urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
52.109.76.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://iltil.com/offc.htm
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaT...
Submission: On September 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 52.109.76.19, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is forms.office.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on December 19th 2017. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 173.208.194.194 32097 (WII-KC)
9 52.109.76.19 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
2 64.4.54.254 8075 (MICROSOFT...)
2 52.114.76.34 8075 (MICROSOFT...)
1 2.18.232.116 16625 (AKAMAI-AS)
16 6
1    173.208.194.194 (Kansas City, United States)

ASN32097 (WII-KC - WholeSale Internet, Inc., US)
PTR: sln.crystalregistry.com
iltil.com
9    52.109.76.19 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
forms.office.com
1    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az725175.vo.msecnd.net
2    64.4.54.254 (Cheyenne, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com
2    52.114.76.34 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com
1    2.18.232.116 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-116.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
Domain Requested by
9 forms.office.com forms.office.com
2 browser.pipe.aria.microsoft.com forms.office.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
1 static2.sharepointonline.com
1 az725175.vo.msecnd.net forms.office.com
1 iltil.com
16 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
iltil.com
Let's Encrypt Authority X3		 2018-08-22 -
2018-11-20		 3 months crt.sh
forms.office.com
Microsoft IT TLS CA 1		 2017-12-19 -
2019-12-19		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.vortex.data.microsoft.com
Microsoft IT TLS CA 5		 2018-01-30 -
2020-01-30		 2 years crt.sh
*.pipe.aria.microsoft.com
Microsoft IT TLS CA 1		 2017-09-06 -
2019-09-06		 2 years crt.sh
*.sharepointonline.com
Microsoft IT TLS CA 2		 2017-11-03 -
2019-11-03		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Frame ID: 10DA6502B278F6EB4A57A2EA17FFFCB5
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://iltil.com/offc.htm Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
  • env /^React$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

561 kB
Transfer

1987 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iltil.com/offc.htm Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
offc.htm
iltil.com/ 		177 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iltil.com/offc.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.208.194.194 Kansas City, United States, ASN32097 (WII-KC - WholeSale Internet, Inc., US),
Reverse DNS
sln.crystalregistry.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
iltil.com
:scheme
https
:path
/offc.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 27 Sep 2018 01:30:37 GMT
server
Apache
last-modified
Mon, 24 Sep 2018 17:50:01 GMT
accept-ranges
bytes
content-length
177
content-type
text/html
Primary Request Cookie set ResponsePage.aspx
forms.office.com/Pages/ 		10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7b5ac208c58ef1bbac1415ebfde89d41abaa2a752f09450b4b06c0a67941fec8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
forms.office.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://iltil.com/offc.htm
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://iltil.com/offc.htm

Response headers

Cache-Control
private
Content-Length
4349
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-RoutingOfficeCluster
neu-000.forms.office.com
X-RoutingOfficeFE
FormsSingleBox_IN_10
X-RoutingOfficeVersion
16.0.10918.36680
X-RoutingSessionId
6991c87f-910a-43d4-a078-d324f3e527ba
X-RoutingCorrelationId
4a593c09-095b-4c51-8a78-d271f297c170
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Set-Cookie
DcLcid=ui=1033&data=1033; expires=Thu, 27-Dec-2018 01:30:37 GMT; path=/; secure; HttpOnly __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; path=/; secure; HttpOnly AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364; domain=forms.office.com; path=/; secure; HttpOnly
X-CorrelationId
4a593c09-095b-4c51-8a78-d271f297c170
X-UserSessionId
6991c87f-910a-43d4-a078-d324f3e527ba
X-OfficeFE
FormsSingleBox_IN_10
X-OfficeVersion
16.0.10918.36680
X-OfficeCluster
neu-000.forms.office.com
X-FailureReason
MissingCookieOrToken
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Content-Type-Options
nosniff
Date
Thu, 27 Sep 2018 01:30:37 GMT
bootstrap.min.css
forms.office.com/css/vendors/bootstrap/3.3.5/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/vendors/bootstrap/3.3.5/bootstrap.min.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
19742
X-RoutingOfficeFE
FormsSingleBox_IN_10
X-RoutingOfficeVersion
16.0.10918.36680
Last-Modified
Wed, 19 Sep 2018 04:47:10 GMT
Server
Microsoft-IIS/8.5
ETag
"09b29d3d34fd41:0"
Vary
Accept-Encoding
Content-Type
text/css
X-RoutingCorrelationId
b384de17-be8a-4c18-96c8-905a4814a404
Cache-Control
max-age=63072000
X-RoutingSessionId
f268f6d3-d991-4a3f-b6d0-9c36145d346d
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
response-page.min.css
forms.office.com/css/dist/ 		331 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/response-page.min.css?v=ca968905fe
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d64c936302de6f7f101ae1484214647a22681da06176db6b39bc1f76ff49744e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
39128
X-RoutingOfficeFE
FormsSingleBox_IN_10
X-RoutingOfficeVersion
16.0.10918.36680
Last-Modified
Wed, 19 Sep 2018 04:47:16 GMT
Server
Microsoft-IIS/8.5
ETag
"022bdd6d34fd41:0"
Vary
Accept-Encoding
Content-Type
text/css
X-RoutingCorrelationId
ad61e3e7-5a1a-468d-9df4-00f81c38d511
Cache-Control
max-age=63072000
X-RoutingSessionId
993070f7-49b6-4f6d-8a76-3f5092330afb
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
basics_99f4a98.js
forms.office.com/Scripts/Vendors/combined/ 		367 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2de10087a5600df93eb567fd1eb86f223bfc6016d9d857a7464b0cec09d148cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
115386
X-RoutingOfficeFE
FormsSingleBox_IN_10
X-RoutingOfficeVersion
16.0.10918.36680
Last-Modified
Wed, 19 Sep 2018 04:47:16 GMT
Server
Microsoft-IIS/8.5
ETag
"022bdd6d34fd41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-RoutingCorrelationId
16b36571-bf04-4e8a-ac27-9d3962e62f0a
Cache-Control
max-age=63072000
X-RoutingSessionId
c8880bfb-5cba-4659-9cf7-a4d1e6480c20
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F78) /
Resource Hash
d0378cae08b13606e0398c8875b1d778b748bdf279e8f8bfba0ef58acb0d8475

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 27 Sep 2018 01:30:37 GMT
content-encoding
gzip
content-md5
R79x+5TI5AcZ7bvrUlWAvA==
x-cache
HIT
status
200
content-length
17645
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2018 19:12:22 GMT
server
ECAcc (frc/8F78)
etag
0x8D57E1607A22014
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
ffcea2c1-501e-003d-04ff-557a0d000000
cache-control
public, max-age=1800
x-ms-version
2009-09-19
response-page.min.js
forms.office.com/Scripts/dists/ 		772 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/response-page.min.js?v=ca968905fe
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
858cbcf332cd044bb9af4d53ae37fcc5f44d3dcc22148a1b34daed60e0f335a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
168234
X-RoutingOfficeFE
FormsSingleBox_IN_5
X-RoutingOfficeVersion
16.0.10918.36680
Last-Modified
Wed, 19 Sep 2018 04:47:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0c85ad4d34fd41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-RoutingCorrelationId
53d8d7e2-59d6-48c4-8408-884b1e7ce093
Cache-Control
max-age=63072000
X-RoutingSessionId
7d32cad4-c413-48b2-b988-c73389fa04d0
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
t.js
web.vortex.data.microsoft.com/collect/v1/ 		260 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272018-09-27T01%3A30%3A37.672Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%2747b35fd7-828c-4517-9cf0-5446ff83456b%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DwAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u%27&-referrerUri=%27https%3A%2F%2Filtil.com%2Foffc.htm%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Fill%20%7C%20OneDrive%20Address%20Book%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.6%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
a236eeca8a7bc8662e5651139213e22e347306d7ddf2891230fd90da75212c53
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 01:30:38 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
a2vlMB95e06U6LpevrYXrA.0
Content-Type
application/javascript
Content-Length
260
Expires
0
runtimeForms('wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u')
forms.office.com/formapi/api/150402c0-2113-4976-b642-a6df543c2b56/users/f777354b-a437-41c6-af92-5f7789c65ab4/light/ 		49 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/150402c0-2113-4976-b642-a6df543c2b56/users/f777354b-a437-41c6-af92-5f7789c65ab4/light/runtimeForms('wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u')?$select=id,title,modifiedDate,description,settings,background,otherInfo,questions,logo,category,predefinedResponses,privacyStatement,thankYouMessage&$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ffc559486b04db6816aa60130dccb48c3085fa65c892724608d486a7ba5f284
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

x-ms-form-request-source
ms-formweb
Pragma
no-cache
Accept-Encoding
gzip, deflate
X-CorrelationId
29b6f44f-628f-47c4-8146-41feca2105fc
Host
forms.office.com
x-ms-form-request-ring
business
Authorization
Accept
application/json
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
__RequestVerificationToken
gWCPmIFTbIZTPROc3cEJoPbqCrhQ9BE0_7vTwMjjTdYNS-PtE6yuVVm3MUZ3S8W1CsYoWiwv3U5tOEeVt5jjzc6V80o1
OData-MaxVersion
4.0
x-ms-form-request-source
ms-formweb
X-CorrelationId
29b6f44f-628f-47c4-8146-41feca2105fc
x-ms-form-request-ring
business
Authorization
Accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
__RequestVerificationToken
gWCPmIFTbIZTPROc3cEJoPbqCrhQ9BE0_7vTwMjjTdYNS-PtE6yuVVm3MUZ3S8W1CsYoWiwv3U5tOEeVt5jjzc6V80o1
OData-MaxVersion
4.0

Response headers

Date
Thu, 27 Sep 2018 01:30:39 GMT
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-OfficeVersion
16.0.10918.36680
X-OfficeFE
FormsSingleBox_IN_10
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Server
Microsoft-IIS/8.5
Content-Length
49
X-RoutingOfficeFE
FormsSingleBox_IN_10
Pragma
no-cache
X-RoutingOfficeVersion
16.0.10918.36680
X-CorrelationId
29b6f44f-628f-47c4-8146-41feca2105fc
X-OfficeCluster
neu-000.forms.office.com
X-UserSessionId
5e2aa761-a41f-49b9-8999-124eb1f758a2
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
X-RoutingCorrelationId
29b6f44f-628f-47c4-8146-41feca2105fc
Cache-Control
no-cache
X-FailureReason
MissingCookieOrToken
X-RoutingSessionId
5e2aa761-a41f-49b9-8999-124eb1f758a2
X-RoutingOfficeCluster
neu-000.forms.office.com
Expires
-1
GetResourceStrings
forms.office.com/Pages/ResponsePage.aspx/ 		102 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx/GetResourceStrings
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e921482cc0c23ee8c5a11da7ee085170f3567edfb5709f938e338a1a5d402f7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Origin
https://forms.office.com
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Content-Length
2
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Origin
https://forms.office.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 27 Sep 2018 01:30:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeVersion
16.0.10918.36680
X-OfficeFE
FormsSingleBox_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Server
Microsoft-IIS/8.5
Content-Length
28804
X-RoutingOfficeFE
FormsSingleBox_IN_5
X-RoutingOfficeVersion
16.0.10918.36680
X-CorrelationId
975224ca-0d59-42d0-9830-07b5a3675c90
X-OfficeCluster
neu-000.forms.office.com
X-UserSessionId
53ce5e3c-3eee-4b20-94ec-cce05d45b37b
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-RoutingCorrelationId
975224ca-0d59-42d0-9830-07b5a3675c90
Cache-Control
private, max-age=0
X-FailureReason
MissingCookieOrToken
X-RoutingSessionId
53ce5e3c-3eee-4b20-94ec-cce05d45b37b
X-RoutingOfficeCluster
neu-000.forms.office.com
response_26071dc.js
forms.office.com/Scripts/Vendors/combined/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/Vendors/combined/response_26071dc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=ca968905fe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e1b5947f967335e6bf36b3fb3af3c1105dbcf289adaab09cfa7be2e6d7cbb3c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
27798
X-RoutingOfficeFE
FormsSingleBox_IN_10
X-RoutingOfficeVersion
16.0.10918.36680
Last-Modified
Wed, 19 Sep 2018 04:47:04 GMT
Server
Microsoft-IIS/8.5
ETag
"01496cfd34fd41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-RoutingCorrelationId
524c5fcd-68f3-4661-8ee0-eb21d4c87786
Cache-Control
max-age=63072000
X-RoutingSessionId
b5df10c7-7792-4604-969c-184b739a77bd
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
v1
web.vortex.data.microsoft.com/collect/ 		57 B
663 B 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D7d53e266806c478e820df691a282394f%26HASH%3D7d53%26LV%3D201809%26V%3D4%26LU%3D1538011838176%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.4.54.254 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
8d316e9191d40a4b9cc775c0adce0a999873c1935781d1312a5b12ee717c53d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 01:30:38 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
MS-CV
zQfYHeuzvk2A4OkI/woaqQ.0
Content-Type
application/json
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Content-Length
57
Expires
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1538011839789&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.76.34 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Origin
https://forms.office.com

Response headers

Date
Thu, 27 Sep 2018 01:30:39 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
100
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
register-bg.png
forms.office.com/Images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/Images/register-bg.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.76.19 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f75abfc2829e6c6103f63868067e4a08884a354217ea58262777553ee5a6b32a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
forms.office.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://forms.office.com/css/dist/response-page.min.css?v=ca968905fe
Cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1; AADNonce.forms=c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364; MSFPC=GUID=7d53e266806c478e820df691a282394f&HASH=7d53&LV=201809&V=4&LU=1538011838176
Connection
keep-alive
Cache-Control
no-cache
Referer
https://forms.office.com/css/dist/response-page.min.css?v=ca968905fe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 01:30:39 GMT
X-RoutingOfficeVersion
16.0.10918.36680
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Sep 2018 04:47:00 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
X-RoutingCorrelationId
53c3bc82-9808-4cd5-9f9e-bde06d574bf5
Cache-Control
max-age=63072000
X-RoutingSessionId
e2180cc6-830b-4038-9bea-f6b748a10d5e
Accept-Ranges
bytes
X-RoutingOfficeCluster
neu-000.forms.office.com
Content-Length
24975
ETag
"0ba33cdd34fd41:0"
X-RoutingOfficeFE
FormsSingleBox_IN_10
fabricmdl2icons-2.68.woff2
static2.sharepointonline.com/files/fabric/assets/icons/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/icons/fabricmdl2icons-2.68.woff2
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.116 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-116.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
81bd9c6953694abf461e6f47173b09535424d58f3764515d2d1a9f409594559a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://forms.office.com/css/dist/response-page.min.css?v=ca968905fe
Origin
https://forms.office.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 27 Sep 2018 01:30:40 GMT
last-modified
Wed, 28 Mar 2018 22:57:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D594FF5833046F
status
200
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
bb3e1b17-e01e-0092-282b-c78a64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=15591962
x-ms-version
2009-09-19
content-length
118232
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1538011841992&time-delta-to-apply-millis=100
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.76.34 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Origin
https://forms.office.com

Response headers

Date
Thu, 27 Sep 2018 01:30:41 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
8
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| OfficeFormServerInfo number| FormsPageStartTime function| init object| datas object| modules function| require object| Logging function| AuthenticationContext object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| $ function| jQuery object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| _ object| React object| ReactDOM object| awa string| behaviorKey function| escapeRegExp function| formatNumber function| extractDigits function| removeQuatos function| parseStringToDateLabels function| getTime function| makeDOMException function| getbyte64 function| decode function| getbyte function| encode function| __extends function| __assign object| NerveImplementation object| Nerve object| OfficeForm object| stringDelimiter object| dateLabelsRegExp undefined| PADCHAR_1 undefined| ALPHA_1 object| Forms object| FormsPro object| linkify function| linkifyElement function| Picker

4 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: AADNonce.forms
Value: c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364
forms.office.com/ Name: __RequestVerificationToken
Value: l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1
forms.office.com/ Name: MSFPC
Value: GUID=7d53e266806c478e820df691a282394f&HASH=7d53&LV=201809&V=4&LU=1538011838176
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

16 Console Messages

Source Level URL
Text
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
deferred
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
utils
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
xml
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
odata
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
odatautils
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
handler
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
metadata
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
net
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
json
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
batch
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
store
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
dom
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
indexeddb
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
memory
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
cache
console-api log URL: https://forms.office.com/Scripts/Vendors/combined/basics_99f4a98.js(Line 64)
Message:
source