forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ResponsePage.aspx Show response forms.office.com/Pages/	41 KB 16 KB	519ms 435ms	Document text/html	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 92d911169d29f62b264d9f7021b02c8fb0deb6b8cdebecc5d0cf2f6ea9e3b094 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers :method GET :authority forms.office.com :scheme https :path /Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-length 15608 content-type text/html; charset=utf-8 content-encoding gzip expires 0 vary Accept-Encoding p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" set-cookie DcLcid=ui=1033&data=1033; expires=Thu, 08-Apr-2021 15:31:02 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=RWOCRATTJkRqeJdQCnGi_inWLcsiDaCx9DeFuwEJ1IqIJLnNx4n3o48VyE0oMLnZLPy1Lrp7ub3p4NIpPv4AnFDYAARDQE5SgSG0dwAE_Kw1; path=/; samesite=none; secure; HttpOnly AADNonce.forms=337b5de1-809c-431f-949c-1f51a836113a.637457166623604822; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly x-routingofficecluster weu-001.forms.office.com usge-000.forms.gcc.osi.office365.us x-routingofficefe FormsSingleBox_IN_14 FormsSingleBox_IN_3 x-routingofficeversion 16.0.13705.36676 16.0.13614.36679 x-routingsessionid 749bb111-c9cf-4a6c-916f-cfd79318bd2b 749bb111-c9cf-4a6c-916f-cfd79318bd2b x-routingcorrelationid a9a79459-1d85-4c54-b2f7-9a576eec483d a9a79459-1d85-4c54-b2f7-9a576eec483d x-correlationid a9a79459-1d85-4c54-b2f7-9a576eec483d x-usersessionid 749bb111-c9cf-4a6c-916f-cfd79318bd2b x-officefe FormsSingleBox_IN_3 x-officeversion 16.0.13614.36679 x-officecluster usge-000.forms.gcc.osi.office365.us x-failurereason MissingCookieOrToken x-robots-tag noindex, nofollow x-aspnet-version x-powered-by x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-msedge-ref Ref A: B18EDE51530A4A58B959E83BA24F1275 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z date Fri, 08 Jan 2021 15:31:02 GMT
GET H2	200	response-page-customize-fabric-bootstrap.min.css forms.office.com/css/dist/	170 KB 29 KB	349ms 348ms	Stylesheet text/css	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/css/dist/response-page-customize-fabric-bootstrap.min.css?v=02d0c435e0&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 22c6c4c04f407de832c68be746945419cc9bc38202fe5ea84844980738ff3284 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 28942 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_0, FormsSingleBox_IN_1 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: 31F37135FCD745F5BF52543FADB6EB74 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z date Fri, 08 Jan 2021 15:31:02 GMT vary Accept-Encoding content-type text/css x-routingcorrelationid 0615dd6f-c09d-47bd-948f-8feec8b5cede, 0615dd6f-c09d-47bd-948f-8feec8b5cede cache-control max-age=63072000 x-routingsessionid 521a89fc-5d1e-4189-93ab-e82a4aca32e9, 521a89fc-5d1e-4189-93ab-e82a4aca32e9 accept-ranges bytes x-routingofficecluster neu-001.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	basics_osi_v3_dcbe987.js Show response forms.office.com/Scripts/Vendors/combined/	229 KB 76 KB	556ms 555ms	Script application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/Vendors/combined/basics_osi_v3_dcbe987.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 69a6f5767b0570ac6dca741cd411f512a22a3218b900c982b1e6194e0b87649f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Origin https://forms.office.com Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 77796 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_9, FormsSingleBox_IN_3 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: 69E303B570E34F8FA2CA941E6F557EC6 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z date Fri, 08 Jan 2021 15:31:02 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid a80c95cb-96f6-4d5a-a59d-d34213ab19d2, a80c95cb-96f6-4d5a-a59d-d34213ab19d2 cache-control max-age=63072000 x-routingsessionid 5d053905-bdc2-48ee-bee0-992d8a2ee5f9, 5d053905-bdc2-48ee-bee0-992d8a2ee5f9 accept-ranges bytes x-routingofficecluster weu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	response-page.cachegroup-nerve.min.js Show response forms.office.com/Scripts/dists/	60 KB 15 KB	346ms 345ms	Script application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/response-page.cachegroup-nerve.min.js?v=02d0c435e0&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 47219a71ba1ba39625cf1f2a8c126b6e46ce19328afdc095cfede1446aeff909 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Origin https://forms.office.com Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 14898 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_8, FormsSingleBox_IN_3 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: BFFE0FE9EBF640E583DDB1345C3758E7 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z date Fri, 08 Jan 2021 15:31:02 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 11f97518-5553-46e3-a36d-5cd6ba9a3615, 11f97518-5553-46e3-a36d-5cd6ba9a3615 cache-control max-age=63072000 x-routingsessionid 091bea4b-4515-44e7-bfc0-a372be3cbbc1, 091bea4b-4515-44e7-bfc0-a372be3cbbc1 accept-ranges bytes x-routingofficecluster neu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	response-page.min.js Show response forms.office.com/Scripts/dists/	485 KB 131 KB	147ms 146ms	Script application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/response-page.min.js?v=02d0c435e0&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b894c3037c6e3b81358ba821da04a3b5f1e81f58cd8533156c3001a6e63599ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Origin https://forms.office.com Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 133191 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_14, FormsSingleBox_IN_0 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: B637601178C34E28A7D215900E142585 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z date Fri, 08 Jan 2021 15:31:02 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid dd27e996-9127-469c-a865-20fe06539955, dd27e996-9127-469c-a865-20fe06539955 cache-control max-age=63072000 x-routingsessionid 22e05e47-0164-4ba1-a913-cd07b1fcca60, 22e05e47-0164-4ba1-a913-cd07b1fcca60 accept-ranges bytes x-routingofficecluster neu-001.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	jsll-4.js Show response az725175.vo.msecnd.net/scripts/	55 KB 18 KB	112ms 28ms	Script text/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az725175.vo.msecnd.net/scripts/jsll-4.js Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C7E) / Resource Hash 196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Jan 2021 15:31:02 GMT content-encoding gzip content-md5 rYVFtUp9d7HvDgKvthWhBw== age 1558 x-cache HIT content-length 18415 x-ms-lease-status unlocked last-modified Thu, 12 Nov 2020 19:39:26 GMT server ECAcc (mil/6C7E) etag 0x8D88742AA533F08 vary Accept-Encoding content-type text/javascript; charset="utf-8" x-ms-request-id 3a0573ca-c01e-0038-69cf-e58e72000000 cache-control public, max-age=1800, immutable x-ms-version 2009-09-19
GET H2	200	runtimeForms('urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u') Show response forms.office.com/formapi/api/0693b5ba-4b18-4d7b-9341-f32f400a5494/users/3a999f17-814b-4324-b3e4-414c73a9aa6c/light/	11 KB 3 KB	718ms 718ms	XHR application/json	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/0693b5ba-4b18-4d7b-9341-f32f400a5494/users/3a999f17-814b-4324-b3e4-414c73a9aa6c/light/runtimeForms('urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u')?$expand=questions($expand=choices) Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9d62dee51cdfd5f689f25850306865d705c5fd4120a24d9fa08f7d08c86def15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u X-UserSessionId 749bb111-c9cf-4a6c-916f-cfd79318bd2b __RequestVerificationToken TnJEc6FDqsh0Ip4Ewlbz5Gj6IfZf_yDiSc5OfwGdaUhlWckURmpmyaLDW5E2chlsZ7hEbMH5jvmjlOONBOHoukcQt3gpuimqcuDLOpS_WOQ1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-aspnet-version x-officeversion 16.0.13614.36679 x-officefe FormsSingleBox_IN_2, FormsSingleBox_IN_1 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-length 2503 x-routingofficefe FormsSingleBox_IN_8, FormsSingleBox_IN_2 pragma no-cache x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 x-correlationid 8948200a-1d8b-46d7-a6be-f041a2594948 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 749bb111-c9cf-4a6c-916f-cfd79318bd2b x-powered-by date Fri, 08 Jan 2021 15:31:03 GMT vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid 8948200a-1d8b-46d7-a6be-f041a2594948, 8948200a-1d8b-46d7-a6be-f041a2594948 cache-control no-cache x-failurereason MissingCookieOrToken x-routingsessionid 749bb111-c9cf-4a6c-916f-cfd79318bd2b, 749bb111-c9cf-4a6c-916f-cfd79318bd2b x-msedge-ref Ref A: F42371859B814AA6B8C6855E3552E895 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:02Z x-robots-tag noindex, nofollow x-routingofficecluster weu-001.forms.office.com, usge-000.forms.gcc.osi.office365.us expires -1
GET H2	200	response-page.chunk.postsubmit.39f5a4c.js forms.office.com/Scripts/dists/	0 8 KB	523ms 522ms	Other application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/response-page.chunk.postsubmit.39f5a4c.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=02d0c435e0&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 7766 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_6, FormsSingleBox_IN_2 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: 7F71815CF45646CE813E61D7F8A0055C Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:03Z date Fri, 08 Jan 2021 15:31:03 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid aa245476-bfd0-4f14-bfdf-955c7d7a4f55, aa245476-bfd0-4f14-bfdf-955c7d7a4f55 cache-control max-age=63072000 x-routingsessionid 70e4458a-54b8-4e3e-b351-c40c8526e08c, 70e4458a-54b8-4e3e-b351-c40c8526e08c accept-ranges bytes x-routingofficecluster neu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	response-page.chunk.quiz.10d6743.js forms.office.com/Scripts/dists/	0 1 KB	555ms 555ms	Other application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/response-page.chunk.quiz.10d6743.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=02d0c435e0&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 940 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_13, FormsSingleBox_IN_2 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: 19960102EB824B5581C7DB1315CCAB72 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:03Z date Fri, 08 Jan 2021 15:31:03 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 2d418d9b-f349-4eff-bed8-ebb62e75ece0, 2d418d9b-f349-4eff-bed8-ebb62e75ece0 cache-control max-age=63072000 x-routingsessionid 4874e837-dc5b-47da-9575-d6ff2f281bd0, 4874e837-dc5b-47da-9575-d6ff2f281bd0 accept-ranges bytes x-routingofficecluster weu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	aria_odata_v2_2405dcd.js Show response forms.office.com/Scripts/Vendors/combined/	124 KB 36 KB	128ms 127ms	Script application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=02d0c435e0&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7e77a640164b61234f5f4645fabad4257d6e37c0f2c047bdcf437be3f3b66e73 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 36633 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_9, FormsSingleBox_IN_2 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: 8325C790127542DDB2ADEF46EABCDB09 Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:03Z date Fri, 08 Jan 2021 15:31:03 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid e3a65125-0f95-4ae2-a41f-c01d68aad928, e3a65125-0f95-4ae2-a41f-c01d68aad928 cache-control max-age=63072000 x-routingsessionid 69097056-b96f-486b-97f6-7c65657e9c6b, 69097056-b96f-486b-97f6-7c65657e9c6b accept-ranges bytes x-routingofficecluster neu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H/1.1	200 OK	t.js Show response web.vortex.data.microsoft.com/collect/v1/	281 B 966 B	187ms 47ms	Script application/javascript	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-01-08T15%3A31%3A03.313Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%27ecf1bec5-58b6-4ea0-ac69-44dc954fbe6b%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DurWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Microsoft%20Forms%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false Requested by Host: az725175.vo.msecnd.net URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash afe58b08b2e79c1048060825c1d75e5335d4d31cd01b56e9fa6c09e75220f8eb Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 08 Jan 2021 15:31:02 GMT X-Content-Type-Options nosniff P3P CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Cache-Control no-cache, no-store MS-CV JkWWnF3C7kmDU+vk8317Ug.0 Content-Type application/javascript Content-Length 281 Expires 0
GET H2	200	response_v2_e8aff49.js Show response forms.office.com/Scripts/Vendors/combined/	51 KB 20 KB	138ms 138ms	Script application/javascript	13.107.6.194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/Vendors/combined/response_v2_e8aff49.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/response-page.min.js?v=02d0c435e0&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 241cb87f5148fee15ef5f4020a0963b16e2e9f139aefcffaa2844cd80d5e3e00 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-powered-by content-length 20530 etag "07e37e663d2d61:0" x-routingofficefe FormsSingleBox_IN_4, FormsSingleBox_IN_3 x-routingofficeversion 16.0.13705.36676, 16.0.13614.36679 last-modified Mon, 14 Dec 2020 21:55:56 GMT x-msedge-ref Ref A: F469A9786FDA4E188E170FAE59AB3CAE Ref B: AM3EDGE0508 Ref C: 2021-01-08T15:31:03Z date Fri, 08 Jan 2021 15:31:03 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 09681b42-312d-4b96-bd60-7695384e9e81, 09681b42-312d-4b96-bd60-7695384e9e81 cache-control max-age=63072000 x-routingsessionid d8f2d6dc-ea14-4c35-a4cb-16e472da0750, d8f2d6dc-ea14-4c35-a4cb-16e472da0750 accept-ranges bytes x-routingofficecluster weu-000.forms.office.com, usge-000.forms.gcc.osi.office365.us
POST H/1.1	200 OK	v1 web.vortex.data.microsoft.com/collect/	0 0	46ms 46ms	Other application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D07119fec29a140c48ed35bb397ccbc38%26HASH%3D0711%26LV%3D202101%26V%3D4%26LU%3D1610119863470%27 Requested by Host: az725175.vo.msecnd.net URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://forms.office.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
POST H/1.1	200 OK	/ Show response browser.pipe.aria.microsoft.com/Collector/3.0/	0 397 B	1006ms 246ms	XHR application/json	52.114.32.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984&client-time-epoch-millis=1610119865556&time-delta-to-apply-millis=use-collector-delta Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.114.32.8 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=urWTBhhLe02TQfMvQApUlBefmTpLgSRDs-RBTHOpqmxUQlEyNkZOUElHWDJCWEtTSTAzSUw3MUNWVC4u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 08 Jan 2021 15:31:05 GMT Server Microsoft-HTTPAPI/2.0 time-delta-millis 885 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers kill-tokens, kill-duration-seconds, time-delta-millis Access-Control-Allow-Headers Accept, Content-Type, Content-Encoding, Client-Id Content-Length 0

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo function| setPublicPath function| replaceChunkSrc object| FormPrefetchCache function| $ function| jQuery function| _ object| React object| ReactDOM object| webpackJsonp object| Forms object| FormsPro function| jsllloaded object| awa string| behaviorKey function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore object| linkify function| Picker

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.forms.office.com/	1969-12-31 23:59:59	Name: AADNonce.forms Value: 337b5de1-809c-431f-949c-1f51a836113a.637457166623604822
			forms.office.com/	1970-01-20 00:00:55	Name: MSFPC Value: GUID=07119fec29a140c48ed35bb397ccbc38&HASH=0711&LV=202101&V=4&LU=1610119863470
			forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: RWOCRATTJkRqeJdQCnGi_inWLcsiDaCx9DeFuwEJ1IqIJLnNx4n3o48VyE0oMLnZLPy1Lrp7ub3p4NIpPv4AnFDYAARDQE5SgSG0dwAE_Kw1
			forms.office.com/	1970-01-19 17:24:55	Name: DcLcid Value: ui=1033&data=1033

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: deferred
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: utils
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: xml
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: odata
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: odatautils
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: handler
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: metadata
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: net
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: json
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: batch
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: store
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: dom
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: indexeddb
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: memory
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: cache
console-api	log	URL: https://forms.office.com/Scripts/Vendors/combined/aria_odata_v2_2405dcd.js?ring=UsGovGccProduction(Line 26) Message: source

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
forms.office.com
web.vortex.data.microsoft.com
13.107.6.194
152.199.19.160
40.77.226.250
52.114.32.8
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c
22c6c4c04f407de832c68be746945419cc9bc38202fe5ea84844980738ff3284
241cb87f5148fee15ef5f4020a0963b16e2e9f139aefcffaa2844cd80d5e3e00
47219a71ba1ba39625cf1f2a8c126b6e46ce19328afdc095cfede1446aeff909
69a6f5767b0570ac6dca741cd411f512a22a3218b900c982b1e6194e0b87649f
7e77a640164b61234f5f4645fabad4257d6e37c0f2c047bdcf437be3f3b66e73
92d911169d29f62b264d9f7021b02c8fb0deb6b8cdebecc5d0cf2f6ea9e3b094
9d62dee51cdfd5f689f25850306865d705c5fd4120a24d9fa08f7d08c86def15
afe58b08b2e79c1048060825c1d75e5335d4d31cd01b56e9fa6c09e75220f8eb
b894c3037c6e3b81358ba821da04a3b5f1e81f58cd8533156c3001a6e63599ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855