forms.office.com Open in urlscan Pro
2620:1ec:a92::194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://482x.emprenye-basinclikaplar.com/#tinyurl.com/kze5nzzn
Effective URL:
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDR...
Submission: On June 21 via manual (June 21st 2021, 3:32:28 am UTC) from MY

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 30th 2021. Valid for: a year.

This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.180.186.28 5.180.186.28	203576 (INTERNETB...) (INTERNETBILISIM)
1 1	2606:4700:10:... 2606:4700:10::6814:8a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:a92:... 2620:1ec:a92::194	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2.16.107.112 2.16.107.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.109.88.24 52.109.88.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.114.158.91 52.114.158.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	9

1 5.180.186.28 (Turkey)

ASN203576 (INTERNETBILISIM, TR)
PTR: server28.tr186.dhs.com.tr

482x.emprenye-basinclikaplar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:8a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forms.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.107.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-112.deploy.static.akamaitechnologies.com

cdn.forms.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.24 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lists.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.114.158.91 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	office.net cdn.forms.office.net	266 KB
6	office.com 1 redirects forms.office.com lists.office.com c.office.com	70 KB
3	microsoft.com web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com	1 KB
1	bing.com 1 redirects c.bing.com	533 B
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	tinyurl.com 1 redirects tinyurl.com	835 B
1	emprenye-basinclikaplar.com 482x.emprenye-basinclikaplar.com	809 B
21	7

	Domain	Requested by
11	cdn.forms.office.net	forms.office.com cdn.forms.office.net
2	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
2	c.office.com	1 redirects forms.office.com
2	lists.office.com	forms.office.com
2	forms.office.com	482x.emprenye-basinclikaplar.com forms.office.com
1	browser.pipe.aria.microsoft.com	cdn.forms.office.net
1	c.bing.com	1 redirects
1	az725175.vo.msecnd.net	cdn.forms.office.net
1	tinyurl.com	1 redirects
1	482x.emprenye-basinclikaplar.com
21	10

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid
forms.office.com DigiCert Cloud Services CA-1	`2021-01-30` - `2022-01-29`	a year	crt.sh
cdn.forms.office.net Microsoft RSA TLS CA 01	`2020-10-19` - `2021-10-19`	a year	crt.sh
lists.office.com Microsoft RSA TLS CA 01	`2020-10-02` - `2021-10-02`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02	`2020-10-05` - `2021-10-05`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Frame ID: A0CF6CA1FACBA3C891D466044D5C9272
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://482x.emprenye-basinclikaplar.com/ Page URL
https://tinyurl.com/kze5nzzn HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3V... Page URL

Page Statistics

21
Requests

95 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

361 kB
Transfer

843 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?linkid=866263
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://482x.emprenye-basinclikaplar.com/ Page URL
https://tinyurl.com/kze5nzzn HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://c.office.com/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&RedC=c.office.com&MXFR=175872C53EC669150F7E62983AC662F7 HTTP 302
https://c.office.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&MUID=175872C53EC669150F7E62983AC662F7

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
482x.emprenye-basinclikaplar.com/ 821 B
809 B 169ms
90ms Document
text/html 5.180.186.28
INTERNETBILISIM

General

Check archive.org

Show headers Download Go to

Full URL: http://482x.emprenye-basinclikaplar.com/
Protocol: HTTP/1.1
Server: 5.180.186.28 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS: server28.tr186.dhs.com.tr
Software: LiteSpeed /
Resource Hash: 1cc177aedbb05065acc31eb2299891b885d38295ffabc56943531a2e087579cc

Request headers

Host: 482x.emprenye-basinclikaplar.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Thu, 17 Jun 2021 00:36:17 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 549
Date: Mon, 21 Jun 2021 03:32:01 GMT
Server: LiteSpeed

GET
H2

200

Primary Request ResponsePage.aspx Show response
forms.office.com/Pages/
Redirect Chain

https://tinyurl.com/kze5nzzn
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u

67 KB
22 KB

95ms
65ms

Document
text/html

2620:1ec:a92::194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u

Requested by

Host: 482x.emprenye-basinclikaplar.com
URL: http://482x.emprenye-basinclikaplar.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3562c341f22d62f5803590e99f994ccfb8bd40f95d2b88d55231b7c5c37da11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: forms.office.com
:scheme: https
:path: /Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://482x.emprenye-basinclikaplar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://482x.emprenye-basinclikaplar.com/#tinyurl.com/kze5nzzn

Response headers

cache-control: no-store, must-revalidate, no-cache
pragma: no-cache
content-length: 20924
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 21-Sep-2021 03:32:02 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=suCU1IGT_2RSMag8CbAqeqjV9q_R6RvDBTnSPGrOzwgPCpxQChP8ZPrDTtHNU1xwqZTD9O5pcavZDRV0eVpviSFUIXa8vwc2ne7zkbc4e-01; path=/; samesite=none; secure; HttpOnly AADNonce.forms=355070c6-d06d-437f-b32a-46ea869934ed.637598431226136207; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: neu-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_5
x-routingofficeversion: 16.0.14214.35877
x-routingsessionid: 002697ed-51f5-4886-b522-4ebd8b7ece47
x-routingcorrelationid: c85c338d-aa5a-4a52-9964-efac0b6e4a40
x-correlationid: c85c338d-aa5a-4a52-9964-efac0b6e4a40
x-usersessionid: 002697ed-51f5-4886-b522-4ebd8b7ece47
x-officefe: FormsSingleBox_IN_22
x-officeversion: 16.0.14214.35877
x-officecluster: neu-101.forms.office.com
x-failurereason: 10
x-robots-tag: noindex, nofollow
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CB9E398E19384C32AF8E41556FF37FF9 Ref B: AMS04EDGE0513 Ref C: 2021-06-21T03:32:02Z
date: Mon, 21 Jun 2021 03:32:02 GMT

Redirect headers

date: Mon, 21 Jun 2021 03:32:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.26
location: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
set-cookie: TCSR-0d07521d530a6f678463dfd5a03eed49=eyJpdiI6IlFLWlIwcURzUDJBNlQ3MWdISWo0R1E9PSIsInZhbHVlIjoiQ3ROanZsMGt3N2FiRFVMZzJMOXpIVlV4QUhwYytXNGRFd3lQTU5mZDljS0RmN29JVVYzalwvbXA4ZDV4OUxtcXEiLCJtYWMiOiIzNWE4MGE3OGE1NmZhODU4YjJmYThmNzIyYjZhNWI0YWVmYWRmOTVkYWVkYTBmNzI0YmM2NmQ2NjFhMWEzMTk5In0%3D; expires=Mon, 21-Jun-2021 03:37:02 GMT; Max-Age=300; path=/; domain=.tinyurl.com; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 0ace391b8400001782df1af000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 662a2ad8ce661782-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u') Show response
forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/ 5 KB
2 KB 26ms
25ms XHR
application/json 2620:1ec:a92::194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')?$expand=questions($expand=choices)

Requested by

Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

78409f5cc567b44282a92b098dbe688f1b759274e410222c1661db67289ff9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: DcLcid=ui=1033&data=1033; __RequestVerificationToken=suCU1IGT_2RSMag8CbAqeqjV9q_R6RvDBTnSPGrOzwgPCpxQChP8ZPrDTtHNU1xwqZTD9O5pcavZDRV0eVpviSFUIXa8vwc2ne7zkbc4e-01; AADNonce.forms=355070c6-d06d-437f-b32a-46ea869934ed.637598431226136207
:path: /formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')?$expand=questions($expand=choices)
pragma: no-cache
x-usersessionid: 002697ed-51f5-4886-b522-4ebd8b7ece47
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: forms.office.com
referer: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
:scheme: https
sec-fetch-site: same-origin
__requestverificationtoken: 5m2Qq0VKXHLGDbiO_sqmY84LdIQRpiYCTzz7sp8QbVQvWjJlzib6QLSTjUhGPasix-T5XFNWHrS3LysmVJe3UtIIqYrGZ3z5rCBbjtEXwaI1
:method: GET
Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
X-UserSessionId: 002697ed-51f5-4886-b522-4ebd8b7ece47
__RequestVerificationToken: 5m2Qq0VKXHLGDbiO_sqmY84LdIQRpiYCTzz7sp8QbVQvWjJlzib6QLSTjUhGPasix-T5XFNWHrS3LysmVJe3UtIIqYrGZ3z5rCBbjtEXwaI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.14215.36678
x-officefe: FormsSingleBox_IN_4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-length: 1640
x-routingofficefe: FormsSingleBox_IN_11
pragma: no-cache
x-routingofficeversion: 16.0.14215.36678
x-correlationid: 10023ce8-9854-48c5-bc86-f4095165a1b4
x-officecluster: weu-100.forms.office.com
x-usersessionid: 002697ed-51f5-4886-b522-4ebd8b7ece47
x-powered-by: ASP.NET
date: Mon, 21 Jun 2021 03:32:02 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-routingcorrelationid: 10023ce8-9854-48c5-bc86-f4095165a1b4
cache-control: no-cache
x-failurereason: 10
x-routingsessionid: 002697ed-51f5-4886-b522-4ebd8b7ece47
x-msedge-ref: Ref A: 5E8F62EC7EE446E78DFE64FD429437B7 Ref B: AMS04EDGE0513 Ref C: 2021-06-21T03:32:02Z
x-robots-tag: noindex, nofollow
x-routingofficecluster: weu-100.forms.office.com
expires: -1

GET
H2 200 light-response-page.min.efe0bae.css
cdn.forms.office.net/forms/css/dist/ 124 KB
21 KB 95ms
26ms Stylesheet
text/css 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/css/dist/light-response-page.min.efe0bae.css
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d1cd378f909e2de97cceac320072150a423e57e03a12c20e64eccb4d27e35d9d

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: +pj4+PzzjvYszadSQp7Txw==
content-length: 21444
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C7EF8A701
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b9107ad9-a01e-00b9-396f-62b7da000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.min.9a30557.js Show response
cdn.forms.office.net/forms/scripts/dists/ 240 KB
65 KB 127ms
35ms Script
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 285199987402bc3c43c6261c9792086fc87456d73ab1e94593efbe725f4f27ab

Request headers

Origin: https://forms.office.com
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: uoLARfyUn+L/63ZBt9XqTQ==
content-length: 66184
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96E20CA1
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e45ce349-501e-00e8-316f-62a92f000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.vendors.15a6dfc.js
cdn.forms.office.net/forms/scripts/dists/ 0
43 KB 30ms
29ms Other
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.15a6dfc.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: E0r62952KxNkB7L2OG0LGw==
content-length: 43172
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96DC8D5C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 319799a5-501e-000d-316f-62bbd8000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.ext.7dd21bb.js
cdn.forms.office.net/forms/scripts/dists/ 0
40 KB 57ms
56ms Other
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.7dd21bb.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: 5qDYliQXC1TxXoTNvs8bKA==
content-length: 40080
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96AA0244
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 06e95b83-501e-002f-676f-62d5ee000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.post.boot.ec31a7d.js
cdn.forms.office.net/forms/scripts/dists/ 0
4 KB 85ms
85ms Other
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.ec31a7d.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: HKjusBvyKwC+3kXTPuIIqQ==
content-length: 3687
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96C77ACD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6da3bdd7-601e-0128-4c6f-62653e000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.vendors.15a6dfc.js Show response
cdn.forms.office.net/forms/scripts/dists/ 133 KB
43 KB 82ms
81ms Script
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.15a6dfc.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b9c7805ac4ff8e80bbb2d741c81b4cd9bf2c338a52659edcfbb5741805a897bf

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: E0r62952KxNkB7L2OG0LGw==
content-length: 43172
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96DC8D5C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 319799a5-501e-000d-316f-62bbd8000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.ext.7dd21bb.js Show response
cdn.forms.office.net/forms/scripts/dists/ 151 KB
40 KB 82ms
81ms Script
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.7dd21bb.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 059d0d1f1255019d0b89f73a489a07ed854fe069f0524167f732ad35ab3a7fde

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: 5qDYliQXC1TxXoTNvs8bKA==
content-length: 40080
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96AA0244
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 06e95b83-501e-002f-676f-62d5ee000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.post.boot.ec31a7d.js Show response
cdn.forms.office.net/forms/scripts/dists/ 10 KB
4 KB 69ms
69ms Script
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.ec31a7d.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c92f3d15a19c72c5894fa54fbec2e4a8add6329fadc50219e7f2e977282b0fda

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: HKjusBvyKwC+3kXTPuIIqQ==
content-length: 3687
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96C77ACD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6da3bdd7-601e-0128-4c6f-62653e000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 ir_white_title.svg
cdn.forms.office.net/forms/images/ 2 KB
3 KB 67ms
66ms Image
image/svg+xml 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/ir_white_title.svg
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-md5: 10Dd1PpC6lRQDD1f/z25Sw==
content-length: 2271
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 05:23:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8FA4E75CEBCFD
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a8dc9c9f-801e-00ae-6c70-2c77b9000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 immersive-reader-icon_black.svg
cdn.forms.office.net/forms/images/ 2 KB
3 KB 67ms
67ms Image
image/svg+xml 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/immersive-reader-icon_black.svg
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-md5: KcE1VrPtrNUxMzaM4LNsNw==
content-length: 2384
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 05:23:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8FA4E75C481E8
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2940f4cf-d01e-0053-0c70-2c48db000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 light-response-page.chunk.sw.135ded1.js Show response
cdn.forms.office.net/forms/scripts/dists/ 3 KB
2 KB 26ms
26ms Script
application/javascript 2.16.107.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.135ded1.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a30557.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 49f496922194e0a78bf7b1451bb6dc5ce45ca44e7d6503a3c0d2677ae0058f94

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:02 GMT
content-encoding: br
content-md5: i6ILLDyHE9yWIVVeDH+L5A==
content-length: 1116
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 04:09:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9307C96D7AA73
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80b83cbe-601e-00eb-086f-62aa28000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 21 Jun 2022 03:32:02 GMT

GET
H2 200 a8927d76-9187-4b4b-8079-2c0a7bae4437
lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/ 43 KB
44 KB 375ms
212ms Image
image/jpeg 52.109.88.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/a8927d76-9187-4b4b-8079-2c0a7bae4437

Requested by

Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17a4ff6bf946f45fc6813e0c8c9470474158949088ef1084638eba8f679c20d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 03:32:02 GMT
x-routingofficeversion: 16.0.14214.36251
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
x-routingcorrelationid: 7a167242-db8c-4fde-acd6-9a7c9c8b7713
cache-control: no-cache
x-routingsessionid: 37ce3753-91a3-427b-81bc-8070fbdefb4d
x-hivering: 3
x-routingofficecluster: weu-100.lists.office.com
x-routingofficefe: CollabDBReverseProxyWithMappingService_IN_4
expires: -1

GET
H2 200 jsll-4.js Show response
az725175.vo.msecnd.net/scripts/ 55 KB
18 KB 145ms
36ms Script
text/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.ec31a7d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B30) /
Resource Hash: e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 21 Jun 2021 03:32:03 GMT
content-encoding: gzip
content-md5: yvXHFTB8uAvUsw4tqOlcNw==
age: 166
x-cache: HIT
content-length: 18421
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 22:33:25 GMT
server: ECAcc (ama/8B30)
etag: 0x8D8D781DE4DEC32
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
x-ms-request-id: 82192dc5-d01e-002c-184d-664d16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
H2 200 a1cf0090-c040-4b40-a5cf-1a746915d549
lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/ 2 KB
3 KB 283ms
210ms Image
image/png 52.109.88.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/a1cf0090-c040-4b40-a5cf-1a746915d549

Requested by

Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa9c749681919b08b6b7979f6f436c1e3f1fd3fcf9bb1a091ad659a8dec8e0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 03:32:02 GMT
x-routingofficeversion: 16.0.14214.36251
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
x-routingcorrelationid: 288730b1-3d6a-4ddf-bedc-c41c5d850441
cache-control: no-cache
x-routingsessionid: 628a7469-7e42-4087-96e9-55dc15f9ffe1
x-hivering: 3
x-routingofficecluster: weu-100.lists.office.com
x-routingofficefe: CollabDBReverseProxyWithMappingService_IN_4
expires: -1

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin: https://forms.office.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2

200

c.gif
c.office.com/
Redirect Chain

https://c.office.com/c.gif
https://c.bing.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&RedC=c.office.com&MXFR=175872C53EC669150F7E62983AC662F7
https://c.office.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&MUID=175872C53EC669150F7E62983AC662F7

42 B
258 B

57ms
57ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.office.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&MUID=175872C53EC669150F7E62983AC662F7
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 03:32:02 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 21 Jun 2021 03:32:03 GMT
x-msedge-ref: Ref A: 52D7BDA88BA94FEB9A4ADEB764836400 Ref B: FRAEDGE1209 Ref C: 2021-06-21T03:32:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.office.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&MUID=175872C53EC669150F7E62983AC662F7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 281 B
966 B 205ms
51ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-06-21T03%3A32%3A03.174Z%27&os=%27Windows%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%27578d970e-e782-483d-9dfd-e4330dbf726b%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DKea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u%27&-referrerUri=%27http%3A%2F%2F482x.emprenye-basinclikaplar.com%2F%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Office365%20Protection%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.5%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

55d49eca48abcab572633841cb6b7b911fe8188f49a58fe87eba98676cbc4c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 03:32:02 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: W6OZea+gtEO0c8NoGXJYaA.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 51ms
51ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D7fcba007dbd040c68bfe30ee5959150f%26HASH%3D7fcb%26LV%3D202106%26V%3D4%26LU%3D1624246323347%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 942ms
433ms XHR
application/json 52.114.158.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1624246325422&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.7dd21bb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.158.91 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 03:32:05 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 594
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.forms.office.com/	1969-12-31 23:59:59	Name: AADNonce.forms Value: 355070c6-d06d-437f-b32a-46ea869934ed.637598431226136207
forms.office.com/	1970-01-20 03:56:22	Name: MSFPC Value: GUID=7fcba007dbd040c68bfe30ee5959150f&HASH=7fcb&LV=202106&V=4&LU=1624246323347
.office.com/	1970-01-20 04:32:22	Name: MUID Value: 175872C53EC669150F7E62983AC662F7
forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: suCU1IGT_2RSMag8CbAqeqjV9q_R6RvDBTnSPGrOzwgPCpxQChP8ZPrDTtHNU1xwqZTD9O5pcavZDRV0eVpviSFUIXa8vwc2ne7zkbc4e-01
forms.office.com/	1970-01-19 21:23:15	Name: DcLcid Value: ui=1033&data=1033

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: tinyurl.com/kze5nzzn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

482x.emprenye-basinclikaplar.com
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
lists.office.com
tinyurl.com
web.vortex.data.microsoft.com
152.199.19.160
2.16.107.112
2606:4700:10::6814:8a41
2620:1ec:a92::194
2620:1ec:c11::200
40.77.226.250
5.180.186.28
52.109.88.24
52.114.158.91
52.142.114.2
059d0d1f1255019d0b89f73a489a07ed854fe069f0524167f732ad35ab3a7fde
17a4ff6bf946f45fc6813e0c8c9470474158949088ef1084638eba8f679c20d9
1cc177aedbb05065acc31eb2299891b885d38295ffabc56943531a2e087579cc
285199987402bc3c43c6261c9792086fc87456d73ab1e94593efbe725f4f27ab
3562c341f22d62f5803590e99f994ccfb8bd40f95d2b88d55231b7c5c37da11c
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
49f496922194e0a78bf7b1451bb6dc5ce45ca44e7d6503a3c0d2677ae0058f94
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
55d49eca48abcab572633841cb6b7b911fe8188f49a58fe87eba98676cbc4c3b
78409f5cc567b44282a92b098dbe688f1b759274e410222c1661db67289ff9f0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa9c749681919b08b6b7979f6f436c1e3f1fd3fcf9bb1a091ad659a8dec8e0c4
b9c7805ac4ff8e80bbb2d741c81b4cd9bf2c338a52659edcfbb5741805a897bf
c92f3d15a19c72c5894fa54fbec2e4a8add6329fadc50219e7f2e977282b0fda
d1cd378f909e2de97cceac320072150a423e57e03a12c20e64eccb4d27e35d9d
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

forms.office.com Open in urlscan Pro 2620:1ec:a92::194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

21 Requests

95 %HTTPS

30 %IPv6

7 Domains

10 Subdomains

9 IPs

5 Countries

361 kBTransfer

843 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

forms.office.com Open in urlscan Pro
2620:1ec:a92::194 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

361 kB
Transfer

843 kB
Size

5
Cookies

21 HTTP transactions
1 data transactions