urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/Wn5LCQWB2yfYm3Xi9eJ94?domain=t.e2ma.net
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDW...
Submission Tags: falconsandbox
Submission: On November 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 13.107.6.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.117 30031 (MIMECAST-)
1 1 54.208.237.9 14618 (AMAZON-AES)
11 13.107.6.194 8068 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
2 40.77.226.250 8075 (MICROSOFT...)
1 138.91.136.108 8075 (MICROSOFT...)
15 4
2    205.139.111.117 (United States)

ASN30031 (MIMECAST-, US)
protect-us.mimecast.com
1    54.208.237.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-237-9.compute-1.amazonaws.com
t.e2ma.net
11    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az725175.vo.msecnd.net
2    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    138.91.136.108 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
11 forms.office.com forms.office.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 protect-us.mimecast.com 2 redirects
1 browser.pipe.aria.microsoft.com forms.office.com
1 az725175.vo.msecnd.net forms.office.com
1 t.e2ma.net 1 redirects
15 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
GlobalSign Organization Validation CA - SHA256 - G3		 2020-02-19 -
2022-02-19		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Frame ID: C08F455BB8388EF2D419AB6A5C7FDCE1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/Wn5LCQWB2yfYm3Xi9eJ94?domain=t.e2ma.net HTTP 307
    https://protect-us.mimecast.com/redirect/eNpdUl2PmzAQ_CvIz8HYmK9EVZXo2odKbR-uvXtCQmZZCE2MqW2i3lX9711yqdS7F2R... HTTP 307
    https://t.e2ma.net/click/b6axyc/z0a4z1o/nbfp7g HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWU... Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

354 kB
Transfer

1213 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/Wn5LCQWB2yfYm3Xi9eJ94?domain=t.e2ma.net HTTP 307
    https://protect-us.mimecast.com/redirect/eNpdUl2PmzAQ_CvIz8HYmK9EVZXo2odKbR-uvXtCQmZZCE2MqW2i3lX9711yqdS7F2R2Z8a7M_7NHMyB7RhoZ8_cjcOAU6vhuJ_Q6BMHa9iGnS2wndwwh4DjHMJokP4LkRdZmstKCEE9Ukk3DP3YsV2ppEizPNuwYMJX2xGcCbElqXGmo1RbXggueLmWjB9WDnvnUt23vC30ryfgz0Jnz9LuMTWaTxjeE3JecbmkSRZ3JsYxhNnv6qROAv-HqxM4j3CqkxedOrkJ1cnU9nM5kAyuCw8NxNgsXsimUs2lq1ScNXcP3w5SiINKVZOKVEhJbVkQLKAzeUw7xKVKryuTUOvJhkrRYJoMYv-xqalhvebuiHB6uP9MBSAVa9DBix-v0d5of6Rq1WvoYVthUbS6zDssFWCh-3wrVZ7lIEW1LURWrZSpc8TwnSc30O_DRfPBXtia0zDaiXqzswEhxIvnhkID7cMtUr-0Pwjw_fEQ3ePPBX2IeuuiTxN9jQ5Ej-LoI01L7wGeog8jZR_GC7JrpF_sMq2R3Xy5WgFvLfjzF276ta0 HTTP 307
    https://t.e2ma.net/click/b6axyc/z0a4z1o/nbfp7g HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://protect-us.mimecast.com/s/Wn5LCQWB2yfYm3Xi9eJ94?domain=t.e2ma.net
  • https://protect-us.mimecast.com/redirect/eNpdUl2PmzAQ_CvIz8HYmK9EVZXo2odKbR-uvXtCQmZZCE2MqW2i3lX9711yqdS7F2R2Z8a7M_7NHMyB7RhoZ8_cjcOAU6vhuJ_Q6BMHa9iGnS2wndwwh4DjHMJokP4LkRdZmstKCEE9Ukk3DP3YsV2ppEiz...
  • https://t.e2ma.net/click/b6axyc/z0a4z1o/nbfp7g
  • https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fcff931f431c2e22abb9ada2738f152419eeeda53881a4cd44b611e7950d28ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-length
15505
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Thu, 18-Feb-2021 16:44:57 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=2oHiJ0owkxNUptRJRJI-LrLDZzqJnrvo1dmqkBVX77QYEN3LAIR5VUxOnZmy0UzcZMvvEEND7y6jQ8aWEuiDsVl0L7oATa5eCUXLfyqD6oY1; path=/; samesite=none; secure; HttpOnly AADNonce.forms=13b38f2a-2c76-497c-aaeb-27e0da37d043.637413146973228561; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-routingofficecluster
neu-001.forms.office.com usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_6 FormsSingleBox_IN_2
x-routingofficeversion
16.0.13512.36678 16.0.13510.36678
x-routingsessionid
d3908ea6-b7eb-4d00-b7c1-5f8b412accc9 d3908ea6-b7eb-4d00-b7c1-5f8b412accc9
x-routingcorrelationid
c9e90f09-4f24-46b4-9041-6796e34f3cc5 c9e90f09-4f24-46b4-9041-6796e34f3cc5
x-correlationid
c9e90f09-4f24-46b4-9041-6796e34f3cc5
x-usersessionid
d3908ea6-b7eb-4d00-b7c1-5f8b412accc9
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.13510.36678
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-failurereason
MissingCookieOrToken
x-robots-tag
noindex, nofollow
x-aspnet-version
x-powered-by
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-msedge-ref
Ref A: E7CBB43F6BE2450A91499B4D1185326E Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:56Z
date
Wed, 18 Nov 2020 16:44:57 GMT

Redirect headers

Content-Type
text/plain
Date
Wed, 18 Nov 2020 16:44:56 GMT
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Server
Apache
X-Robots-Tag
noindex, nofollow
Content-Length
0
Connection
keep-alive
response-page-customize-fabric-bootstrap.min.css
forms.office.com/css/dist/ 		169 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/response-page-customize-fabric-bootstrap.min.css?v=768c7c0ab9&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
10c6ff757cca529c77ef9dd198babdcab0115baa52652d158a4abceb653331ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
28613
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_5, FormsSingleBox_IN_0
x-routingofficeversion
16.0.13516.36680, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 82509421258443248E3CEC104499DC81 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
date
Wed, 18 Nov 2020 16:44:57 GMT
vary
Accept-Encoding
content-type
text/css
x-routingcorrelationid
a3edccd8-6217-4be4-97e3-89ab3958298c, a3edccd8-6217-4be4-97e3-89ab3958298c
cache-control
max-age=63072000
x-routingsessionid
3234967a-b34a-4b7c-93ea-9ced47c4f8e0, 3234967a-b34a-4b7c-93ea-9ced47c4f8e0
accept-ranges
bytes
x-routingofficecluster
neu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
basics_osi_v3_dcbe987.js
forms.office.com/Scripts/Vendors/combined/ 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/Vendors/combined/basics_osi_v3_dcbe987.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
69a6f5767b0570ac6dca741cd411f512a22a3218b900c982b1e6194e0b87649f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
77796
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_6, FormsSingleBox_IN_3
x-routingofficeversion
16.0.13512.36678, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: F1DCA18144874F17BEB39C1508BFE586 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
date
Wed, 18 Nov 2020 16:44:57 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
1ba11dab-4625-441d-bddc-ad0421730c2d, 1ba11dab-4625-441d-bddc-ad0421730c2d
cache-control
max-age=63072000
x-routingsessionid
19288845-4963-4823-85ea-a50f30ed875f, 19288845-4963-4823-85ea-a50f30ed875f
accept-ranges
bytes
x-routingofficecluster
weu-001.forms.office.com, usge-000.forms.gcc.osi.office365.us
response_v2_e8aff49.js
forms.office.com/Scripts/Vendors/combined/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/Vendors/combined/response_v2_e8aff49.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
241cb87f5148fee15ef5f4020a0963b16e2e9f139aefcffaa2844cd80d5e3e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
20530
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_1
x-routingofficeversion
16.0.13512.36678, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 408467A852DA46F38A93310D174D2D76 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
date
Wed, 18 Nov 2020 16:44:58 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
17f0e281-4768-424e-ae12-dd808e31c86f, 17f0e281-4768-424e-ae12-dd808e31c86f
cache-control
max-age=63072000
x-routingsessionid
c418bee9-de25-44fa-b5a6-5f01b334fe40, c418bee9-de25-44fa-b5a6-5f01b334fe40
accept-ranges
bytes
x-routingofficecluster
weu-001.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
response-page.cachegroup-nerve.min.js
forms.office.com/Scripts/dists/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.cachegroup-nerve.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47219a71ba1ba39625cf1f2a8c126b6e46ce19328afdc095cfede1446aeff909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
14898
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_3
x-routingofficeversion
16.0.13516.36680, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: AA7588D5EB654AE5B2DA084483E600A9 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
date
Wed, 18 Nov 2020 16:44:57 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
6fa90be9-ecae-4e3e-a773-66351a1cb0c8, 6fa90be9-ecae-4e3e-a773-66351a1cb0c8
cache-control
max-age=63072000
x-routingsessionid
5a0a1236-31ae-47e5-a809-0e46169b7918, 5a0a1236-31ae-47e5-a809-0e46169b7918
accept-ranges
bytes
x-routingofficecluster
neu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
response-page.min.js
forms.office.com/Scripts/dists/ 		482 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfe5598125e84ac069a910b134b901ee5fcfbde44ab87be5014709bd22dce01c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
132135
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_1, FormsSingleBox_IN_2
x-routingofficeversion
16.0.13512.36678, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 3883B7BF410D4F8BAAAF77C3C6724480 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
date
Wed, 18 Nov 2020 16:44:57 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
5e9ccc7d-4b1d-4581-af57-7c35e33b921c, 5e9ccc7d-4b1d-4581-af57-7c35e33b921c
cache-control
max-age=63072000
x-routingsessionid
ce50a952-8cc5-48f9-a211-401679f80405, ce50a952-8cc5-48f9-a211-401679f80405
accept-ranges
bytes
x-routingofficecluster
weu-001.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7E) /
Resource Hash
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 18 Nov 2020 16:44:58 GMT
content-encoding
gzip
content-md5
rYVFtUp9d7HvDgKvthWhBw==
age
1293
x-cache
HIT
status
200
content-length
18415
x-ms-lease-status
unlocked
last-modified
Thu, 12 Nov 2020 19:39:26 GMT
server
ECAcc (mil/6C7E)
etag
0x8D88742AA533F08
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
x-ms-request-id
a2ec99db-901e-0020-25c7-bda3e7000000
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
runtimeForms('zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u')
forms.office.com/formapi/api/270992cd-9003-4971-84de-d1640c0bffc5/users/c9611935-3d76-4ed6-8725-22864812cb85/light/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/270992cd-9003-4971-84de-d1640c0bffc5/users/c9611935-3d76-4ed6-8725-22864812cb85/light/runtimeForms('zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3663f1dd6b2c98680977404ca1d7f471a442b99ad227628fdb7e67d95e50a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
X-UserSessionId
d3908ea6-b7eb-4d00-b7c1-5f8b412accc9
__RequestVerificationToken
_4EtIaPqQIR-uyPVBbf8QMSEuAHYBYwSkOqv_HHPwDiCbd_YmU0uPiq_ypwIjLu0PhnkJ0R3U-nwE18dc9Eibov9X8egVrntQGkXpkSVtIQ1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
x-officeversion
16.0.13510.36678
x-officefe
FormsSingleBox_IN_1, FormsSingleBox_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
1998
x-routingofficefe
FormsSingleBox_IN_0, FormsSingleBox_IN_2
pragma
no-cache
x-routingofficeversion
16.0.13516.36680, 16.0.13510.36678
x-correlationid
a274e41a-1193-4229-bba1-ad84f0c654c9
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
d3908ea6-b7eb-4d00-b7c1-5f8b412accc9
x-powered-by
date
Wed, 18 Nov 2020 16:44:57 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a274e41a-1193-4229-bba1-ad84f0c654c9, a274e41a-1193-4229-bba1-ad84f0c654c9
cache-control
no-cache
x-failurereason
MissingCookieOrToken
x-routingsessionid
d3908ea6-b7eb-4d00-b7c1-5f8b412accc9, d3908ea6-b7eb-4d00-b7c1-5f8b412accc9
x-msedge-ref
Ref A: 8B51BE0F5D164B6385BD9F33598BDC0A Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:57Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-000.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
expires
-1
response-page.chunk.postsubmit.756f009.js
forms.office.com/Scripts/dists/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.chunk.postsubmit.756f009.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
7469
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_0, FormsSingleBox_IN_3
x-routingofficeversion
16.0.13512.36678, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 97288581A3BE4840A0D054EA09B60F0A Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:58Z
date
Wed, 18 Nov 2020 16:44:58 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
6c47d309-df4c-41ff-801a-c004b4c5e8a4, 6c47d309-df4c-41ff-801a-c004b4c5e8a4
cache-control
max-age=63072000
x-routingsessionid
c815f239-6ae4-4fad-ba88-0adf50bcbbd8, c815f239-6ae4-4fad-ba88-0adf50bcbbd8
accept-ranges
bytes
x-routingofficecluster
weu-001.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
response-page.chunk.quiz.f58f0c0.js
forms.office.com/Scripts/dists/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.chunk.quiz.f58f0c0.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
940
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_0
x-routingofficeversion
16.0.13512.36678, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 692798E4AFB24AADB62F850544760936 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:58Z
date
Wed, 18 Nov 2020 16:44:58 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
1a718b2c-4d9f-4518-9ae7-2134c0149278, 1a718b2c-4d9f-4518-9ae7-2134c0149278
cache-control
max-age=63072000
x-routingsessionid
21d5e721-084d-4703-bb7f-11dcc696e549, 21d5e721-084d-4703-bb7f-11dcc696e549
accept-ranges
bytes
x-routingofficecluster
weu-001.forms.office.com, usge-000.forms.gcc.osi.office365.us
response-page.chunk.json_intelligence_useractionsignals.8668d82.js
forms.office.com/Scripts/dists/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.chunk.json_intelligence_useractionsignals.8668d82.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9418fb933f885917a278ff9883baebc5145989ec18ff9760173c9ff35d42f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
1953
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_9, FormsSingleBox_IN_2
x-routingofficeversion
16.0.13516.36680, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: 31DAB5866FAF4C3388FC4629C5E21EC5 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:58Z
date
Wed, 18 Nov 2020 16:44:58 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
6391ae4c-c480-4801-bf45-1ed18291480d, 6391ae4c-c480-4801-bf45-1ed18291480d
cache-control
max-age=63072000
x-routingsessionid
d899b5f6-695d-4fbe-89d2-80331de1cf86, d899b5f6-695d-4fbe-89d2-80331de1cf86
accept-ranges
bytes
x-routingofficecluster
weu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
aria_odata_831dd67.js
forms.office.com/Scripts/Vendors/combined/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=768c7c0ab9&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
798430e4137a24a3797cf661424f895b5dfdeb1907fc86ef7f14522cd7e556f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
status
200
content-length
35989
etag
"0ffd6de10b7d61:0"
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_3
x-routingofficeversion
16.0.13516.36680, 16.0.13510.36678
last-modified
Tue, 10 Nov 2020 03:23:34 GMT
x-msedge-ref
Ref A: B69A35F9705E44579B839657F919FCD0 Ref B: VIEEDGE2707 Ref C: 2020-11-18T16:44:58Z
date
Wed, 18 Nov 2020 16:44:58 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
f90af2d4-c5b6-421a-b6cf-08d3da7581c6, f90af2d4-c5b6-421a-b6cf-08d3da7581c6
cache-control
max-age=63072000
x-routingsessionid
77b34990-6b20-4c50-8854-f3f5aff3dccb, 77b34990-6b20-4c50-8854-f3f5aff3dccb
accept-ranges
bytes
x-routingofficecluster
weu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272020-11-18T16%3A44%3A58.474Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%275f16fd33-6336-4c2a-a89e-ad984bc70b74%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DzZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Microsoft%20Forms%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42a3df8d8f98b426e1f316ae2228c5b20ad6df04ae2f97dac63f0bb6fd8b5eb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Nov 2020 16:44:57 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
L5+N19bibUOc6QIYc0w2lg.0
Content-Type
application/javascript
Content-Length
281
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D4f1d709d76244f859ace87ceb587d658%26HASH%3D4f1d%26LV%3D202011%26V%3D4%26LU%3D1605717898647%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984&client-time-epoch-millis=1605717901002&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.91.136.108 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=zZIJJwOQcUmE3tFkDAv_xTUZYcl2PdZOhyUihkgSy4VUQkpWUFFaOFNaWDc5VU1HVFVDWkVTMFFOQS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 18 Nov 2020 16:45:01 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
640
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo function| setPublicPath function| replaceChunkSrc object| FormPrefetchCache function| $ function| jQuery function| _ object| React object| ReactDOM object| linkify function| Picker object| webpackJsonp object| Forms object| FormsPro function| jsllloaded object| awa string| behaviorKey function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore

4 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: AADNonce.forms
Value: 13b38f2a-2c76-497c-aaeb-27e0da37d043.637413146973228561
forms.office.com/ Name: MSFPC
Value: GUID=4f1d709d76244f859ace87ceb587d658&HASH=4f1d&LV=202011&V=4&LU=1605717898647
forms.office.com/ Name: __RequestVerificationToken
Value: 2oHiJ0owkxNUptRJRJI-LrLDZzqJnrvo1dmqkBVX77QYEN3LAIR5VUxOnZmy0UzcZMvvEEND7y6jQ8aWEuiDsVl0L7oATa5eCUXLfyqD6oY1
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

16 Console Messages

Source Level URL
Text
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
deferred
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
utils
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
xml
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
odata
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
odatautils
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
handler
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
metadata
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
net
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
json
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
batch
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
store
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
dom
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
indexeddb
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
memory
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
cache
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_831dd67.js?ring=UsGovGccProduction(Line 24)
Message:
source

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff