urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.engage.cellebrite.com/?qs=1ae0e0692fa90600b20806d5fd66984e6562aac18a7f0e58885fddbd96e70f7c65aa39cd2af2e58ba1b8633960a5...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXS...
Submission: On June 22 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6741.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 161.71.96.180 14340 (SALESFORCE)
4 2620:1ec:a92:... 8068 (MICROSOFT...)
20 2a02:26f0:470... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::44 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
7 20.42.65.90 8075 (MICROSOFT...)
35 6
1    161.71.96.180 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: click.engage.cellebrite.com
click.engage.cellebrite.com
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
20    2a02:26f0:4700::210:2c0 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    2a02:26f0:3500:58c::998 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.hubblecontent.osi.office.net
1    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    20.42.65.90 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
22 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10651
cdn.hubblecontent.osi.office.net — Cisco Umbrella Rank: 9013
5 MB
7 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 194
2 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 6741
c.office.com — Cisco Umbrella Rank: 26343
57 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 246
739 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1805
77 KB
1 cellebrite.com
click.engage.cellebrite.com
772 B
35 6
Domain Requested by
20 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
4 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects forms.office.com
2 cdn.hubblecontent.osi.office.net forms.office.com
1 c.bing.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 click.engage.cellebrite.com 1 redirects
35 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
cdn.hubblecontent.osi.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-20 -
2023-09-15		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-06-21 -
2024-06-15		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2023-06-06 -
2024-05-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Frame ID: 5539E83ED5DD40CCD0D2D862329278F6
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forensic 4:cast Awards 2023 - Voting

Page URL History Show full URLs

  1. https://click.engage.cellebrite.com/?qs=1ae0e0692fa90600b20806d5fd66984e6562aac18a7f0e58885fddbd96e70f7c65aa39cd... HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

6
IPs

5
Countries

5176 kB
Transfer

5800 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.engage.cellebrite.com/?qs=1ae0e0692fa90600b20806d5fd66984e6562aac18a7f0e58885fddbd96e70f7c65aa39cd2af2e58ba1b8633960a5f8f3bf9fedfc6a0e4121 HTTP 302
    https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&RedC=c.office.com&MXFR=1F03050B82AC69390321163386AC62A3 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&MUID=1F03050B82AC69390321163386AC62A3

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://click.engage.cellebrite.com/?qs=1ae0e0692fa90600b20806d5fd66984e6562aac18a7f0e58885fddbd96e70f7c65aa39cd2af2e58ba1b8633960a5f8f3bf9fedfc6a0e4121
  • https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_conte...
61 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d077a72e493203c6990a1e871de4e48ef92ea6c1afa652865717dd99c030663
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 22 Jun 2023 18:45:38 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
e4fa57d4-b204-4474-9e40-cad4770ccf64
x-msedge-ref
Ref A: 2C8D13506C6A4185816185439A5EE116 Ref B: AMS231032601017 Ref C: 2023-06-22T18:45:38Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_10
x-officeversion
16.0.16619.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
e4fa57d4-b204-4474-9e40-cad4770ccf64
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.16619.42500
x-routingsessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-usersessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390

Redirect headers

Cache-Control
private
Connection
close
Content-Length
766
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Jun 2023 18:45:38 GMT
Location
https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
ls-response.en-gb.4bb1b153c.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-gb.4bb1b153c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6524f8e8cc449b55a460d15e0116e26a722a13d930b1eadc9b4a1614b6d006db

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
760wTqJgGjd3LdAL2FdEmw==
content-length
9859
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852EF07D99
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8da30dac-601e-001d-0d80-a27013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
dll-dompurify.min.3c32c70.js
cdn.forms.office.net/forms/scripts/dists/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
oxUBT686mhsG6wWk22Bvig==
content-length
6037
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 05:10:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB582757D8EE93
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d2d003bb-d01e-000f-7316-8a440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.min.67c61f3.js
cdn.forms.office.net/forms/scripts/dists/ 		404 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae0afd6a77bfdb77e4d60afe70a8cebe22bb5edc6a892525f6f281f554a6722b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
3K5ot4UuiHpM9Wns3PWzYA==
content-length
113518
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B4F7433
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f66d0981-601e-0052-1e80-a2b40b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
runtimeFormsWithResponses('rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u')
forms.office.com/formapi/api/dcc506ae-4e5e-48f9-92a6-32ee4c18de25/users/5e476d71-aafc-4722-a5ff-7cacc35013d1/light/ 		27 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/dcc506ae-4e5e-48f9-92a6-32ee4c18de25/users/5e476d71-aafc-4722-a5ff-7cacc35013d1/light/runtimeFormsWithResponses('rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
becea5da5f2c91f10b8f2e332b257a7b77747b0c73049176fe68e356e8de9e34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
X-UserSessionId
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
accept-language
en-GB,en;q=0.9
__RequestVerificationToken
p0uZtjnEnx7PFGSSewtSW0eRQLDl9HCpT5zyS6P8lNwiPCrNOAHISacnSTEYlEB2-Znuo9uSyHFsgVfTwlm9e338avMCKh_-DzmJW7nj0VI1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 22 Jun 2023 18:45:38 GMT
x-officeversion
16.0.16619.42500
x-officefe
FormsSingleBox_IN_4
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.16619.42500
x-correlationid
493a9147-7118-4681-8a93-5050641f7eec
x-officecluster
frc-101.forms.office.com
x-usersessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-msedge-ref
Ref A: 7867E92691C04CB7A2A69B1EBAC79B69 Ref B: AMS231032601017 Ref C: 2023-06-22T18:45:38Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
493a9147-7118-4681-8a93-5050641f7eec
x-routingsessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com
light-response-page.chunk.lrp_ext.3832a97.js
cdn.forms.office.net/forms/scripts/dists/ 		0
92 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3832a97.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
ju/xF1myGxcoZDMJ4UydHA==
content-length
93468
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B2117EF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
47e17948-e01e-002e-1380-a2293e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_phishing.30a309f.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.30a309f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
sK8jO8quCGQtqTkfmKrdVg==
content-length
2492
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B250F00
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1016b2fe-c01e-005f-5480-a25b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_saveresponse.21f3a04.js
cdn.forms.office.net/forms/scripts/dists/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.21f3a04.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
+WhQHSKwszYfJjy2ilfq8A==
content-length
7776
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B40A948
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a12f1093-a01e-0044-2c80-a27595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_cover.386432f.js
cdn.forms.office.net/forms/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.386432f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
hilqQi4u+laUYn3D+IJtEQ==
content-length
17147
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B1EF55E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fed61f94-101e-005d-2580-a259fd000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_post.boot.47e092d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.47e092d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
YxB/oS5DG2QjcYKPSgCydg==
content-length
4852
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B25D238
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cf5d74fd-101e-0012-5b80-a29de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_ext.3832a97.js
cdn.forms.office.net/forms/scripts/dists/ 		312 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3832a97.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
780a867ac47e745295bfe6f8c2ac5fa8eea9e5ca57bdd2591e9f2b988ae37790

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
ju/xF1myGxcoZDMJ4UydHA==
content-length
93468
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B2117EF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
47e17948-e01e-002e-1380-a2293e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_phishing.30a309f.js
cdn.forms.office.net/forms/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.30a309f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
38df6861f5b636bc1447a142958467e2b7e5a9d9879bcbd7597e30f9fcef4729

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
sK8jO8quCGQtqTkfmKrdVg==
content-length
2492
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B250F00
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1016b2fe-c01e-005f-5480-a25b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_saveresponse.21f3a04.js
cdn.forms.office.net/forms/scripts/dists/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.21f3a04.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc6dbee8d841ba5286018077097627c21dcaa2235ffc89f4776aabd73a666292

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
+WhQHSKwszYfJjy2ilfq8A==
content-length
7776
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B40A948
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a12f1093-a01e-0044-2c80-a27595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_post.boot.47e092d.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.47e092d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dac852c768abc770578ad3afdcbdc9c5b22238dfade822055aa004f1943e2024

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
YxB/oS5DG2QjcYKPSgCydg==
content-length
4852
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B25D238
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cf5d74fd-101e-0012-5b80-a29de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.lrp_poll.629293a.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.629293a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35511e5b9e511a0be0bd12c7f21d2f69bc0bff86f6f65d25e3ed42ee3dc76bc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
eViY8sdpvxAZGi8Ca4xLdQ==
content-length
4279
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B25AB2D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
663ad06e-301e-000e-3380-a245f2000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.sw.cc78b7e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.cc78b7e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
/bST3o0meRKqWr0QEug+yw==
content-length
587
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B40D055
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b5f93e27-501e-003c-3d80-a21d22000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
large.jpg
cdn.hubblecontent.osi.office.net/videos/publish/75f183eb-a3da-4ec4-931a-da49bad54e82/thumbnails/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hubblecontent.osi.office.net/videos/publish/75f183eb-a3da-4ec4-931a-da49bad54e82/thumbnails/large.jpg
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::998 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
14cb429649e286fef17b27aeede1965c3d8deaf9410d5f98ccfadb036b8331ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-md5
uDojUgrlLrjhhpLECOqOWA==
x-ms-server-encrypted
true
content-disposition
x-region
NorthEurope
content-length
144250
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 08 Sep 2020 22:53:48 GMT
last-modified
Tue, 08 Sep 2020 22:53:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8D8544A0C7DDF44"
access-control-max-age
86400
access-control-allow-methods
GET,POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
e55a1c4b-001e-0062-1c3d-83a747000000
cache-control
max-age=86400
x-ms-version
2021-06-08
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 23 Jun 2023 18:45:39 GMT
light-response-page.chunk.lrp_trial.86cf305.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.86cf305.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
HeuwJIk6JMxY4vmFmW6IiQ==
content-length
16000
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B40D055
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8794fab0-001e-0024-6b80-a230b7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		180 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.47e092d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 18:45:40 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
vary
Accept-Encoding
x-azure-ref
20230622T184540Z-84gskppfhh71t3a3bzx7mvc2ew00000007v0000000003y6s
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
fec74861-901e-0033-71d1-9cc49c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d731798e-101e-003b-240e-78eba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.officebrowserfeedback.39bdf71.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
g077WZtojOm9a9CkyPtrow==
content-length
107103
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 04:56:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB55C9E92A04E9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
26c06687-c01e-0010-15be-879f1f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
content-length
1754
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DAFBC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b8b4828-401e-004e-0dc4-6d6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
light-response-page.chunk.utel.7f886a2.js
cdn.forms.office.net/forms/scripts/dists/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.7f886a2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4af5004ab30ba251b1488dec4045a3f5b34e1437f99b0ae6e029e67178240b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-encoding
br
content-md5
X9FJ5PJFrHz4X2g6u5LxuA==
content-length
7145
x-ms-lease-status
unlocked
last-modified
Mon, 19 Jun 2023 05:22:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB70852B41BA92
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a12ef46a-d01e-004b-1380-a29863000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:39 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&RedC=c.office.com&MXFR=1F03050B82AC69390321163386AC62A3
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&MUID=1F03050B82AC69390321163386AC62A3
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&MUID=1F03050B82AC69390321163386AC62A3
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 18:45:40 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 22 Jun 2023 18:45:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B452705B2454B6B81D6B3033D0AA613 Ref B: FRA31EDGE0808 Ref C: 2023-06-22T18:45:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=4C13AA429ADE44EEA02B051860444927&MUID=1F03050B82AC69390321163386AC62A3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'en-gb'
forms.office.com/formapi/api/dcc506ae-4e5e-48f9-92a6-32ee4c18de25/users/5e476d71-aafc-4722-a5ff-7cacc35013d1/forms('rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u'... 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/dcc506ae-4e5e-48f9-92a6-32ee4c18de25/users/5e476d71-aafc-4722-a5ff-7cacc35013d1/forms('rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u')/localeResource/'en-gb'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3832a97.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
41794b4d-6202-4485-8efd-45cbbb0d6540
x-usersessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-ms-form-request-ring
business
accept-language
en-GB,en;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
x-ms-form-request-source
ms-formweb
__requestverificationtoken
p0uZtjnEnx7PFGSSewtSW0eRQLDl9HCpT5zyS6P8lNwiPCrNOAHISacnSTEYlEB2-Znuo9uSyHFsgVfTwlm9e338avMCKh_-DzmJW7nj0VI1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 22 Jun 2023 18:45:39 GMT
x-officeversion
16.0.16619.42500
x-officefe
FormsSingleBox_IN_4
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.16619.42500
x-correlationid
41794b4d-6202-4485-8efd-45cbbb0d6540
x-officecluster
frc-101.forms.office.com
x-usersessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-msedge-ref
Ref A: 075EFA35FBAE4912A8D8306CBE9B0DC4 Ref B: AMS231032601017 Ref C: 2023-06-22T18:45:39Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
41794b4d-6202-4485-8efd-45cbbb0d6540
x-routingsessionid
8ea2ea7d-7c4c-4ca6-9010-c35d04da2390
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com
997698372.mp4
cdn.hubblecontent.osi.office.net/videos/publish/75f183eb-a3da-4ec4-931a-da49bad54e82/ 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.hubblecontent.osi.office.net/videos/publish/75f183eb-a3da-4ec4-931a-da49bad54e82/997698372.mp4
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::998 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9ba9ff5db6d53f204d90c328c3959876f55c781e9b9db0893f96ab4bbfe380bf

Request headers

Referer
https://forms.office.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:39 GMT
content-md5
P9Llq2xvfwa6wHJlbtNmTA==
x-ms-server-encrypted
true
Content-Range
bytes 0-4455031/4455032
x-region
NorthEurope
Content-Length
4455032
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 25 Jan 2022 23:01:35 GMT
last-modified
Tue, 25 Jan 2022 23:01:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8D9E056A338BAF0"
access-control-max-age
86400
access-control-allow-methods
GET,POST, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
44a3235f-601e-0006-21ae-8b56df000000
cache-control
max-age=86400
x-ms-version
2021-06-08
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 23 Jun 2023 18:45:39 GMT
light-response-page.chunk.1ds.37175a1.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.67c61f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:40 GMT
content-encoding
br
content-md5
PqnFnxXbSt+XKL+eCr6cgw==
content-length
33797
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 04:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB68A25C1B3429
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3d08e40f-901e-0021-1395-9ac4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 21 Jun 2024 18:45:40 GMT
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=rgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_source=sfmc&utm_medium=email&utm_campaign=sf260080&utm_content=ES_GLB_AWR_Forensic-4Cast-Awards-EN1_Q22023_sf260080&utm_term=https%3a%2f%2fforms.office.com%2fpages%2fresponsepage.aspx%3fid%3drgbF3F5O-UiSpjLuTBjeJXFtR178qiJHpf98rMNQE9FUMUdTNUNON0VCNDVUME9ENUpXSEcxN1NTRC4u&utm_id=339671&sfmc_id=2920862&utm_source=sfmc&utm_term=&utm_content=243105&utm_id=e32c5274-ad57-42c0-9cc3-c0324083c691&sfmc_activityid=75652470-8a1a-4d43-a79f-c0fc89add37c&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jun 2023 18:45:40 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 05:53:15 GMT
x-msedge-ref
Ref A: EFCADD3BF11E49BA922F2C7BA1A3D75D Ref B: AMS231032601017 Ref C: 2023-06-22T18:45:40Z
etag
0x8DB721BCE69B936
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
33934d1f-f01e-014a-1660-a4ce36000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 22 Jun 2023 18:45:40 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ea5b5838ff533ff1ae593ccc7b37171ee912cc879ca40485783f7fe23384f13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1687459541650
accept-language
en-GB,en;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 22 Jun 2023 18:45:41 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
530
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 22 Jun 2023 18:45:41 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a5c11c8278c130fcf0005c9bfbc514664f9e09a8895b90d1600bdd94bd5b2fad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1687459542652
accept-language
en-GB,en;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
time-delta-to-apply-millis
530
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 22 Jun 2023 18:45:41 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
204
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 22 Jun 2023 18:45:42 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 22 Jun 2023 18:45:42 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
91b72070cf8f43d2f7fcbb30cbd727c233d5a274b4c69675283bad3b82538765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1687459542758
accept-language
en-GB,en;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 22 Jun 2023 18:45:42 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
218
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
154

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: be47c9ef-f7a7-485e-8a33-27b822d51058
.forms.office.com/ Name: RpsAuthNonce
Value: be47c9ef-f7a7-485e-8a33-27b822d51058
forms.office.com/ Name: __RequestVerificationToken
Value: _g2QbbYwaXzR8Oli_rlcP5RZBXt2-SGEIgUP5olwDRoODn3hi9u-wi-3W2RzQT8FbhOoDMmXu_PGRXcU822rbvGBxYX8StQy8d5KAen3zAE1
.office.com/ Name: MUID
Value: 1F03050B82AC69390321163386AC62A3
.bing.com/ Name: MUID
Value: 1F03050B82AC69390321163386AC62A3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1F03050B82AC69390321163386AC62A3
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
forms.office.com/ Name: ai_session
Value: 2fSInIcjjaFp7GO3gvPq2u|1687459540639|1687459540639
.microsoft.com/ Name: MC1
Value: GUID=ccc369c6af584d5c9525207eff9cc5f8&HASH=ccc3&LV=202306&V=4&LU=1687459542180
.microsoft.com/ Name: MS0
Value: 1ecd184306d94149a87955a1b63ec88a
forms.office.com/ Name: MSFPC
Value: GUID=ccc369c6af584d5c9525207eff9cc5f8&HASH=ccc3&LV=202306&V=4&LU=1687459542180

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
cdn.hubblecontent.osi.office.net
click.engage.cellebrite.com
forms.office.com
js.monitor.azure.com
161.71.96.180
20.42.65.90
2620:1ec:a92::194
2620:1ec:bdf::44
2620:1ec:c11::200
2a02:26f0:3500:58c::998
2a02:26f0:4700::210:2c0
68.219.88.97
14cb429649e286fef17b27aeede1965c3d8deaf9410d5f98ccfadb036b8331ff
1d077a72e493203c6990a1e871de4e48ef92ea6c1afa652865717dd99c030663
35511e5b9e511a0be0bd12c7f21d2f69bc0bff86f6f65d25e3ed42ee3dc76bc5
38df6861f5b636bc1447a142958467e2b7e5a9d9879bcbd7597e30f9fcef4729
4af5004ab30ba251b1488dec4045a3f5b34e1437f99b0ae6e029e67178240b6f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50
6524f8e8cc449b55a460d15e0116e26a722a13d930b1eadc9b4a1614b6d006db
780a867ac47e745295bfe6f8c2ac5fa8eea9e5ca57bdd2591e9f2b988ae37790
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
91b72070cf8f43d2f7fcbb30cbd727c233d5a274b4c69675283bad3b82538765
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba9ff5db6d53f204d90c328c3959876f55c781e9b9db0893f96ab4bbfe380bf
a5c11c8278c130fcf0005c9bfbc514664f9e09a8895b90d1600bdd94bd5b2fad
ae0afd6a77bfdb77e4d60afe70a8cebe22bb5edc6a892525f6f281f554a6722b
bc6dbee8d841ba5286018077097627c21dcaa2235ffc89f4776aabd73a666292
becea5da5f2c91f10b8f2e332b257a7b77747b0c73049176fe68e356e8de9e34
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
dac852c768abc770578ad3afdcbdc9c5b22238dfade822055aa004f1943e2024
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5b5838ff533ff1ae593ccc7b37171ee912cc879ca40485783f7fe23384f13c
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40