urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.techexecs.us/c/eJxEyb1uwyAQAOCngREdd3CBgSGqxXvwc5ajOm5lbNHH75j568k2ECYtyXJgZLbe6S0VTxUfvRaWUrCvzrna13UtnmKgCP...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQM...
Submission: On June 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6544.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.110.180.34 396982 (GOOGLE-CL...)
2 3 173.254.125.23 46606 (UNIFIEDLA...)
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2600:1400:900... 20940 (AKAMAI-ASN1)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
7 20.189.173.3 8075 (MICROSOFT...)
34 6
1    34.110.180.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.180.110.34.bc.googleusercontent.com
email.techexecs.us
3    173.254.125.23 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 173-254-125-23.unifiedlayer.com
www.techexecs.net
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2600:1400:9000::6875:b689 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
7    20.189.173.3 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10128
675 KB
7 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 201
2 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 6544
c.office.com — Cisco Umbrella Rank: 25916
62 KB
3 techexecs.net
www.techexecs.net
774 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1634
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
741 B
1 techexecs.us
email.techexecs.us
306 B
34 7
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
4 forms.office.com 1 redirects www.techexecs.net
forms.office.com
3 www.techexecs.net 2 redirects
2 c.office.com 1 redirects forms.office.com
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 email.techexecs.us 1 redirects
34 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
cpanel.techexecs.net
R3		 2023-05-12 -
2023-08-10		 3 months crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Frame ID: 7C1E98A6E55919363080C41916F0B491
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Global Unsubscribe

Page URL History Show full URLs

  1. http://email.techexecs.us/c/eJxEyb1uwyAQAOCngREdd3CBgSGqxXvwc5ajOm5lbNHH75j568k2ECYtyXJgZLbe6S0VTxUfvR... HTTP 302
    http://www.techexecs.net/unsubscribe HTTP 301
    https://www.techexecs.net/unsubscribe HTTP 301
    https://www.techexecs.net/unsubscribe/ Page URL
  2. https://forms.office.com/r/G6UtX5P5dj HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

34
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

799 kB
Transfer

1430 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.techexecs.us/c/eJxEyb1uwyAQAOCngREdd3CBgSGqxXvwc5ajOm5lbNHH75j568k2ECYtyXJgZLbe6S0VTxUfvRaWUrCvzrna13UtnmKgCPqVEJCAISBZ752xBjO5sEQOy0LP_OWVg0vaJn_ShrmH3tN2Xb-KngqzwjznNB8_5FKY72PcdbTzVUW_k48B4gOCPtMoZzFTuuy7cvAtm5j28_4PAAD__6IFOCs HTTP 302
    http://www.techexecs.net/unsubscribe HTTP 301
    https://www.techexecs.net/unsubscribe HTTP 301
    https://www.techexecs.net/unsubscribe/ Page URL
  2. https://forms.office.com/r/G6UtX5P5dj HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://email.techexecs.us/c/eJxEyb1uwyAQAOCngREdd3CBgSGqxXvwc5ajOm5lbNHH75j568k2ECYtyXJgZLbe6S0VTxUfvRaWUrCvzrna13UtnmKgCPqVEJCAISBZ752xBjO5sEQOy0LP_OWVg0vaJn_ShrmH3tN2Xb-KngqzwjznNB8_5FKY72PcdbTzVUW_k48B4gOCPtMoZzFTuuy7cvAtm5j28_4PAAD__6IFOCs HTTP 302
  • http://www.techexecs.net/unsubscribe HTTP 301
  • https://www.techexecs.net/unsubscribe HTTP 301
  • https://www.techexecs.net/unsubscribe/
Request Chain 21
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&RedC=c.office.com&MXFR=0260585BDFF36BEB00884B70DBF3609F HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&MUID=0260585BDFF36BEB00884B70DBF3609F

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.techexecs.net/unsubscribe/
Redirect Chain
  • http://email.techexecs.us/c/eJxEyb1uwyAQAOCngREdd3CBgSGqxXvwc5ajOm5lbNHH75j568k2ECYtyXJgZLbe6S0VTxUfvRaWUrCvzrna13UtnmKgCPqVEJCAISBZ752xBjO5sEQOy0LP_OWVg0vaJn_ShrmH3tN2Xb-KngqzwjznNB8_5FKY72PcdbTzV...
  • http://www.techexecs.net/unsubscribe
  • https://www.techexecs.net/unsubscribe
  • https://www.techexecs.net/unsubscribe/
339 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.techexecs.net/unsubscribe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.254.125.23 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
173-254-125-23.unifiedlayer.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
237
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 09 Jun 2023 02:42:27 GMT
last-modified
Fri, 21 Oct 2022 13:56:35 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
246
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=iso-8859-1
date
Fri, 09 Jun 2023 02:42:27 GMT
location
https://www.techexecs.net/unsubscribe/
server
Apache
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/r/G6UtX5P5dj
  • https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
78 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Requested by
Host: www.techexecs.net
URL: https://www.techexecs.net/unsubscribe/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
deaa1d7f4aa5ddf52538d87e3cd0bdf9d0f62d66f483ff152b5473890ae93205
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.techexecs.net/unsubscribe/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 09 Jun 2023 02:42:27 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
722f317b-4ed6-45b4-ae79-1fa675564ee3
x-msedge-ref
Ref A: BB9466B8411C47C891515624D4878460 Ref B: EWR311000108047 Ref C: 2023-06-09T02:42:27Z
x-officecluster
ncus-100.forms.office.com
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16605.42054
x-robots-tag
noindex, nofollow
x-routingcorrelationid
722f317b-4ed6-45b4-ae79-1fa675564ee3
x-routingofficecluster
eus2-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.16605.42054
x-routingsessionid
8ce4bad2-33b5-4dae-86dc-80b3aeac20f0
x-usersessionid
8ce4bad2-33b5-4dae-86dc-80b3aeac20f0

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 09 Jun 2023 02:42:27 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
1e184bd8-3a1c-4e8c-b2b4-6031240b95c8
x-msedge-ref
Ref A: EBCD344A41194BEB9096C7F1417B8E25 Ref B: EWR311000108047 Ref C: 2023-06-09T02:42:27Z
x-officecluster
eus2-100.forms.office.com
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.16605.42054
x-usersessionid
1e184bd8-3a1c-4e8c-b2b4-6031240b95c8
ls-response.en-us.73452f6b2.js
cdn.forms.office.net/forms/scripts/dists/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.73452f6b2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62f88f0f0ed40a3185b72e524fd6e29a580fc27aa15354cd5ea37fbfc7974772

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
Bqas7KaKkKpLS6bDMCXFaQ==
server-timing
ak_p; desc="1686278547709_1752544901_340563093_29_956_3_10_219";dur=1
content-length
9637
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jun 2023 05:34:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB664FBB61E98C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6305d97a-301e-0041-2140-9881ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
dll-dompurify.min.3c32c70.js
cdn.forms.office.net/forms/scripts/dists/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
oxUBT686mhsG6wWk22Bvig==
server-timing
ak_p; desc="1686278547722_1752544901_340563101_49_745_2_0_219";dur=1
content-length
6037
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 05:10:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB582757D8EE93
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b754e420-b01e-001f-5e17-8a72e9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.min.fad14a3.js
cdn.forms.office.net/forms/scripts/dists/ 		400 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3594c154537d4912568a3625b10fed80dd18fe5046f61edb75e218d3c4ca4e78

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
peBqQq4V98ad0ESa0aT0tQ==
server-timing
ak_p; desc="1686278547722_1752544901_340563102_50_765_2_0_219";dur=1
content-length
112712
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9EC6722A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55b8c58b-a01e-0044-22e6-987595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u')
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001b5c88be6/light/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001b5c88be6/light/runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3c884fb2033f4c3b21bf0afbd7f788b995d6cd5813777df32883f94550ca7aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
X-UserSessionId
8ce4bad2-33b5-4dae-86dc-80b3aeac20f0
accept-language
en-US,en;q=0.9
__RequestVerificationToken
M0_R6tsFjWoiS1wFTmW0BD06T0xXtKCO2FOaSM5SHhaCP87WCJcg-mH2_XPldcYbHhp84ACWSnuAlCFjwdctK9BSbuSTFVmSOR8QT-JRTtc1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Fri, 09 Jun 2023 02:42:27 GMT
x-officeversion
16.0.16601.42053
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16601.42053, 16.0.16601.42053
x-correlationid
a5fea29c-789f-47c5-a551-65aa1cb13eda
x-officecluster
ncus-101.forms.office.com
x-usersessionid
8ce4bad2-33b5-4dae-86dc-80b3aeac20f0
x-msedge-ref
Ref A: 0C8C81603DE445E783EB7DFC9E6C2011 Ref B: EWR311000108047 Ref C: 2023-06-09T02:42:27Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a5fea29c-789f-47c5-a551-65aa1cb13eda
x-routingsessionid
8ce4bad2-33b5-4dae-86dc-80b3aeac20f0
x-robots-tag
noindex, nofollow
x-routingofficecluster
eus2-101.forms.office.com, ncus-101.forms.office.com
light-response-page.chunk.lrp_ext.39cb172.js
cdn.forms.office.net/forms/scripts/dists/ 		0
91 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.39cb172.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
jXAIzxiKfVjJActn15lWNQ==
server-timing
ak_p; desc="1686278547791_1752544901_340563302_103_482_2_0_109";dur=1
content-length
92295
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E601E38
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7ba3b75c-701e-0046-72e6-98776f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_phishing.ca0a9e7.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.ca0a9e7.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
oxYKYcIIZ96uVrSs+Gdbzg==
server-timing
ak_p; desc="1686278547790_1752544901_340563305_30_577_2_0_109";dur=1
content-length
2494
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E7A591D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b53a8f93-d01e-0062-2bde-98ee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_saveresponse.d688d2d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.d688d2d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
qfYOn9uIRDuB/iAazsCtgw==
server-timing
ak_p; desc="1686278547790_1752544901_340563303_28_658_2_0_109";dur=1
content-length
14193
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E8AD179
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d8ec1865-c01e-005f-1fde-985b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_cover.fb99c53.js
cdn.forms.office.net/forms/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.fb99c53.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
zxlTtnaNkUU04f9toXkUgQ==
server-timing
ak_p; desc="1686278547790_1752544901_340563304_47_448_2_0_109";dur=1
content-length
17070
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E487B05
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c4b5c882-c01e-0076-5cde-982d45000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_post.boot.0f81b71.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0f81b71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
yrVxuR5FwrTLjXfDpwRsAQ==
server-timing
ak_p; desc="1686278547790_1752544901_340563306_28_596_2_0_109";dur=1
content-length
4852
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E82473F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c64f35b2-101e-0056-01df-984189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_ext.39cb172.js
cdn.forms.office.net/forms/scripts/dists/ 		308 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.39cb172.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
20b74d080a2b7761edc41e126b7616989bee39aefa04c6eb514cf82512342244

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
jXAIzxiKfVjJActn15lWNQ==
server-timing
ak_p; desc="1686278547780_1752544901_340563297_17_626_2_8_146";dur=1
content-length
92295
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E601E38
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7ba3b75c-701e-0046-72e6-98776f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_phishing.ca0a9e7.js
cdn.forms.office.net/forms/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.ca0a9e7.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d1c829321a5eab9229d1086137b8f35db7c63d04f7ceea105f758ad95d55d70d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
oxYKYcIIZ96uVrSs+Gdbzg==
server-timing
ak_p; desc="1686278547808_1752544901_340563341_15_639_3_0_146";dur=1
content-length
2494
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E7A591D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b53a8f93-d01e-0062-2bde-98ee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_saveresponse.d688d2d.js
cdn.forms.office.net/forms/scripts/dists/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.d688d2d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6694b6e39aa0beaed028f8892b18fa2f8f617631f2b7b269b0e4ced6131edca0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
qfYOn9uIRDuB/iAazsCtgw==
server-timing
ak_p; desc="1686278547809_1752544901_340563344_110_668_3_0_146";dur=1
content-length
14193
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E8AD179
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d8ec1865-c01e-005f-1fde-985b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_post.boot.0f81b71.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0f81b71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e0b49cbf488939ed63846bc3af62f57b1a32cab8ab308c74b9a79de5b716f7c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
yrVxuR5FwrTLjXfDpwRsAQ==
server-timing
ak_p; desc="1686278547817_1752544901_340563372_41_744_3_0_146";dur=1
content-length
4852
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E82473F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c64f35b2-101e-0056-01df-984189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_poll.3141ac0.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.3141ac0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3098dc849243b71362fbbff7730e0561ee35cc86252f416bfa0609cbdffaf8f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
VxCljTN3IVBhWCtta/7Urg==
server-timing
ak_p; desc="1686278547820_1752544901_340563379_47_594_3_0_146";dur=1
content-length
4275
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E81F923
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e2bf095e-301e-0041-7ce6-9881ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
linellae.png
cdn.forms.office.net/forms/images/theme/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/theme/linellae.png
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
61bd29dd0349de6196db976e7b5e5daebba5fddc25b5274cce033b2e52a4a3e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-md5
5BEaXgpb9nJfqwBkUAayTw==
server-timing
ak_p; desc="1686278547848_1752544901_340563454_360_735_5_0_146";dur=1
content-length
120521
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 14:13:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC7DCC5C5D212
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
545b4e93-301e-004a-3dea-f9999e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.sw.b51c01e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.b51c01e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
MGQnoR35q31ZWoIJCqP+Gg==
server-timing
ak_p; desc="1686278547851_1752544901_340563466_118_833_5_0_146";dur=1
content-length
565
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DBBEF9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1acab60b-301e-0027-2dc4-6d33b0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
server-timing
ak_p; desc="1686278547864_1752544901_340563500_151_449_3_0_109";dur=1
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d11f002a-401e-004e-800e-786c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.officebrowserfeedback.39bdf71.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
g077WZtojOm9a9CkyPtrow==
server-timing
ak_p; desc="1686278547863_1752544901_340563501_97_660_3_0_109";dur=1
content-length
107103
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 04:56:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB55C9E92A04E9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b2ab78ec-a01e-000b-46c2-87b18d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
server-timing
ak_p; desc="1686278547863_1752544901_340563503_49_655_3_0_109";dur=1
content-length
1754
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DAFBC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02322d54-701e-0064-1dc4-6d1959000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
light-response-page.chunk.utel.745aa6c.js
cdn.forms.office.net/forms/scripts/dists/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.745aa6c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7395dddc24991a9caffeccc6ee4607c51db7db7ba58a606b770e54aac28e01c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
U0YiTFAVhs7Av5IHsKybkA==
server-timing
ak_p; desc="1686278547913_1752544901_340563665_15_889_3_0_146";dur=1
content-length
7116
x-ms-lease-status
unlocked
last-modified
Mon, 05 Jun 2023 05:25:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6585497F0F0C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a2cd91c5-201e-001a-2d7b-978696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&RedC=c.office.com&MXFR=0260585BDFF36BEB00884B70DBF3609F
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&MUID=0260585BDFF36BEB00884B70DBF3609F
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&MUID=0260585BDFF36BEB00884B70DBF3609F
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 02:42:28 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
server
Microsoft-IIS/10.0
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Jun 2023 02:42:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1308247058224211A8AA4296FBE294B9 Ref B: EWR30EDGE1609 Ref C: 2023-06-09T02:42:28Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=2B708028E5DF43028FF34626BD44810D&MUID=0260585BDFF36BEB00884B70DBF3609F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
light-response-page.chunk.lrp_trial.c29c5df.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.c29c5df.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
content-md5
rSgIVb3g0kX2cKZOOm+9cQ==
server-timing
ak_p; desc="1686278547964_1752544901_340563822_13_619_2_0_109";dur=1
content-length
15999
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jun 2023 00:39:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB66EF9E8C7EF1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e42381e5-301e-0027-0cdf-9833b0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:27 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		180 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0f81b71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
content-md5
U7Mf4i0d5gD9czlOwlzJ/w==
etag
0x8DB62CA73C6BBDB
x-azure-ref
0lJGCZAAAAADDAK7AvS0UQYIWafIAa1O+TU5aMjIxMDYwNjEyMDE5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
984edc56-d01e-0027-5e78-9ad8b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
light-response-page.chunk.1ds.aaf0407.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.aaf0407.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fad14a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::6875:b689 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
75bb2ee5101a73dfd44373652da2ede4d17ea680eabea994208314b11e638870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:28 GMT
content-encoding
br
content-md5
56SpHjwP9MPURIXTTIHzxQ==
server-timing
ak_p; desc="1686278548108_1752544901_340564236_71_766_8_0_146";dur=1
content-length
33816
x-ms-lease-status
unlocked
last-modified
Tue, 09 May 2023 04:55:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5049AB181808
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b95419f-a01e-0000-493d-82a9f9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:42:28 GMT
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f843042b644af915fb92d988eddb405d42a89cee38ea5e90f1940279b128e7df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAbXIi-ZUQ0I5N1lTTklVT0hDNDNDMFFQMU05MlgzNy4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 09 Jun 2023 02:42:27 GMT
content-encoding
br
last-modified
Thu, 01 Jun 2023 23:22:21 GMT
x-msedge-ref
Ref A: EE88E8198208469C850D1851E3CE8B8D Ref B: EWR311000108047 Ref C: 2023-06-09T02:42:28Z
etag
0x8DB62F70CE081A8
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cfddab45-001e-0042-2a4e-9782ed000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 09 Jun 2023 02:42:28 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
58481afed6311f7c98bd3972583652c8bee1c4465ed70510c79090589c956d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686278549078
accept-language
en-US,en;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 09 Jun 2023 02:42:28 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
197
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 09 Jun 2023 02:42:28 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
7205c47c1308dbdf451fba5deb4181c2fd6f71edbed284217a7c7f356b52e019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686278550080
accept-language
en-US,en;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis
197
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 09 Jun 2023 02:42:29 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
133
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 09 Jun 2023 02:42:29 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.aaf0407.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0155e68a2b209638de5abbec0dd312eb0302eb600143eb009a8832a21251ca09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686278550144
accept-language
en-US,en;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
5f4ebf0f9a11474199e89f94bc7e2f50-61b8420a-22b1-4220-b531-4a4b96e4edb9-7406
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 09 Jun 2023 02:42:29 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
178
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 09 Jun 2023 02:42:29 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: 026eebdd-a374-4390-bd58-ae161ce38f9d
.forms.office.com/ Name: RpsAuthNonce
Value: 026eebdd-a374-4390-bd58-ae161ce38f9d
forms.office.com/ Name: __RequestVerificationToken
Value: yJtvRiDuQin85iulM0UokFPdPy371Na2yuNVVPjnvuldDWZT5o7HhCVdXsXNARLsalHFVDALt0qv6ncMIvH2hTEQnnQg53SEWgknAmKO7LI1
.office.com/ Name: MUID
Value: 0260585BDFF36BEB00884B70DBF3609F
forms.office.com/ Name: ai_session
Value: VcfTOwkrCowiU0HxVL0yl2|1686278548074|1686278548074
.bing.com/ Name: MUID
Value: 0260585BDFF36BEB00884B70DBF3609F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0260585BDFF36BEB00884B70DBF3609F
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=e286f227e43d4e41aa23459210c0d4a6&HASH=e286&LV=202306&V=4&LU=1686278549275
.microsoft.com/ Name: MS0
Value: 698ba0ae9a664e8aa3d90e3dc957f68d
forms.office.com/ Name: MSFPC
Value: GUID=e286f227e43d4e41aa23459210c0d4a6&HASH=e286&LV=202306&V=4&LU=1686278549275

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
email.techexecs.us
forms.office.com
js.monitor.azure.com
www.techexecs.net
173.254.125.23
20.110.205.119
20.189.173.3
2600:1400:9000::6875:b689
2620:1ec:48:1::40
2620:1ec:a92::194
2620:1ec:c11::200
34.110.180.34
0155e68a2b209638de5abbec0dd312eb0302eb600143eb009a8832a21251ca09
20b74d080a2b7761edc41e126b7616989bee39aefa04c6eb514cf82512342244
3098dc849243b71362fbbff7730e0561ee35cc86252f416bfa0609cbdffaf8f2
3594c154537d4912568a3625b10fed80dd18fe5046f61edb75e218d3c4ca4e78
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a
58481afed6311f7c98bd3972583652c8bee1c4465ed70510c79090589c956d04
61bd29dd0349de6196db976e7b5e5daebba5fddc25b5274cce033b2e52a4a3e2
62f88f0f0ed40a3185b72e524fd6e29a580fc27aa15354cd5ea37fbfc7974772
6694b6e39aa0beaed028f8892b18fa2f8f617631f2b7b269b0e4ced6131edca0
7205c47c1308dbdf451fba5deb4181c2fd6f71edbed284217a7c7f356b52e019
7395dddc24991a9caffeccc6ee4607c51db7db7ba58a606b770e54aac28e01c3
75bb2ee5101a73dfd44373652da2ede4d17ea680eabea994208314b11e638870
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b3c884fb2033f4c3b21bf0afbd7f788b995d6cd5813777df32883f94550ca7aa
d1c829321a5eab9229d1086137b8f35db7c63d04f7ceea105f758ad95d55d70d
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
deaa1d7f4aa5ddf52538d87e3cd0bdf9d0f62d66f483ff152b5473890ae93205
e0b49cbf488939ed63846bc3af62f57b1a32cab8ab308c74b9a79de5b716f7c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f843042b644af915fb92d988eddb405d42a89cee38ea5e90f1940279b128e7df