urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQ...
Submission Tags: falconsandbox
Submission: On September 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2602.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on September 29th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2001:489a:220... 8070 (MICROSOFT...)
4 20.189.173.13 8075 (MICROSOFT...)
27 5
20    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2001:489a:2206:20::2a (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
4    20.189.173.13 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
22 office.com
forms.office.com — Cisco Umbrella Rank: 2602
c.office.com — Cisco Umbrella Rank: 21302
477 KB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 77
871 B
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 97519
128 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 225
770 B
27 4
Domain Requested by
20 forms.office.com forms.office.com
4 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
1 lists.gcc.osi.office365.us
1 c.bing.com 1 redirects
27 5

This site contains links to these domains. Also see Links.

Domain
icentral.technology.ca.gov
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-09-29 -
2025-09-24		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2024-09-05 -
2025-09-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-14 -
2025-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Frame ID: D7BB3259DE7A2A828D6CC95DBA142ED5
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cal-Secure Immediate Actions Survey 2024 (Seite 1 von 7)

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

27
Requests

93 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

606 kB
Transfer

1863 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&RedC=c.office.com&MXFR=02DAAF43026167963F9EBA4906616C4B HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&MUID=02DAAF43026167963F9EBA4906616C4B

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
247954b0e8d14b45078892d92a0cdb2b9f0ebebe3a0224e58363e0364b356d03
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-cc7acb9e-883b-41c5-b6cf-909bb054b670' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-cc7acb9e-883b-41c5-b6cf-909bb054b670' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 21:10:45 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-GCC" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
783acc9d-c747-4732-9285-d06e775668ba
x-msedge-ref
Ref A: 5B0495723AB449228ED70AB1628CE2F5 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.18117.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
783acc9d-c747-4732-9285-d06e775668ba
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.18123.42051
x-routingsessionid
4ed97608-846c-431d-9eb3-247f900a4176
x-usersessionid
4ed97608-846c-431d-9eb3-247f900a4176
ls-response.de.b1b81dc18.js
forms.office.com/gcc/cdn/scripts/dists/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.b1b81dc18.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ba9a9981b458c894d5972ab7356dd136551a0f5587f4cdea2bb462ad5e647af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30D81ECCE3
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 3E816E7BEAB6482B84DAF7DAF10B3638 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
2ececf49-501e-0004-1f21-0e0b6f000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:35:52 GMT
x-ms-blob-type
BlockBlob
dll-dompurify.min.df1eebc.js
forms.office.com/gcc/cdn/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.df1eebc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7440c1475be1a61688c1af01710779c6a6c6bc630f7539525091989001c00626

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A5E3311B
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 54300D8113744C99A0F9CA666B1D4123 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
ca14ac04-801e-002d-7c30-10bc52000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:27 GMT
x-ms-blob-type
BlockBlob
light-response-page.min.a9b8a07.js
forms.office.com/gcc/cdn/scripts/dists/ 		482 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a31a2754a5b5f1484b2ae3a6ce617f496b05014e734301fee6419d3824cbfa86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7F6CEBB
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 95E833FFCD384D8184368ADD4BB3851B Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
6c66271e-501e-008e-421e-0e7033000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
runtimeFormsWithResponses('5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u')
forms.office.com/formapi/api/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/users/f6adfaea-1841-46ff-b194-52a089acb18d/light/ 		120 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/users/f6adfaea-1841-46ff-b194-52a089acb18d/light/runtimeFormsWithResponses('5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96e3b191e1632954e9f4b91f7c24b4b5170349f6ecf7e9687a2799bfca4da189
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

X-UserSessionId
4ed97608-846c-431d-9eb3-247f900a4176
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
__RequestVerificationToken
BiwEbsMagMi48turgjY-xr2jdPHE740dGmOHcMAZLEKS8rrg0g_6SeVprs5YAREMuOxzdwa_f4KA61np8gKB_HnBejXygEiKIEjqQiExPqU1

Response headers

x-officefe
FormsSingleBox_IN_2
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
4ed97608-846c-431d-9eb3-247f900a4176
x-routingcorrelationid
9f07f239-7c04-466e-9bc8-c6fcf6098e32
x-usersessionid
4ed97608-846c-431d-9eb3-247f900a4176
x-cache
CONFIG_NOCACHE
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 2FE2CB73376846FA9A6A28524907703D Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_1
x-routingofficeversion
16.0.18123.42051, 16.0.18117.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18117.42500
x-correlationid
9f07f239-7c04-466e-9bc8-c6fcf6098e32
light-response-page.chunk.lrp_ext.bb91a17.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.bb91a17.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E0B1E7
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 1B3D5C38AE87402AB7785801910CE110 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
fbd78d2f-c01e-00a9-031e-0eea7a000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.a740c6f.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.a740c6f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E32295
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: AB109662454B4540A13CC04577E11975 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
252c4213-501e-0042-4f1e-0e1486000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_cover.2047a94.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.2047a94.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30D5A71D06
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: A36689534F83456B9D3B1594B3933AAC Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
f793ebbf-801e-004a-5b1e-0e25e7000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:35:48 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.62c5f9f.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.62c5f9f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E10000
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 42205AE770734D588229AE72CD67AAFB Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
8b065084-201e-0002-2ac0-103d68000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
favicon.ico
forms.office.com/gcc/cdn/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCD839C8489F0B
x-msedge-ref
Ref A: AEC1CC79531E4051A2579B4147C6E484 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
e585db51-301e-0060-76a4-0dfaf7000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
7886
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
image/x-icon
last-modified
Wed, 18 Sep 2024 23:29:46 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_ext.bb91a17.js
forms.office.com/gcc/cdn/scripts/dists/ 		378 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.bb91a17.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
601020056a9e612c9bb8eba865dbd0de7fe87f647c60729358a6a5cc29c8374f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E0B1E7
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 1B3D5C38AE87402AB7785801910CE110 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
fbd78d2f-c01e-00a9-031e-0eea7a000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.themes.59e316f.js
forms.office.com/gcc/cdn/scripts/dists/ 		309 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.themes.59e316f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
61c42db38152cc57441ed52c79ac7a4b8be9444bb9a7a57806b1f6fe87707064

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCD839DF892115
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 95010137514A4DEDA399C256C7ACE96F Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
90326682-901e-001b-7ab3-0db86b000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 23:30:25 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_saveresponse.a740c6f.js
forms.office.com/gcc/cdn/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.a740c6f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8965e422c77958c85b1f9fd0a84037ebb87a9b1859ba0bf885d381195882ca5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E32295
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: AB109662454B4540A13CC04577E11975 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
252c4213-501e-0042-4f1e-0e1486000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.lrp_post.boot.62c5f9f.js
forms.office.com/gcc/cdn/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.62c5f9f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4962ba0b9c88adf0a40f3a9721323fdf9251bf635920b03b38b1056a82c57f6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7E10000
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 42205AE770734D588229AE72CD67AAFB Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:46Z
x-ms-request-id
8b065084-201e-0002-2ac0-103d68000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:45 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
wave-pattern-v1.svg
forms.office.com/gcc/cdn/images/aio/ 		2 KB
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCD839C5FB5351
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 7DA2E07465624A7EB96969FE27678501 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
69d9fac2-d01e-0035-2f98-0dea7c000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Sep 2024 23:29:42 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.sw.9c1bfed.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCD839AF619353
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: BD996B575EA8480B8994E06058077166 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
298bc675-001e-005a-7f93-0d3913000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 23:29:04 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.1ds.4815435.js
forms.office.com/gcc/cdn/scripts/dists/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCDC30A7DEB667
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 415F72F3DBDE49B5A29A805431F6BE1E Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
3e18f88d-b01e-0025-41b0-10a721000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 00:34:31 GMT
x-ms-blob-type
BlockBlob
light-response-page.chunk.utel.fd3fff3.js
forms.office.com/gcc/cdn/scripts/dists/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.fd3fff3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.a9b8a07.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7b70755dbc25de8a9aadeb51ca50996a2d6ce46a8ac48196fd62f362ec8cdb3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DCD839AF6340C9
x-ms-lease-status
unlocked
x-msedge-ref
Ref A: 86C6D3F0B3504AE99F7B839041E0CA17 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
055a5c32-901e-0039-2f93-0d7f36000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 23:29:04 GMT
x-ms-blob-type
BlockBlob
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&RedC=c.office.com&MXFR=02DAAF43026167963F9EBA4906616C4B
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&MUID=02DAAF43026167963F9EBA4906616C4B
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&MUID=02DAAF43026167963F9EBA4906616C4B
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"bb391b5d70eeda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 30 Sep 2024 21:10:47 GMT
content-type
image/gif
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=C93FD96202144A55A2E313E4E6F9D19B&MUID=02DAAF43026167963F9EBA4906616C4B
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C4D84D151C4485A84188B97970D7D91 Ref B: FRAEDGE1210 Ref C: 2024-09-30T21:10:47Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 30 Sep 2024 21:10:47 GMT
x-powered-by
ASP.NET
e4b7fe64-2d6f-4c2d-ae0f-e45b929f4387
lists.gcc.osi.office365.us/Images/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/f6adfaea-1841-46ff-b194-52a089acb18d/T78FJAUPVXW2XGWSKGBA3MDWTU/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/f6adfaea-1841-46ff-b194-52a089acb18d/T78FJAUPVXW2XGWSKGBA3MDWTU/e4b7fe64-2d6f-4c2d-ae0f-e45b929f4387
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::2a Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45cf62fcf11ba00ab4c86cc93218d2c8019a247808c39ed2a2977f08c207c1ff
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_1
x-routingsessionid
58093d5a-159d-4868-874b-3e07788b76d1
x-routingofficeversion
16.0.18113.42104
x-routingcorrelationid
55303c82-f880-4f47-ba15-ef43d4f264ea
x-officecluster
usgsw-000.lists.gcc.osi.office365.us
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
date
Mon, 30 Sep 2024 21:10:48 GMT
content-type
image/png
x-usersessionid
58093d5a-159d-4868-874b-3e07788b76d1
x-officeversion
16.0.18113.42104
x-officefe
CollabDBReverseProxyWithMappingService_IN_2
'de'
forms.office.com/formapi/api/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/users/f6adfaea-1841-46ff-b194-52a089acb18d/forms('5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u'... 		2 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/52b26be4-7f5d-4e1c-baed-8cf75b7570d5/users/f6adfaea-1841-46ff-b194-52a089acb18d/forms('5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.bb91a17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

authorization
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u
x-ms-form-request-ring
gcc
__requestverificationtoken
BiwEbsMagMi48turgjY-xr2jdPHE740dGmOHcMAZLEKS8rrg0g_6SeVprs5YAREMuOxzdwa_f4KA61np8gKB_HnBejXygEiKIEjqQiExPqU1
x-ms-form-request-source
ms-formweb
x-usersessionid
4ed97608-846c-431d-9eb3-247f900a4176
odata-maxverion
4.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/json
odata-version
4.0
x-correlationid
c0e0ef12-eb20-4ff6-8cc0-2233ea3fbd48

Response headers

x-officefe
FormsSingleBox_IN_2
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
4ed97608-846c-431d-9eb3-247f900a4176
x-routingcorrelationid
c0e0ef12-eb20-4ff6-8cc0-2233ea3fbd48
x-usersessionid
4ed97608-846c-431d-9eb3-247f900a4176
x-cache
CONFIG_NOCACHE
date
Mon, 30 Sep 2024 21:10:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 42007EF388F549D0AFCD3982A4068C01 Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-routingofficefe
FormsSingleBox_IN_1, FormsSingleBox_IN_0
x-routingofficeversion
16.0.18123.42051, 16.0.18117.42500
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
x-officeversion
16.0.18117.42500
x-correlationid
c0e0ef12-eb20-4ff6-8cc0-2233ea3fbd48
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=5GuyUl1_HE667Yz3W3Vw1er6rfZBGP9GsZRSoImssY1UNzhGSkFVUFZYVzJYR1dTS0dCQTNNRFdUVS4u

Response headers

cache-control
max-age=31536000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCDC308D809897
x-msedge-ref
Ref A: 17EF9457F30E4E03AF96B2837CD30B1C Ref B: AMS231032605029 Ref C: 2024-09-30T21:10:47Z
x-ms-request-id
589fafe4-201e-00a8-42e6-0feb87000000
x-cid
7
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
5895
date
Mon, 30 Sep 2024 21:10:46 GMT
content-type
image/png
last-modified
Tue, 24 Sep 2024 00:33:47 GMT
x-ms-blob-type
BlockBlob
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.13 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1727730648284
time-delta-to-apply-millis
use-collector-delta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
25
date
Mon, 30 Sep 2024 21:10:49 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1456
access-control-allow-headers
time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.13 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Mon, 30 Sep 2024 21:10:48 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.13 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Mon, 30 Sep 2024 21:10:49 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.189.173.13 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
702031823c5e0f63100794200fb8ed009b628d5dc0d1e3c8fa7355e2769c0d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1727730649777
time-delta-to-apply-millis
use-collector-delta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
154
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date
Mon, 30 Sep 2024 21:10:49 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
245
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_4ce7410a16ea8d4708eb object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 01062fca-3672-4d84-b3f6-5d37eb5d542b
forms.office.com/ Name: __RequestVerificationToken
Value: x3joID6Qi6-roPzaxLuMe9akOUZxkG1Vrse6mnFzfYL3ISSyxnr_sNdZsGW7mrKiFpq7Lp3lmnBp8DOBSsWEQg_7lV7mmJMATDX6wIBufnU1
.office.com/ Name: MUID
Value: 02DAAF43026167963F9EBA4906616C4B
.bing.com/ Name: MUID
Value: 02DAAF43026167963F9EBA4906616C4B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 02DAAF43026167963F9EBA4906616C4B
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=0e8f0181711a44b48bb8a419065f640d&HASH=0e8f&LV=202409&V=4&LU=1727730650022
.microsoft.com/ Name: MS0
Value: f8f54fdfc1ab496fb33232608b2b3963

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-cc7acb9e-883b-41c5-b6cf-909bb054b670' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';require-trusted-types-for 'script';report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
lists.gcc.osi.office365.us
browser.events.data.microsoft.com
13.74.129.1
20.189.173.13
2001:489a:2206:20::2a
2620:1ec:a92::194
2620:1ec:c11::237
247954b0e8d14b45078892d92a0cdb2b9f0ebebe3a0224e58363e0364b356d03
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51
3ba9a9981b458c894d5972ab7356dd136551a0f5587f4cdea2bb462ad5e647af
45cf62fcf11ba00ab4c86cc93218d2c8019a247808c39ed2a2977f08c207c1ff
4962ba0b9c88adf0a40f3a9721323fdf9251bf635920b03b38b1056a82c57f6f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c
601020056a9e612c9bb8eba865dbd0de7fe87f647c60729358a6a5cc29c8374f
61c42db38152cc57441ed52c79ac7a4b8be9444bb9a7a57806b1f6fe87707064
702031823c5e0f63100794200fb8ed009b628d5dc0d1e3c8fa7355e2769c0d1a
7440c1475be1a61688c1af01710779c6a6c6bc630f7539525091989001c00626
7b70755dbc25de8a9aadeb51ca50996a2d6ce46a8ac48196fd62f362ec8cdb3e
96e3b191e1632954e9f4b91f7c24b4b5170349f6ecf7e9687a2799bfca4da189
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a31a2754a5b5f1484b2ae3a6ce617f496b05014e734301fee6419d3824cbfa86
a8965e422c77958c85b1f9fd0a84037ebb87a9b1859ba0bf885d381195882ca5
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1