forms.office.com
urlscan Pro

2620:1ec:a92::194

Go To Report Rescan

Submitted URL:
https://aka.ms/flow-mail
Effective URL:
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Submission: On January 14 via manual (January 14th 2021, 1:27:47 am) from US

Summary HTTP 13 Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 13 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.

This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.211.149.25 23.211.149.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:a92:... 2620:1ec:a92::194	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.16.177.90 2.16.177.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.114.132.91 52.114.132.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	7

1 23.211.149.25 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-149-25.deploy.static.akamaitechnologies.com

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forms.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.177.90 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-177-90.deploy.static.akamaitechnologies.com

cdn.forms.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
PTR:

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR:

c.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR:

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.114.132.91 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR:

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Domain Subdomains	Transfer
7	office.net	98 KB
3	microsoft.com	1 KB
3	office.com 1 redirects	95 KB
1	bing.com 1 redirects	514 B
1	msecnd.net	18 KB
1	aka.ms 1 redirects	566 B
13	6

	Domain	Requested by
7	cdn.forms.office.net	forms.office.com
2	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
2	c.office.com	1 redirects forms.office.com
1	browser.pipe.aria.microsoft.com	cdn.forms.office.net
1	c.bing.com	1 redirects
1	az725175.vo.msecnd.net	cdn.forms.office.net
1	forms.office.com
1	aka.ms	1 redirects
13	8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject / Issuer	Validity	Valid
forms.office.com GlobalSign Organization Validation CA - SHA256 - G3	`2020-02-19` - `2022-02-19`	2 years
cdn.forms.office.net Microsoft IT TLS CA 1	`2019-07-29` - `2021-07-29`	2 years
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year
c.msn.com Microsoft RSA TLS CA 01	`2020-10-07` - `2021-10-07`	a year
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02	`2020-10-05` - `2021-10-05`	a year
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year

Screenshot
Live screenshot

Full Image

Stats

0
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page. For each link, only the first name is shown.

https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy and cookies
https://go.microsoft.com/fwlink/?linkid=866263
Title: Terms of use

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u Show response
/Pages
Redirect Chain

https://aka.ms/flow-mail
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u

348 KB
94 KB

659ms
621ms

Document
text/html

2620:1ec:a92::194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f499d3060ec96f008e8b6413e147e359109009ab5d624e53a29b8429d94bc203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: forms.office.com
:scheme: https
:path: /Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Wed, 14-Apr-2021 01:27:48 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=s0XezBD7mQ0sxYmmioJPIIq7i3tAny3DYpB8zAupmebVjNc_8b1hmIINpBoAKvnt_pu4HAKJMd03_v74S0-9HXqcNxbUZg_PMU3T6NDUFi01; path=/; samesite=none; secure; HttpOnly AADNonce.forms=304a1573-bc20-44f6-9f69-e75e9c5302c3.637461844686794870; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-routingofficecluster: weu-001.forms.office.com
x-routingofficefe: FormsSingleBox_IN_13
x-routingofficeversion: 16.0.13706.36676
x-routingsessionid: bff10785-aa79-4df4-ab53-b5d15925cf58
x-routingcorrelationid: 7c1873c7-dbe4-4079-9a08-5ab12a0252eb
x-correlationid: 7c1873c7-dbe4-4079-9a08-5ab12a0252eb
x-usersessionid: bff10785-aa79-4df4-ab53-b5d15925cf58
x-officefe: FormsSingleBox_IN_0
x-officeversion: 16.0.13712.36680
x-officecluster: wcus-000.forms.office.com
x-failurereason: MissingCookieOrToken
x-robots-tag: noindex, nofollow
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-aspnet-version
x-powered-by
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-msedge-ref: Ref A: F2A3DD3C910C4665BF493D1B922356EF Ref B: AM3EDGE0807 Ref C: 2021-01-14T01:27:48Z
date: Thu, 14 Jan 2021 01:27:48 GMT

Redirect headers

Location: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Server: Kestrel
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status: True
X-Powered-By: ASP.NET
Content-Length: 0
Expires: Thu, 14 Jan 2021 01:27:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

GET
H2 200 light-response-page-core.chunk.vendors.940a732.js Show response
cdn.forms.office.net/forms/scripts/dists 133 KB
43 KB 151ms
44ms Script
application/javascript 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.vendors.940a732.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d0d23bfb03adc97b2f57b944b34f97a816b568e090fade88f04ccd94aaf8903c

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: br
content-md5: uRLOZ33RHFO5UK7pzf/HDw==
content-length: 43239
x-ms-lease-status: unlocked
last-modified: Tue, 12 Jan 2021 06:10:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B6C0C91F551B
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5ab7defe-b01e-002e-2eb6-e8d413000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 light-response-page-core.chunk.ext.4113adb.js Show response
cdn.forms.office.net/forms/scripts/dists 155 KB
41 KB 197ms
91ms Script
application/javascript 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.ext.4113adb.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0aa3a3e25248abdfcc3ecd7a20a5f3df661ebf00088d81efb6f3f0192c3fbc1c

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: br
content-md5: DY1ql8FKoDxQQC2UMIt5zQ==
content-length: 41401
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 05:15:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B7822D6C0D96
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 63632b5e-a01e-00fd-3579-e96bb6000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 light-response-page-core.chunk.post.boot.2235845.js Show response
cdn.forms.office.net/forms/scripts/dists 0
5 KB 187ms
85ms Other
application/javascript 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: br
content-md5: uGIcNdkU69Cu7PgqGSYQ+w==
content-length: 4792
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 05:15:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B7822D914FA9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74ad33eb-001e-011a-0d79-e93dee000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 light-response-page-core.chunk.post.boot.2235845.js Show response
cdn.forms.office.net/forms/scripts/dists 15 KB
5 KB 172ms
86ms Script
application/javascript 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a5df184c54c583382fa8de31eb6846fe38b0f559d8ae46300f677965292e663

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: br
content-md5: uGIcNdkU69Cu7PgqGSYQ+w==
content-length: 4792
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 05:15:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B7822D914FA9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74ad33eb-001e-011a-0d79-e93dee000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 ir_white.svg
cdn.forms.office.net/forms/images 877 B
1 KB 166ms
82ms Image
image/svg+xml 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/ir_white.svg
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 370b218c01e76ac9b23f6dd4a95489803259321ef45ae44598838e5db90664be

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-md5: VG5Gh2nghg0JGmBE3y2bfg==
content-length: 877
x-ms-lease-status: unlocked
last-modified: Wed, 16 Sep 2020 02:50:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D859EB49F23338
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0d7ba36a-801e-0026-7628-8ccf60000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 immersive-reader-icon.svg
cdn.forms.office.net/forms/images 1 KB
2 KB 165ms
82ms Image
image/svg+xml 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/immersive-reader-icon.svg
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6ddb375b347ae88ac75633df5aa4edeb1bc054e452d94edf457899e7dc31f06b

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-md5: r1angkTJSDA+TsbrQ9UlBg==
content-length: 1277
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jul 2020 01:31:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D822156D975593
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8e5e4550-e01e-009c-0327-542f69000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 light-response-page-core.chunk.sw.4e4fe75.js Show response
cdn.forms.office.net/forms/scripts/dists 746 B
768 B 43ms
42ms Script
application/javascript 2.16.177.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.sw.4e4fe75.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-90.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e9d6d60d9a09afb039ddaa5bd654a80214298c5ad7e93be4ee59025604cb4f0

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: br
content-md5: N3AVo3zRKmE5gjvYlocZrg==
content-length: 345
x-ms-lease-status: unlocked
last-modified: Wed, 13 Jan 2021 05:15:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8B7822DA6B055
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2469cfb0-401e-0056-2e79-e9bca4000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Fri, 14 Jan 2022 01:27:49 GMT

GET
H2 200 jsll-4.js Show response
az725175.vo.msecnd.net/scripts 55 KB
18 KB 196ms
51ms Script
text/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.post.boot.2235845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B30) /
Resource Hash: 196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 01:27:49 GMT
content-encoding: gzip
content-md5: rYVFtUp9d7HvDgKvthWhBw==
age: 221
x-cache: HIT
content-length: 18415
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 19:39:26 GMT
server: ECAcc (ama/8B30)
etag: 0x8D88742AA533F08
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
x-ms-request-id: baa1979a-e01e-0006-4f13-ea3853000000
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
DATA 200
OK data:truncated
data:truncated 4 KB
4 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin: https://forms.office.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2

200

c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&MUID=3550F0D8F8156E761668FF67FC156500
c.office.com
Redirect Chain

https://c.office.com/c.gif
https://c.bing.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&RedC=c.office.com&MXFR=3550F0D8F8156E761668FF67FC156500
https://c.office.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&MUID=3550F0D8F8156E761668FF67FC156500

42 B
248 B

66ms
65ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.office.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&MUID=3550F0D8F8156E761668FF67FC156500
Requested by: Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:49 GMT
last-modified: Tue, 12 Jan 2021 21:18:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3ad5376928e9d61:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:49 GMT
x-msedge-ref: Ref A: D76E59B33EDE48A18EA7FC55C3B7A1CE Ref B: FRAEDGE1408 Ref C: 2021-01-14T01:27:49Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.office.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&MUID=3550F0D8F8156E761668FF67FC156500
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-01-14T01%3A27%3A49.506Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%2704b1eeb6-6418-4380-a8a1-050... Show response
web.vortex.data.microsoft.com/collect/v1 281 B
966 B 255ms
63ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-01-14T01%3A27%3A49.506Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%2704b1eeb6-6418-4380-a8a1-050a112a1e42%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3Dv4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27Manage%20PowerApps%20and%20Flows%20Subscription%20List%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.4%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f803c46330def2730176643a0971f42100f9fd4ab4eeba55c839777f00ac1b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:49 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: xUzA41qJuUCW0dysPHWQgQ.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

POST
H/1.1 200
OK v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D4720ced868c04c4595bad3eba04caded%26HASH%3D4720%26LV%3D202101%26V%3D4%26LU%3D1610587669721%27
web.vortex.data.microsoft.com/collect 0
0 63ms
63ms Other
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3D4720ced868c04c4595bad3eba04caded%26HASH%3D4720%26LV%3D202101%26V%3D4%26LU%3D1610587669721%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK ?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-ti...
browser.pipe.aria.microsoft.com/Collector/3.0 0
397 B 515ms
128ms XHR
application/json 52.114.132.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1610587671725&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page-core.chunk.ext.4113adb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.132.91 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:51 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 447
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0

https://aka.ms/flow-mail
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u

Request 10

https://c.office.com/c.gif
https://c.bing.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&RedC=c.office.com&MXFR=3550F0D8F8156E761668FF67FC156500
https://c.office.com/c.gif?CtsSyncId=597C704E12214F2BA5BCF21283AA3659&MUID=3550F0D8F8156E761668FF67FC156500

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.office.com/	1970-01-20 00:44:43	Name: MUID Value: 3550F0D8F8156E761668FF67FC156500
.forms.office.com/	1969-12-31 23:59:59	Name: AADNonce.forms Value: 304a1573-bc20-44f6-9f69-e75e9c5302c3.637461844686794870
forms.office.com/	1970-01-20 00:08:43	Name: MSFPC Value: GUID=4720ced868c04c4595bad3eba04caded&HASH=4720&LV=202101&V=4&LU=1610587669721
forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: s0XezBD7mQ0sxYmmioJPIIq7i3tAny3DYpB8zAupmebVjNc_8b1hmIINpBoAKvnt_pu4HAKJMd03_v74S0-9HXqcNxbUZg_PMU3T6NDUFi01
forms.office.com/	1970-01-19 17:32:43	Name: DcLcid Value: ui=1033&data=1033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
web.vortex.data.microsoft.com
152.199.19.160
2.16.177.90
23.211.149.25
2620:1ec:a92::194
2620:1ec:c11::200
40.77.226.250
52.114.132.91
52.142.114.2
0aa3a3e25248abdfcc3ecd7a20a5f3df661ebf00088d81efb6f3f0192c3fbc1c
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c
1e9d6d60d9a09afb039ddaa5bd654a80214298c5ad7e93be4ee59025604cb4f0
370b218c01e76ac9b23f6dd4a95489803259321ef45ae44598838e5db90664be
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
6a5df184c54c583382fa8de31eb6846fe38b0f559d8ae46300f677965292e663
6ddb375b347ae88ac75633df5aa4edeb1bc054e452d94edf457899e7dc31f06b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
d0d23bfb03adc97b2f57b944b34f97a816b568e090fade88f04ccd94aaf8903c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f499d3060ec96f008e8b6413e147e359109009ab5d624e53a29b8429d94bc203
f803c46330def2730176643a0971f42100f9fd4ab4eeba55c839777f00ac1b39

forms.office.com urlscan Pro 2620:1ec:a92::194

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Stats

0 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

0 IPs

0 Countries

0 kBTransfer

0 kBSize

0 Cookies

2 Outgoing links

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect requests

21 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

forms.office.com
urlscan Pro

2620:1ec:a92::194

Screenshot
Live screenshot

Full Image

0
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions