d8b382c9d57

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:11 GMT
x-msedge-ref
Ref A: C03163846F7844DD9982C1263B3BBFE5 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE69571A1
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b9b7b58-101e-00a0-5749-edf0f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
dll-dompurify.min.bcf1a85.js
forms.office.com/gcc/cdn/scripts/dists/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:45:44 GMT
x-msedge-ref
Ref A: 30260B2B60C24058BFDA5AFB3045664E Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCAAB0C92BA869
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d2f18abc-601e-0020-3134-ddfdcf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.min.fdf8ba5.js
forms.office.com/gcc/cdn/scripts/dists/ 		482 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
70e1404b13f7b424d1756000f429f4f23e02ca30830e9a21ddbe13ea14b59e65

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: 4527999C4A4941CBB750720F961386AE Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AAF498882
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a14cab84-801e-0007-6919-edea0b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
runtimeFormsWithResponses('TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u')
forms.office.com/formapi/api/1ab0214f-ac4a-4407-a7c6-2ef1eb76dac5/users/623cce7a-6bc8-4579-b124-ffad8a430deb/light/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/1ab0214f-ac4a-4407-a7c6-2ef1eb76dac5/users/623cce7a-6bc8-4579-b124-ffad8a430deb/light/runtimeFormsWithResponses('TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a20277a1572ffbe97c7d954eb0037d54a01e73cd865aade0b106649a8d14013
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
X-UserSessionId
9561d345-fe39-437c-83eb-1f4ba9eb15c9
__RequestVerificationToken
yL_TOg9HM0MhVxdcbmu4e2De4psK2CIvaNkUwLqRu2F3dAkgnxnq0KRJuiR4Cn7pQZAwz12zD3aZ1mynv48ejr0YhaYI9RUMb5qfNyXlJQM1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 13 Aug 2024 13:57:44 GMT
x-officeversion
16.0.18001.42053
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6, FormsSingleBox_IN_1
x-routingofficeversion
16.0.18001.42053, 16.0.18001.42053
x-correlationid
2400d37a-3825-436f-bba8-2d4ccabff8ef
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
9561d345-fe39-437c-83eb-1f4ba9eb15c9
x-msedge-ref
Ref A: C353280C006C41CFAE69DA5D4EE0B2D5 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
2400d37a-3825-436f-bba8-2d4ccabff8ef
x-routingsessionid
9561d345-fe39-437c-83eb-1f4ba9eb15c9
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.e38356c.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.e38356c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:06 GMT
x-msedge-ref
Ref A: DDA5AAC18CE84E4B8444104350538992 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE39D8975
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
72918f26-b01e-0043-7c19-ed157b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.2dfb698.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.2dfb698.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: E242898E02A942CD8E354335F71F7169 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AAF3BDC46
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
33a71dde-001e-0026-5a19-edce70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_groupnote.253a182.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_groupnote.253a182.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:06 GMT
x-msedge-ref
Ref A: 4067E399A1FA4D77A06DA4D31922B0BC Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE39C2A11
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
972739fb-101e-004e-1e19-edfa77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.f95a723.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.f95a723.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: 13088371A654461FA1B9A7D8684AEE2D Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AAF2780D3
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
19480349-401e-0008-0519-ed9c67000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.157d98e.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.157d98e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:06 GMT
x-msedge-ref
Ref A: 5499B527D58D4747A4CECBAD6FBB31C5 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE3A26AC1
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6ba38da9-901e-0039-7e19-ed7f36000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
favicon.ico
forms.office.com/gcc/cdn/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
last-modified
Tue, 23 Jul 2024 00:45:10 GMT
x-msedge-ref
Ref A: 61B3EC921A5145AC83067769D76F95B8 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCAAB0B4B92E67
x-cache
TCP_HIT
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
668fd65d-f01e-0050-1771-dd4438000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
7886
x-cid
7
light-response-page.chunk.lrp_ext.e38356c.js
forms.office.com/gcc/cdn/scripts/dists/ 		377 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.e38356c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2fe6a2352ff05bfe998d3a073fc7f2f885e3b9e7966e24cdd77e2b781d15180

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:06 GMT
x-msedge-ref
Ref A: DDA5AAC18CE84E4B8444104350538992 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE39D8975
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
72918f26-b01e-0043-7c19-ed157b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.2dfb698.js
forms.office.com/gcc/cdn/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.2dfb698.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc06474306a2ee072d2f08b9e52626b807afeede1da86ebb3744afc309cbd195

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: E242898E02A942CD8E354335F71F7169 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AAF3BDC46
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
33a71dde-001e-0026-5a19-edce70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_copilot.13e0f06.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_copilot.13e0f06.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58a39f75154427c07eb9b88adc2d5a70b09389e930efa9f4c1f39647a3c7de27

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: 6837656155214C169C98921C3A2ABEE4 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AAF24EBB3
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a2b59a73-f01e-006f-3f19-ed8c9b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.157d98e.js
forms.office.com/gcc/cdn/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.157d98e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f744526820029ffa391b02c4c544a616ca02112522824276d7b03b8523dc1da

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 00:00:06 GMT
x-msedge-ref
Ref A: 5499B527D58D4747A4CECBAD6FBB31C5 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:44Z
etag
0x8DCBB2AE3A26AC1
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6ba38da9-901e-0039-7e19-ed7f36000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
wave-pattern-v1.svg
forms.office.com/gcc/cdn/images/aio/ 		2 KB
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:45:06 GMT
x-msedge-ref
Ref A: FA412A4E70394941A8B3134861571ECC Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCAAB0B2845861
x-cache
TCP_HIT
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2f1c989-601e-0020-7f34-ddfdcf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.sw.a6ac500.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Tue, 23 Jul 2024 00:45:47 GMT
x-msedge-ref
Ref A: 66BEB4706CA9469FBA98DEB74DEAE2D3 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCAAB0CB13C8BA
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f3c6bbae-d01e-0025-2a54-dd2f14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.1ds.a8079b3.js
forms.office.com/gcc/cdn/scripts/dists/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Thu, 08 Aug 2024 00:12:11 GMT
x-msedge-ref
Ref A: 09AAEDCBAA3E4508A8B23C763656E381 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCB73EC0149237
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5e14575-601e-000f-53f4-eaf004000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
ls-response.en-us.a6896f307.js
forms.office.com/gcc/cdn/scripts/dists/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.en-us.a6896f307.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
deba362a9fb0b53d0c7c7730b3e35bbd05ab61bda87cb6188dd606e7084ca9e1

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:42 GMT
x-msedge-ref
Ref A: 196DF5B700A749A484C6550DEF96C1E2 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCBB2AB1FBDA47
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a2b598c7-f01e-006f-4919-ed8c9b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.utel.6db0eea.js
forms.office.com/gcc/cdn/scripts/dists/ 		139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.6db0eea.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5ff6008dc8e16bc507a7a99504bf21c446b46480c16c6ce4f80f5b246582e7b

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:44 GMT
content-encoding
br
last-modified
Mon, 12 Aug 2024 23:58:38 GMT
x-msedge-ref
Ref A: D14E6F1778FB4C17BC9BCB9EE09A7982 Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCBB2AAF4B0D60
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d5c992e4-c01e-0006-6519-edb5d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&RedC=c.office.com&MXFR=1E2682301459681A2A9C96EA105963CA
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&MUID=1E2682301459681A2A9C96EA105963CA
42 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&MUID=1E2682301459681A2A9C96EA105963CA
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 13:57:44 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 13:57:44 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CA957D41F5C423897254610A786771B Ref B: FRA31EDGE0605 Ref C: 2024-08-13T13:57:45Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=51D14DA6CF8948F493FF5DE72F678EC3&MUID=1E2682301459681A2A9C96EA105963CA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
771599f4-dd8f-431b-9940-96b6723f659e
lists.gcc.osi.office365.us/Images/1ab0214f-ac4a-4407-a7c6-2ef1eb76dac5/623cce7a-6bc8-4579-b124-ffad8a430deb/T6Z0H90H8DIDA4D4JNEYR87N3R/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/1ab0214f-ac4a-4407-a7c6-2ef1eb76dac5/623cce7a-6bc8-4579-b124-ffad8a430deb/T6Z0H90H8DIDA4D4JNEYR87N3R/771599f4-dd8f-431b-9940-96b6723f659e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41208cf739afdf09b08e982bc7c83c0d4ad7c67299b2ed58cb01c7ecac68732b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 13:57:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.18004.42101
x-officecluster
usge-000.lists.gcc.osi.office365.us
x-usersessionid
9c271f89-01e2-40b8-a730-a338dde88ac0
x-officeversion
16.0.18004.42101
x-officefe
CollabDBReverseProxyWithMappingService_IN_0
content-type
image/png
x-routingcorrelationid
e7a18ba7-67ae-4240-b0fc-863d5cb590eb
x-routingsessionid
9c271f89-01e2-40b8-a730-a338dde88ac0
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=TyGwGkqsB0Snxi7x63baxXrOPGLIa3lFsST_rYpDDetUNlowSDkwSDhESURBNEQ0Sk5FWVI4N04zUi4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 13:57:45 GMT
last-modified
Tue, 23 Jul 2024 00:43:30 GMT
x-msedge-ref
Ref A: A9296F7795084CC79CF36B4EAF6758DB Ref B: AMS231032605051 Ref C: 2024-08-13T13:57:45Z
etag
0x8DCAAB0796ED28B
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
08088e3e-d01e-0053-6449-dd239d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
5895
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5648352f3c8ad30e936fc11b3172cf94f2140fe15adb9fdfa9b8520a77641022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1723557465932
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 13:57:47 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1344
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 13 Aug 2024 13:57:45 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 13 Aug 2024 13:57:46 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
319edee9bde020937ac07ae04a56670200caefbea55c888de6509b48db748783
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1723557467424
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 13:57:47 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
227
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

13 Cookies

Domain/Path Name / Value
www.sanantonio.gov/ Name: dnn_IsMobile
Value: False
www.sanantonio.gov/ Name: language
Value: en-US
forms.office.com/ Name: FormsWebSessionId
Value: c6293c77-23c5-4351-a434-a4f1d82b1a17
forms.office.com/ Name: __RequestVerificationToken
Value: J70curk72S4q-StpVhbgOQGuk4VMbPQlNYMmq7HeJ2WzH2j9rACnmjVM-d4K-T0i9rbgm8WVIWkSMQGAlh63QXnHfU9trMvD7IqKvxWahK01
.office.com/ Name: MUID
Value: 1E2682301459681A2A9C96EA105963CA
.bing.com/ Name: MUID
Value: 1E2682301459681A2A9C96EA105963CA
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1E2682301459681A2A9C96EA105963CA
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=2f842fab2344484cbe208688c56b1cd3&HASH=2f84&LV=202408&V=4&LU=1723557467667
.microsoft.com/ Name: MS0
Value: 867f58f0e6414df7999609921be7b1d5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-27d339d9-5e6b-4922-ac6a-fb20a50e0a53' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
lists.gcc.osi.office365.us
www.sanantonio.gov
13.74.129.1
161.226.176.43
2001:489a:2206:20::2a
2620:1ec:a92::194
2620:1ec:c11::237
52.182.143.211
0f744526820029ffa391b02c4c544a616ca02112522824276d7b03b8523dc1da
17f6004d54c7fb514c01a0b6b46feff94430e22aa8daae6e27ed3d8b382c9d57
319edee9bde020937ac07ae04a56670200caefbea55c888de6509b48db748783
41208cf739afdf09b08e982bc7c83c0d4ad7c67299b2ed58cb01c7ecac68732b
5648352f3c8ad30e936fc11b3172cf94f2140fe15adb9fdfa9b8520a77641022
58a39f75154427c07eb9b88adc2d5a70b09389e930efa9f4c1f39647a3c7de27
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
70e1404b13f7b424d1756000f429f4f23e02ca30830e9a21ddbe13ea14b59e65
892756d2c097d1ad935a64a1ce959aa8e1a636c595d1709c99dcc3f057693f28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a20277a1572ffbe97c7d954eb0037d54a01e73cd865aade0b106649a8d14013
b2fe6a2352ff05bfe998d3a073fc7f2f885e3b9e7966e24cdd77e2b781d15180
b5ff6008dc8e16bc507a7a99504bf21c446b46480c16c6ce4f80f5b246582e7b
bc06474306a2ee072d2f08b9e52626b807afeede1da86ebb3744afc309cbd195
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
deba362a9fb0b53d0c7c7730b3e35bbd05ab61bda87cb6188dd606e7084ca9e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1