urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aka.ms/flow-mail
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ...
Submission: On January 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 13 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.211.149.25 16625 (AKAMAI-AS)
1 2620:1ec:a92:... 8068 (MICROSOFT...)
7 2.16.177.89 20940 (AKAMAI-ASN1)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
2 40.77.226.250 8075 (MICROSOFT...)
1 51.140.157.153 8075 (MICROSOFT...)
13 7
1    23.211.149.25 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-149-25.deploy.static.akamaitechnologies.com
aka.ms
1    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
7    2.16.177.89 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-177-89.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az725175.vo.msecnd.net
2    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    51.140.157.153 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
7 cdn.forms.office.net forms.office.com
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 c.office.com 1 redirects forms.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 az725175.vo.msecnd.net cdn.forms.office.net
1 c.bing.com 1 redirects
1 forms.office.com
1 aka.ms 1 redirects
13 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
GlobalSign Organization Validation CA - SHA256 - G3		 2020-02-19 -
2022-02-19		 2 years crt.sh
cdn.forms.office.net
Microsoft IT TLS CA 1		 2019-07-29 -
2021-07-29		 2 years crt.sh
c.msn.com
Microsoft RSA TLS CA 01		 2020-10-07 -
2021-10-07		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Frame ID: D7E6B9A5004B350B7DE07E1FF6A47493
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5Q... Page URL

Page Statistics

13
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

7
IPs

5
Countries

216 kB
Transfer

713 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&RedC=c.office.com&MXFR=04315A59829F6AC206A555E6869F616A HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&MUID=04315A59829F6AC206A555E6869F616A

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://aka.ms/flow-mail
  • https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
348 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7eb3d0b76313a552d4d0ef2877b72f0ea827765c8832d5d64ce15266e6a05a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Wed, 14-Apr-2021 01:17:12 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=MnWqKrJsK3J2DyE5t4ORTDr157J2fld4AqPRK6d27elQQsuc78zFXy_Q-ODzq0oP32dLDgR8CoQIehofR9RlN7fb9T8Qq9GO-o0QEaHXPic1; path=/; samesite=none; secure; HttpOnly AADNonce.forms=dcfde657-b87e-4d72-87d2-2daf1bba3662.637461838324448005; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-routingofficecluster
neu-001.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.13706.36676
x-routingsessionid
1d72ac84-1b6d-4317-8221-3ee555c8cb76
x-routingcorrelationid
c5af151c-70fb-47b5-89e1-bef018857f03
x-correlationid
c5af151c-70fb-47b5-89e1-bef018857f03
x-usersessionid
1d72ac84-1b6d-4317-8221-3ee555c8cb76
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.13712.36680
x-officecluster
wcus-000.forms.office.com
x-failurereason
MissingCookieOrToken
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-aspnet-version
x-powered-by
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-msedge-ref
Ref A: 8AF58C731FDF45A0B32C3C6EC4DCDB1C Ref B: AMS04EDGE0617 Ref C: 2021-01-14T01:17:12Z
date
Thu, 14 Jan 2021 01:17:11 GMT

Redirect headers

Location
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Server
Kestrel
Request-Context
appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status
True
X-Powered-By
ASP.NET
Content-Length
0
Expires
Thu, 14 Jan 2021 01:17:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 14 Jan 2021 01:17:11 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
light-response-page-core.chunk.vendors.940a732.js
cdn.forms.office.net/forms/scripts/dists/ 		133 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.vendors.940a732.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0d23bfb03adc97b2f57b944b34f97a816b568e090fade88f04ccd94aaf8903c

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-encoding
br
content-md5
uRLOZ33RHFO5UK7pzf/HDw==
content-length
43239
x-ms-lease-status
unlocked
last-modified
Tue, 12 Jan 2021 06:10:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8B6C0C91F551B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5ab7defe-b01e-002e-2eb6-e8d413000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
light-response-page-core.chunk.ext.4113adb.js
cdn.forms.office.net/forms/scripts/dists/ 		155 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.ext.4113adb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0aa3a3e25248abdfcc3ecd7a20a5f3df661ebf00088d81efb6f3f0192c3fbc1c

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-encoding
br
content-md5
DY1ql8FKoDxQQC2UMIt5zQ==
content-length
41401
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jan 2021 05:15:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8B7822D6C0D96
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
63632b5e-a01e-00fd-3579-e96bb6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
light-response-page-core.chunk.post.boot.2235845.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-encoding
br
content-md5
uGIcNdkU69Cu7PgqGSYQ+w==
content-length
4792
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jan 2021 05:15:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8B7822D914FA9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74ad33eb-001e-011a-0d79-e93dee000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
light-response-page-core.chunk.post.boot.2235845.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6a5df184c54c583382fa8de31eb6846fe38b0f559d8ae46300f677965292e663

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-encoding
br
content-md5
uGIcNdkU69Cu7PgqGSYQ+w==
content-length
4792
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jan 2021 05:15:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8B7822D914FA9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74ad33eb-001e-011a-0d79-e93dee000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
ir_white.svg
cdn.forms.office.net/forms/images/ 		877 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/ir_white.svg
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
370b218c01e76ac9b23f6dd4a95489803259321ef45ae44598838e5db90664be

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-md5
VG5Gh2nghg0JGmBE3y2bfg==
content-length
877
x-ms-lease-status
unlocked
last-modified
Wed, 16 Sep 2020 02:50:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D859EB49F23338
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0d7ba36a-801e-0026-7628-8ccf60000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
immersive-reader-icon.svg
cdn.forms.office.net/forms/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/immersive-reader-icon.svg
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ddb375b347ae88ac75633df5aa4edeb1bc054e452d94edf457899e7dc31f06b

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-md5
r1angkTJSDA+TsbrQ9UlBg==
content-length
1277
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jul 2020 01:31:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D822156D975593
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e5e4550-e01e-009c-0327-542f69000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
light-response-page-core.chunk.sw.4e4fe75.js
cdn.forms.office.net/forms/scripts/dists/ 		746 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.sw.4e4fe75.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-89.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1e9d6d60d9a09afb039ddaa5bd654a80214298c5ad7e93be4ee59025604cb4f0

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:12 GMT
content-encoding
br
content-md5
N3AVo3zRKmE5gjvYlocZrg==
content-length
345
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jan 2021 05:15:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8B7822DA6B055
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2469cfb0-401e-0056-2e79-e9bca4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 14 Jan 2022 01:17:12 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin
https://forms.office.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&RedC=c.office.com&MXFR=04315A59829F6AC206A555E6869F616A
  • https://c.office.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&MUID=04315A59829F6AC206A555E6869F616A
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&MUID=04315A59829F6AC206A555E6869F616A
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:17:12 GMT
last-modified
Tue, 12 Jan 2021 21:18:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3ad5376928e9d61:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:17:12 GMT
x-msedge-ref
Ref A: 69EBD2475D374ABDAD91F2E9BC51A85E Ref B: FRAEDGE1517 Ref C: 2021-01-14T01:17:13Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&MUID=04315A59829F6AC206A555E6869F616A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DAD) /
Resource Hash
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Jan 2021 01:17:13 GMT
content-encoding
gzip
content-md5
rYVFtUp9d7HvDgKvthWhBw==
age
725
x-cache
HIT
content-length
18415
x-ms-lease-status
unlocked
last-modified
Thu, 12 Nov 2020 19:39:26 GMT
server
ECAcc (lha/8DAD)
etag
0x8D88742AA533F08
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
x-ms-request-id
94363900-801e-001d-1311-ea16c1000000
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-01-14T01%3A17%3A13.179Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%27a806274b-75c1-493e-920e-98e756c70b59%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3Dv4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Manage%20PowerApps%20and%20Flows%20Subscription%20List%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d4d514cdbd650d3e6320dbd0d61edcf0cbbcdb5c415748549e7eb29c7570b865
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 01:17:12 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
THm//Yff+UOcLxWh0SQFaQ.0
Content-Type
application/javascript
Content-Length
281
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Dd196c86c4eaa4de19b0ca0b1ec055c55%26HASH%3Dd196%26LV%3D202101%26V%3D4%26LU%3D1610587033348%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1610587035361&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.ext.4113adb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.157.153 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 01:17:14 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
154
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| webpackJsonp function| setPublicPath function| replaceChunkSrc object| lrpIoC object| formFeatureReadyFlags object| awa string| behaviorKey

5 Cookies

Domain/Path Name / Value
.office.com/ Name: MUID
Value: 04315A59829F6AC206A555E6869F616A
.forms.office.com/ Name: AADNonce.forms
Value: dcfde657-b87e-4d72-87d2-2daf1bba3662.637461838324448005
forms.office.com/ Name: MSFPC
Value: GUID=d196c86c4eaa4de19b0ca0b1ec055c55&HASH=d196&LV=202101&V=4&LU=1610587033348
forms.office.com/ Name: __RequestVerificationToken
Value: MnWqKrJsK3J2DyE5t4ORTDr157J2fld4AqPRK6d27elQQsuc78zFXy_Q-ODzq0oP32dLDgR8CoQIehofR9RlN7fb9T8Qq9GO-o0QEaHXPic1
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff