urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1Yx...
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 30th 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2620:1ec:a92:... 8068 (MICROSOFT...)
9 23.32.238.130 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 40.77.226.250 8075 (MICROSOFT...)
1 168.62.200.169 8075 (MICROSOFT...)
21 6
7    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
9    23.32.238.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-130.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az725175.vo.msecnd.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    168.62.200.169 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
9 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 forms.office.com forms.office.com
cdn.forms.office.net
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 c.office.com 1 redirects forms.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 az725175.vo.msecnd.net forms.office.com
21 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-01-30 -
2022-01-29		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 02		 2021-06-27 -
2022-06-22		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Frame ID: 8679685EC408BA5A2C1888E26761EA96
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

21
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

370 kB
Transfer

1501 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&RedC=c.office.com&MXFR=3DBEDEDAB8656D642C1FCE52BC65669E HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&MUID=3DBEDEDAB8656D642C1FCE52BC65669E

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/FormsPro/Pages/ 		36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3541a047f2cd71c4bd3c660a12c542d133e6ab185972c132357b09e50a677a70
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
12050
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Wed, 03-Nov-2021 15:23:34 GMT; path=/; samesite=none; secure; HttpOnly FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; domain=forms.office.com; expires=Thu, 02-Sep-2021 15:23:34 GMT; path=/; samesite=none; secure; HttpOnly usenewauthrollout=False; domain=forms.office.com; expires=Thu, 02-Sep-2021 15:23:34 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; path=/; samesite=none; secure; HttpOnly AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.14322.36679
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-routingcorrelationid
d211a374-e789-40c0-a814-6e79dfdf340e
x-correlationid
d211a374-e789-40c0-a814-6e79dfdf340e
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.14309.36676
x-officecluster
weu-103.forms.office.com
x-failurereason
10
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: F0AD1DBFAC8543DB97C250B096662D35 Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:34Z
date
Tue, 03 Aug 2021 15:23:33 GMT
response-page-customize-fabric-bootstrap.min.c8ca16d.css
cdn.forms.office.net/forms/css/dist/ 		177 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/response-page-customize-fabric-bootstrap.min.c8ca16d.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d3e76d6738692dcece6b80951105aaf84265e947816b286783ad00564a886d79

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
r/hoZyqRjTNKpW6S6nGXKw==
content-length
25226
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 03:56:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9467B542797E1
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7c009ae4-601e-0101-506a-78137c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
basics_osi_v5_j3.min.6c34990.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		360 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f74e9cf744b459c22993a56b474f4c6ae220c5e9d7140bdfba2d68a9960e081c

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
0tm4P5rx4zXACZL+k5P2Dg==
content-length
102689
x-ms-lease-status
unlocked
last-modified
Thu, 20 May 2021 03:47:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D91B420A6FCE1E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75eec82c-901e-00b1-3ce2-4daca9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
response_v2.min.d40c871.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/response_v2.min.d40c871.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b0a9c232a8635f93d6b3ba05f73a0e6eebe90cd4167b49807d5961dca1a4507

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
He+AvoYe9RYqfYXGmA6kxA==
content-length
18037
x-ms-lease-status
unlocked
last-modified
Fri, 07 May 2021 08:28:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D911321F040ACA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f41a770-801e-0062-713f-43130c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
response-page-pro.cachegroup-nerve.min.66ab47b.js
cdn.forms.office.net/forms/scripts/dists/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.cachegroup-nerve.min.66ab47b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0a4686e25dcc5c3faad1c50383b7ef92c411cbfa28a8600a517849ea9a6ed5f1

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
e8ybnnBFlnz6KdIvXYSFCg==
content-length
13354
x-ms-lease-status
unlocked
last-modified
Fri, 02 Jul 2021 15:19:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D93D6CCCB2062A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b9abbeb1-b01e-0043-2f5e-717e3d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
response-page-pro.min.0ef69f3.js
cdn.forms.office.net/forms/scripts/dists/ 		690 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
581e0a14b3af3ec5ff91954c766b65fb7125cbb745635a7066d59fe8fad7a211

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
Jc6Q+/XoUep3hoO2BKWfHQ==
content-length
150137
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jul 2021 10:41:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D945EAC96662D9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2d502bde-b01e-012a-796a-7867c4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DAD) /
Resource Hash
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
gzip
content-md5
yvXHFTB8uAvUsw4tqOlcNw==
age
1388
x-cache
HIT
content-length
18421
x-ms-lease-status
unlocked
last-modified
Mon, 22 Feb 2021 22:33:25 GMT
server
ECAcc (lha/8DAD)
etag
0x8D8D781DE4DEC32
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
x-ms-request-id
1bad2cfe-f01e-003b-0278-888d75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')
forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c1c9feb604e1dee925c23930de6df62b03fcb3c33523f9a76b68408542dc6802
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-ms-form-request-ring
formspro
accept-language
en-US
sec-fetch-dest
empty
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740
:path
/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$expand=questions($expand=choices)
pragma
no-cache
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
__requestverificationtoken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
:method
GET
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
x-ms-form-request-ring
formspro
__RequestVerificationToken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
3313
x-routingofficefe
FormsSingleBox_IN_5 FormsSingleBox_IN_7
pragma
no-cache
x-routingofficeversion
16.0.14322.36679 16.0.14309.36676
x-correlationid
582449ce-21d7-4bfd-8ff0-04b9eb973d95
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-powered-by
ASP.NET
date
Tue, 03 Aug 2021 15:23:33 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
582449ce-21d7-4bfd-8ff0-04b9eb973d95
cache-control
no-cache
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: 3A45F00DFCE64145BE2EF024AFD49A4D Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:34Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com weu-103.forms.office.com
expires
-1
GetResourceStrings
forms.office.com/FormsPro/Pages/ResponsePage.aspx/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx/GetResourceStrings
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6be6eb69843d9491e3252444165567da979d77c8ed6a851feabed71dfaecfb2d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://forms.office.com
accept-encoding
gzip, deflate, br
x-ms-form-request-ring
formspro
accept-language
en-US
sec-fetch-dest
empty
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740
content-length
0
:path
/FormsPro/Pages/ResponsePage.aspx/GetResourceStrings
pragma
no-cache
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
__requestverificationtoken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
:method
POST
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
x-ms-form-request-ring
formspro
__RequestVerificationToken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
9680
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.14322.36679
x-correlationid
2337e6cf-c768-4ab0-a760-e9e3835b9ac5
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
date
Tue, 03 Aug 2021 15:23:33 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
2337e6cf-c768-4ab0-a760-e9e3835b9ac5
cache-control
max-age=0, private
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: F43FCA46D7F944C887925B106AB55F6C Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:34Z
x-routingofficecluster
weu-101.forms.office.com
response-page-pro.chunk.postsubmit.10456e1.js
cdn.forms.office.net/forms/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.postsubmit.10456e1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
KCsPu5/4CLkTgsd7h/xNuA==
content-length
9575
x-ms-lease-status
unlocked
last-modified
Tue, 13 Jul 2021 10:41:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D945EAC928B263
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7af6d83-a01e-00b2-176a-78afae000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
response-page-pro.chunk.quiz.08eec45.js
cdn.forms.office.net/forms/scripts/dists/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.quiz.08eec45.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:34 GMT
content-encoding
br
content-md5
l5MHM1yeojkrfYEmdp1TZw==
content-length
927
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 03:57:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9467B760B1971
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7af6d6b-a01e-00b2-076a-78afae000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:34 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&RedC=c.office.com&MXFR=3DBEDEDAB8656D642C1FCE52BC65669E
  • https://c.office.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&MUID=3DBEDEDAB8656D642C1FCE52BC65669E
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&MUID=3DBEDEDAB8656D642C1FCE52BC65669E
Requested by
Host: forms.office.com
URL: https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 15:23:34 GMT
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9d284f105d6fd71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 15:23:34 GMT
x-msedge-ref
Ref A: D2DCBE5378014C97826444317B7A85B3 Ref B: FRAEDGE1221 Ref C: 2021-08-03T15:23:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=7D3C550EF1EC4E6FB2F2D987AC48A2AA&MUID=3DBEDEDAB8656D642C1FCE52BC65669E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
GetThemes
forms.office.com/FormsPro/Pages/ResponsePage.aspx/ 		226 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx/GetThemes
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe29125c54106226a84b3b4d3eb9cfc2f16ba26753c8af7bfa6089cc22b3dd36
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://forms.office.com
accept-encoding
gzip, deflate, br
accept-language
en-US
formspro
enabled
sec-fetch-dest
empty
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740
content-length
22
:path
/FormsPro/Pages/ResponsePage.aspx/GetThemes
pragma
no-cache
x-correlationid
6959bd48-a38b-4cbf-96a0-0232d7eb5ea7
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
X-CorrelationId
6959bd48-a38b-4cbf-96a0-0232d7eb5ea7
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
formspro
enabled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json; charset=UTF-8

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
141
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.14322.36679
x-correlationid
6959bd48-a38b-4cbf-96a0-0232d7eb5ea7
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
date
Tue, 03 Aug 2021 15:23:34 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
6959bd48-a38b-4cbf-96a0-0232d7eb5ea7
cache-control
max-age=0, private
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: 1F4A4DCD9C0A4D47BC2151C0AD87C64D Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:35Z
x-routingofficecluster
neu-101.forms.office.com
runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')
forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/ 		89 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
96e24bbfb73ca1a88007dfe24139363e996dfd18199b90d0243818f6335f0cb4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
__requestverificationtoken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
accept-encoding
gzip, deflate, br
x-ms-form-request-ring
formspro
authorization
accept-language
en-US
sec-fetch-dest
empty
contextparams
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740
:path
/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText
pragma
no-cache
x-correlationid
1bfff5f0-8fe9-46e3-8cdc-d45d867a97bd
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
x-ms-form-request-source
ms-formweb
odata-maxversion
4.0
:method
GET
__RequestVerificationToken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
X-CorrelationId
1bfff5f0-8fe9-46e3-8cdc-d45d867a97bd
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
x-ms-form-request-ring
formspro
Authorization
Accept
application/json
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
ContextParams
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-form-request-source
ms-formweb
OData-MaxVersion
4.0

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
85
x-routingofficefe
FormsSingleBox_IN_7 FormsSingleBox_IN_4
pragma
no-cache
x-routingofficeversion
16.0.14322.36679 16.0.14309.36676
x-correlationid
1bfff5f0-8fe9-46e3-8cdc-d45d867a97bd
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-powered-by
ASP.NET
date
Tue, 03 Aug 2021 15:23:34 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
1bfff5f0-8fe9-46e3-8cdc-d45d867a97bd
cache-control
no-cache
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: 1339683EC4034E8E99B172D19DD65B87 Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:35Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com weu-103.forms.office.com
expires
-1
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-08-03T15%3A23%3A34.956Z%27&os=%27Windows%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%27a0466d4d-26e1-42c8-9331-2783f27ccc39%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FFormsPro%2FPages%2FResponsePage.aspx%3Fid%3DMu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Ingram%20Micro%20Satisfaction%20Survey%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.5%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c94c6def7deddf26f05501fff79d4ef997d139512d2ad2fd9a2a7ff1db529870
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 15:23:34 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
k32KPPycwUS8LqL3yEMWpg.0
Content-Type
application/javascript
Content-Length
281
Expires
0
response-page-pro.chunk.ir.2d5d4a4.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.ir.2d5d4a4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f54773094e40fab49c9b4a7acc96c542c4fa8741f401ad2c9f956d021c76fef6

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:35 GMT
content-encoding
br
content-md5
P9Tpkt3dtD4lbL9HAWphbg==
content-length
3440
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 03:57:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9467B75C02057
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bad293e6-601e-0086-186a-780006000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:35 GMT
response-page-pro.chunk.question.nps.0cc498a.js
cdn.forms.office.net/forms/scripts/dists/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.chunk.question.nps.0cc498a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/response-page-pro.min.0ef69f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-130.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f506b9a14c95111bb1e8e7d06ca6ec5fa5c89288525da3acc2d401da1d920294

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Aug 2021 15:23:35 GMT
content-encoding
br
content-md5
zG4y/hCx6Pb0Sw/0MbvvgA==
content-length
2080
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 03:57:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9467B75FDF7B7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
18497b45-501e-002f-4eab-78d5ee000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:23:35 GMT
privacy
forms.office.com/formapi/api/ 		17 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/privacy?ownerTenantId=d78aee32-8f91-4f9e-90ea-fb72965d9d7c&currentUserTenantId=d78aee32-8f91-4f9e-90ea-fb72965d9d7c&isAnonymous=true
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ac8ea734a33366ef42f62398d95b4a9d912043522cf945405fd691f7aa342fed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
__requestverificationtoken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
accept-encoding
gzip, deflate, br
x-ms-form-request-ring
formspro
authorization
accept-language
en-US
sec-fetch-dest
empty
contextparams
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740; MUID=3DBEDEDAB8656D642C1FCE52BC65669E; MSFPC=GUID=a1eb70bf71234753b87833c76b9850e1&HASH=a1eb&LV=202108&V=4&LU=1628004215052
:path
/formapi/api/privacy?ownerTenantId=d78aee32-8f91-4f9e-90ea-fb72965d9d7c&currentUserTenantId=d78aee32-8f91-4f9e-90ea-fb72965d9d7c&isAnonymous=true
pragma
no-cache
x-correlationid
25b623a5-55d1-4a8e-8ded-424588cc4564
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
x-ms-form-request-source
ms-formweb
odata-maxversion
4.0
:method
GET
__RequestVerificationToken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
X-CorrelationId
25b623a5-55d1-4a8e-8ded-424588cc4564
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
x-ms-form-request-ring
formspro
Authorization
Accept
application/json
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
ContextParams
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-form-request-source
ms-formweb
OData-MaxVersion
4.0

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_8 FormsSingleBox_IN_8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
21
x-routingofficefe
FormsSingleBox_IN_5
pragma
no-cache
x-routingofficeversion
16.0.14322.36679
x-correlationid
25b623a5-55d1-4a8e-8ded-424588cc4564
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-powered-by
ASP.NET
date
Tue, 03 Aug 2021 15:23:34 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
25b623a5-55d1-4a8e-8ded-424588cc4564
cache-control
no-cache
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: 36D6D9AF7E454E3C88B5D147EE2245DF Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:35Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com
expires
-1
runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')
forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/ 		89 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$select=id,FormsProBranchRules
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
96e24bbfb73ca1a88007dfe24139363e996dfd18199b90d0243818f6335f0cb4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
__requestverificationtoken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
accept-encoding
gzip, deflate, br
x-ms-form-request-ring
formspro
authorization
accept-language
en-US
sec-fetch-dest
empty
contextparams
cookie
DcLcid=ui=1033&data=1033; FormsWebSessionId=4548c878-feb9-43d4-8cdb-181b2d8ecb13; usenewauthrollout=False; __RequestVerificationToken=HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41; AADNonce.forms=4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740; MUID=3DBEDEDAB8656D642C1FCE52BC65669E; MSFPC=GUID=a1eb70bf71234753b87833c76b9850e1&HASH=a1eb&LV=202108&V=4&LU=1628004215052
:path
/formapi/api/d78aee32-8f91-4f9e-90ea-fb72965d9d7c/users/6ac551da-f645-4748-b7de-471c798a50ad/light/runtimeForms('Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u')?$select=id,FormsProBranchRules
pragma
no-cache
x-correlationid
68ecdd6e-f901-48da-8250-8c5b0563a317
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
:scheme
https
sec-fetch-site
same-origin
x-ms-form-request-source
ms-formweb
odata-maxversion
4.0
:method
GET
__RequestVerificationToken
MROLkpc65KA_8YcS5OKzRTVsWFIOGR4LiAdCSsPDMiEn4v8gUEZrUBumQ8034waxXFn80S0THIdH5zMgYMrijQZ77-yKsEq5F8omYVuGc-U1
X-CorrelationId
68ecdd6e-f901-48da-8250-8c5b0563a317
X-UserSessionId
dad623ea-d121-469f-aec1-20ba4212adc3
x-ms-form-request-ring
formspro
Authorization
Accept
application/json
Referer
https://forms.office.com/FormsPro/Pages/ResponsePage.aspx?id=Mu6K15GPnk-Q6vtyll2dfNpRxWpF9khHt95HHHmKUK1UM1g4RjJWUFlUQ1YxMUlXQkc4SVM4UlZWRC4u
ContextParams
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-form-request-source
ms-formweb
OData-MaxVersion
4.0

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14309.36676
x-officefe
FormsSingleBox_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
85
x-routingofficefe
FormsSingleBox_IN_11 FormsSingleBox_IN_5
pragma
no-cache
x-routingofficeversion
16.0.14329.36679 16.0.14309.36676
x-correlationid
68ecdd6e-f901-48da-8250-8c5b0563a317
x-officecluster
weu-103.forms.office.com
x-usersessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-powered-by
ASP.NET
date
Tue, 03 Aug 2021 15:23:34 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
68ecdd6e-f901-48da-8250-8c5b0563a317
cache-control
no-cache
x-failurereason
10
x-routingsessionid
dad623ea-d121-469f-aec1-20ba4212adc3
x-msedge-ref
Ref A: 4C925B0C1756402CA491BE3904D4DA75 Ref B: AMS04EDGE1305 Ref C: 2021-08-03T15:23:35Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-100.forms.office.com weu-103.forms.office.com
expires
-1
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Da1eb70bf71234753b87833c76b9850e1%26HASH%3Da1eb%26LV%3D202108%26V%3D4%26LU%3D1628004215052%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=34574250afbe400d814cda5bafaabbbf-e8b2d8de-469a-4779-8134-0c3b0fa0d78e-7592&client-time-epoch-millis=1628004217367&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.62.200.169 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 15:23:37 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
589
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo function| setPublicPath function| replaceChunkSrc object| FormPrefetchCache function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| $ function| jQuery object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| _ object| React object| ReactDOM object| linkify function| Picker object| webpackChunk object| Forms object| FormsPro function| jsllloaded object| awa string| behaviorKey

7 Cookies

Domain/Path Name / Value
forms.office.com/ Name: MSFPC
Value: GUID=a1eb70bf71234753b87833c76b9850e1&HASH=a1eb&LV=202108&V=4&LU=1628004215052
.forms.office.com/ Name: AADNonce.forms
Value: 4ec37e28-6ff4-4777-a8ac-81b0f8f1e4c4.637636010145390740
.office.com/ Name: MUID
Value: 3DBEDEDAB8656D642C1FCE52BC65669E
forms.office.com/ Name: __RequestVerificationToken
Value: HzAJ9uPWMTS_qWvKxr3RZBe4WuG55RB3kibUbYRtqXH0KpvVUMtlk82YK4NyXULD3eRUMWzotHUxeZU1hWHZJYR3rTfnTParYmUN_XeoNM41
.forms.office.com/ Name: usenewauthrollout
Value: False
.forms.office.com/ Name: FormsWebSessionId
Value: 4548c878-feb9-43d4-8cdb-181b2d8ecb13
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

16 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
deferred
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
utils
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
xml
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
odata
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
odatautils
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
handler
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
metadata
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
net
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
json
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
batch
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
store
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
dom
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
indexeddb
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
memory
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
cache
console-api log URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v5_j3.min.6c34990.js(Line 29)
Message:
source

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
web.vortex.data.microsoft.com
152.199.19.160
168.62.200.169
23.32.238.130
2620:1ec:a92::194
2620:1ec:c11::200
40.77.226.250
52.142.114.2
0a4686e25dcc5c3faad1c50383b7ef92c411cbfa28a8600a517849ea9a6ed5f1
3541a047f2cd71c4bd3c660a12c542d133e6ab185972c132357b09e50a677a70
581e0a14b3af3ec5ff91954c766b65fb7125cbb745635a7066d59fe8fad7a211
6be6eb69843d9491e3252444165567da979d77c8ed6a851feabed71dfaecfb2d
96e24bbfb73ca1a88007dfe24139363e996dfd18199b90d0243818f6335f0cb4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0a9c232a8635f93d6b3ba05f73a0e6eebe90cd4167b49807d5961dca1a4507
ac8ea734a33366ef42f62398d95b4a9d912043522cf945405fd691f7aa342fed
c1c9feb604e1dee925c23930de6df62b03fcb3c33523f9a76b68408542dc6802
c94c6def7deddf26f05501fff79d4ef997d139512d2ad2fd9a2a7ff1db529870
d3e76d6738692dcece6b80951105aaf84265e947816b286783ad00564a886d79
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f506b9a14c95111bb1e8e7d06ca6ec5fa5c89288525da3acc2d401da1d920294
f54773094e40fab49c9b4a7acc96c542c4fa8741f401ad2c9f956d021c76fef6
f74e9cf744b459c22993a56b474f4c6ae220c5e9d7140bdfba2d68a9960e081c
fe29125c54106226a84b3b4d3eb9cfc2f16ba26753c8af7bfa6089cc22b3dd36