urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://700x.emprenye-basinclikaplar.com/#tinyurl.com/kze5nzzn
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDR...
Submission: On June 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 13 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 30th 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.180.186.28 203576 (INTERNETB...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:1ec:a92:... 8068 (MICROSOFT...)
8 2.20.142.209 20940 (AKAMAI-ASN1)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.114.88.28 8075 (MICROSOFT...)
13 6
1    5.180.186.28 (Turkey)

ASN203576 (INTERNETBILISIM, TR)
PTR: server28.tr186.dhs.com.tr
700x.emprenye-basinclikaplar.com
1    2606:4700:10::6814:8b41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
2    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
8    2.20.142.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-142-209.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.114.88.28 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
8 cdn.forms.office.net forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
2 forms.office.com 700x.emprenye-basinclikaplar.com
forms.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 tinyurl.com 1 redirects
1 700x.emprenye-basinclikaplar.com
13 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-01-30 -
2022-01-29		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Frame ID: AC0E7B1FD30824EE0F831CE3A62BFA96
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://700x.emprenye-basinclikaplar.com/ Page URL
  2. https://tinyurl.com/kze5nzzn HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3V... Page URL

Page Statistics

13
Requests

92 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

5
Countries

237 kB
Transfer

619 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://700x.emprenye-basinclikaplar.com/ Page URL
  2. https://tinyurl.com/kze5nzzn HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&RedC=c.office.com&MXFR=0EF1EFFB486C691D1063FFA44C6C624C HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&MUID=0EF1EFFB486C691D1063FFA44C6C624C

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
700x.emprenye-basinclikaplar.com/ 		821 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
http://700x.emprenye-basinclikaplar.com/
Protocol
HTTP/1.1
Server
5.180.186.28 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
server28.tr186.dhs.com.tr
Software
LiteSpeed /
Resource Hash

Request headers

Host
700x.emprenye-basinclikaplar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html
Last-Modified
Thu, 17 Jun 2021 00:36:17 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
549
Date
Wed, 23 Jun 2021 13:55:02 GMT
Server
LiteSpeed
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://tinyurl.com/kze5nzzn
  • https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
66 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Requested by
Host: 700x.emprenye-basinclikaplar.com
URL: http://700x.emprenye-basinclikaplar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15143c9ed7df17e2c3858869c31f102081578ce9144062cd61876900624086db
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://700x.emprenye-basinclikaplar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://700x.emprenye-basinclikaplar.com/#tinyurl.com/kze5nzzn

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
20547
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Thu, 23-Sep-2021 13:55:03 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=fL8v_lJUIY42pzyMErnRhk2fswEfsLNrdybPpUQehJUuXxyJjFkVCUH9CKID6z3TIBHfIdq1u03oFupZUbHi6eYQXs5jPPwrRkAXZYZlvEQ1; path=/; samesite=none; secure; HttpOnly AADNonce.forms=0ec0bab0-cf66-4bf7-a5c1-540154088e53.637600533044360177; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.14218.35875
x-routingsessionid
70899859-3565-4dd1-aa5d-5bacd5698983
x-routingcorrelationid
6191e853-c56c-4f44-8b6d-95708978d66e
x-correlationid
6191e853-c56c-4f44-8b6d-95708978d66e
x-usersessionid
70899859-3565-4dd1-aa5d-5bacd5698983
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.14218.35875
x-officecluster
neu-101.forms.office.com
x-failurereason
10
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 662BB27062894229B9F4F153D974922D Ref B: AM3EDGE0916 Ref C: 2021-06-23T13:55:03Z

Redirect headers

date
Wed, 23 Jun 2021 13:55:03 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
set-cookie
TCSR-0d07521d530a6f678463dfd5a03eed49=eyJpdiI6IjcrZkhjUlp1eUs0aDljYzZnbjYzOEE9PSIsInZhbHVlIjoiNjBROXZSdGdKZUNlY3YxTHNvZ1JLQytRVzE1MmNxNWZaNWNsTGN1TU41cjZZS0NZckJWcThRdjlpQW85WU02eSIsIm1hYyI6IjVjZmJlOTcyNzVlY2U2NDg4ODZhOGVhMDdhNGUxMGRkZGUyZDA4YmEwNzhkMjdmYTI2NzUwODQwNjI5M2VhZmMifQ%3D%3D; expires=Wed, 23-Jun-2021 14:00:03 GMT; Max-Age=300; path=/; domain=.tinyurl.com; httponly; samesite=lax
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
0adac034f400004e7471858000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
663e3634bf2f4e74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')
forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/ 		216 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2329f44ea0b613d0f610c81f99c69da940d44d531bc84509231c6cc2049ef400
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
DcLcid=ui=1033&data=1033; __RequestVerificationToken=fL8v_lJUIY42pzyMErnRhk2fswEfsLNrdybPpUQehJUuXxyJjFkVCUH9CKID6z3TIBHfIdq1u03oFupZUbHi6eYQXs5jPPwrRkAXZYZlvEQ1; AADNonce.forms=0ec0bab0-cf66-4bf7-a5c1-540154088e53.637600533044360177
:path
/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')?$expand=questions($expand=choices)
pragma
no-cache
x-usersessionid
70899859-3565-4dd1-aa5d-5bacd5698983
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
forms.office.com
referer
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
:scheme
https
sec-fetch-site
same-origin
__requestverificationtoken
9oiQ7bzYsaPi80nBB07FXrp2glc9--p6nPNVUlbrhxPoCFdlWo_M33mv9lwkVZoiSBJIUpbYxSVy631cc1CanyqdvtS7Ynmh6CPS2OE_qq01
:method
GET
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
X-UserSessionId
70899859-3565-4dd1-aa5d-5bacd5698983
__RequestVerificationToken
9oiQ7bzYsaPi80nBB07FXrp2glc9--p6nPNVUlbrhxPoCFdlWo_M33mv9lwkVZoiSBJIUpbYxSVy631cc1CanyqdvtS7Ynmh6CPS2OE_qq01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14215.36678
x-officefe
FormsSingleBox_IN_4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
216
x-routingofficefe
FormsSingleBox_IN_20
pragma
no-cache
x-routingofficeversion
16.0.14215.36678
x-correlationid
c77b0c30-43d2-4fe9-912b-0a6362e31feb
x-officecluster
neu-100.forms.office.com
x-usersessionid
70899859-3565-4dd1-aa5d-5bacd5698983
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
x-routingcorrelationid
c77b0c30-43d2-4fe9-912b-0a6362e31feb
cache-control
no-cache
x-failurereason
10
x-routingsessionid
70899859-3565-4dd1-aa5d-5bacd5698983
x-msedge-ref
Ref A: D6F6A63812AD4B79A5F428CC085F1F99 Ref B: AM3EDGE0916 Ref C: 2021-06-23T13:55:04Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
expires
-1
light-response-page.min.43f90d1.css
cdn.forms.office.net/forms/css/dist/ 		124 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.43f90d1.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cba665d23141694ee58f36fc30e3a0b5bbe4a8d9bed80bc7f2026bb288d187c6

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:04 GMT
content-encoding
br
content-md5
nNn1+BCxNk7Xa1C/UK2Btg==
content-length
21217
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F3C698FEC
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
93de799d-201e-004d-3a00-649236000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:04 GMT
light-response-page.min.7067095.js
cdn.forms.office.net/forms/scripts/dists/ 		235 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c6f68eb6b7f7267b2d44f5aafc28d090393ccd8fd7f462a1336e27e5a45a37fd

Request headers

Origin
https://forms.office.com
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:04 GMT
content-encoding
br
content-md5
/W1IRUfgU6viXB8rVFC06w==
content-length
68339
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F54C9C23A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a8ae9190-101e-00c6-6b00-6429e8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:04 GMT
light-response-page.chunk.828.e0e72f6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:04 GMT
content-encoding
br
content-md5
zxp4AML1p2rSAfANuPv6UQ==
content-length
8956
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F5494C598
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1cb796fc-501e-0109-3600-64080f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:04 GMT
light-response-page.chunk.ext.c6f7f9c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c6f7f9c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:04 GMT
content-encoding
br
content-md5
SOMJQdhrpogTnhXimz5VZg==
content-length
40227
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F54995A58
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5f96bc64-501e-0102-1d00-64107b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:04 GMT
light-response-page.chunk.post.boot.9c823ec.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.9c823ec.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:04 GMT
content-encoding
br
content-md5
83g8Z9Qfn7L5epAVzLYkpQ==
content-length
3780
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F54B06922
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84de4231-e01e-0097-3b00-64371d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:04 GMT
light-response-page.chunk.828.e0e72f6.js
cdn.forms.office.net/forms/scripts/dists/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:05 GMT
content-encoding
br
content-md5
zxp4AML1p2rSAfANuPv6UQ==
content-length
8956
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F5494C598
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1cb796fc-501e-0109-3600-64080f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:05 GMT
light-response-page.chunk.ext.c6f7f9c.js
cdn.forms.office.net/forms/scripts/dists/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c6f7f9c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.7067095.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f57ec013efe9b0e7001623e483d8df4a22555e9054d0e0123ef5e58e77b94fa

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:05 GMT
content-encoding
br
content-md5
SOMJQdhrpogTnhXimz5VZg==
content-length
40227
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F54995A58
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5f96bc64-501e-0102-1d00-64107b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:05 GMT
bird.png
cdn.forms.office.net/forms/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/bird.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.142.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-142-209.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
286301adcd28265f7ce8a58113045c94447324fbaa98fb97abee351670b6391e

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Jun 2021 13:55:05 GMT
content-md5
6nve1M0LKRjTRqwFQ3/BCg==
content-length
19127
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 06:40:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8975644DFD597
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b018e0c1-401e-0012-0352-c960c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:55:05 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin
https://forms.office.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&RedC=c.office.com&MXFR=0EF1EFFB486C691D1063FFA44C6C624C
  • https://c.office.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&MUID=0EF1EFFB486C691D1063FFA44C6C624C
42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&MUID=0EF1EFFB486C691D1063FFA44C6C624C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Jun 2021 13:55:05 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 23 Jun 2021 13:55:05 GMT
x-msedge-ref
Ref A: 52DC5567173448EDA10E88E8B5D060DB Ref B: FRAEDGE1406 Ref C: 2021-06-23T13:55:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&MUID=0EF1EFFB486C691D1063FFA44C6C624C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1624456508198&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c6f7f9c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.88.28 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 23 Jun 2021 13:55:07 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
157
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache function| setPublicPath function| replaceChunkSrc object| webpackChunk object| lrpIoC

3 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: AADNonce.forms
Value: 0ec0bab0-cf66-4bf7-a5c1-540154088e53.637600533044360177
forms.office.com/ Name: __RequestVerificationToken
Value: fL8v_lJUIY42pzyMErnRhk2fswEfsLNrdybPpUQehJUuXxyJjFkVCUH9CKID6z3TIBHfIdq1u03oFupZUbHi6eYQXs5jPPwrRkAXZYZlvEQ1
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

1 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
tinyurl.com/kze5nzzn