urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://etrack.news-es.rubix.com/u/nrd.php?p=4mBRoDozYm_6147_7020406_1_3&ems_l=11555660&i=1&d=NTU5NzE4NTg4%7CNG1CUm9Eb3pZbQ%3D%3D...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2O...
Submission: On March 20 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 13.107.6.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4868.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on January 2nd 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.175.192.49 1764 (NEXTLAYER-AS)
2 13.107.6.194 8068 (MICROSOFT...)
10 2.19.172.149 20940 (AKAMAI-ASN1)
16 4
Apex Domain
Subdomains		 Transfer
10 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 19506
306 KB
2 office.com
forms.office.com — Cisco Umbrella Rank: 4868
lists.office.com Failed
22 KB
1 rubix.com
etrack.news-es.rubix.com
845 B
16 3
Domain Requested by
10 cdn.forms.office.net forms.office.com
cdn.forms.office.net
2 forms.office.com forms.office.com
1 etrack.news-es.rubix.com
0 lists.office.com Failed forms.office.com
16 4

This site contains no links.

Subject Issuer Validity Valid
etrack.news-es.rubix.com
R3		 2024-03-12 -
2024-06-10		 3 months crt.sh
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 04		 2024-01-02 -
2024-12-27		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 06		 2023-07-12 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Frame ID: 5541F51E90053F84439BA306B4F19090
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms

Page URL History Show full URLs

  1. https://etrack.news-es.rubix.com/u/nrd.php?p=4mBRoDozYm_6147_7020406_1_3&ems_l=11555660&i=1&d=NTU5NzE4NTg4%7C... Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

329 kB
Transfer

847 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://etrack.news-es.rubix.com/u/nrd.php?p=4mBRoDozYm_6147_7020406_1_3&ems_l=11555660&i=1&d=NTU5NzE4NTg4%7CNG1CUm9Eb3pZbQ%3D%3D%7C%7CTWFkcmlmZXJyK1Bob25pbmcrTWlsd2F1a2VlXw%3D%3D%7C&_esuh=_11_b1be91a35abb5bbda7d0b475b1bfacd3051209d636f320c6b7fed073b4f1d107 Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nrd.php
etrack.news-es.rubix.com/u/ 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://etrack.news-es.rubix.com/u/nrd.php?p=4mBRoDozYm_6147_7020406_1_3&ems_l=11555660&i=1&d=NTU5NzE4NTg4%7CNG1CUm9Eb3pZbQ%3D%3D%7C%7CTWFkcmlmZXJyK1Bob25pbmcrTWlsd2F1a2VlXw%3D%3D%7C&_esuh=_11_b1be91a35abb5bbda7d0b475b1bfacd3051209d636f320c6b7fed073b4f1d107
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.192.49 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
/
Resource Hash
41bac7d2c5963a1832c1444553226804015e59ed71b884198a98da3c0611c6be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
532
content-type
text/html; charset=utf-8
date
Wed, 20 Mar 2024 10:10:48 GMT
pragma
no-cache
vary
Accept-Encoding
x-af
suite40-web01g
x-fe
suite40-web01g
x-hf
suite-haproxy01a
Primary Request responsepage.aspx
forms.office.com/pages/ 		64 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06d662adea8196ed5f309978120829023e9ad14224a80fece465e4a5a84f0fcd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://etrack.news-es.rubix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
object-src 'none';script-src 'nonce-55197f6b-f2f2-454c-9ef3-612fcbdecec1' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Wed, 20 Mar 2024 10:10:48 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
19fb38b4-b742-42f1-a45d-ebff38d1a733
x-msedge-ref
Ref A: 1108E5DEF82841609A27542139598F61 Ref B: LON212050713011 Ref C: 2024-03-20T10:10:49Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.17518.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
19fb38b4-b742-42f1-a45d-ebff38d1a733
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.17518.42500
x-routingsessionid
822947a5-6f91-4ebe-a397-a07f4729c8d9
x-usersessionid
822947a5-6f91-4ebe-a397-a07f4729c8d9
runtimeFormsWithResponses('toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u')
forms.office.com/formapi/api/7e7582b6-e2aa-455c-8352-be9fd4a411dd/users/e799a291-ad43-4f41-996a-baed0b8d654e/light/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/7e7582b6-e2aa-455c-8352-be9fd4a411dd/users/e799a291-ad43-4f41-996a-baed0b8d654e/light/runtimeFormsWithResponses('toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db2eb30170778736ed683c55fe4942177973ce231aeb24ad6a461af2a89b1a87
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
X-UserSessionId
822947a5-6f91-4ebe-a397-a07f4729c8d9
accept-language
es-ES,es;q=0.9
__RequestVerificationToken
jgGjwjM3Lbek4mWIABBO60M3ZlhHdMkH8J_xhW2APYX7nwA6fRw0tbuG1cpDGPZQs4YpxjNQJPSRlCndMPvG4XX26o3Saisw5qaoJmsQ3NY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 20 Mar 2024 10:10:49 GMT
x-officeversion
16.0.17518.42500
x-officefe
FormsSingleBox_IN_7
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_5, FormsSingleBox_IN_13
x-routingofficeversion
16.0.17518.42500, 16.0.17518.42500
x-correlationid
8ee08682-de83-42aa-874b-0e177ed9674b
x-officecluster
neu-101.forms.office.com
x-usersessionid
822947a5-6f91-4ebe-a397-a07f4729c8d9
x-msedge-ref
Ref A: D73FB7C6D885442B8C6786EB4F544667 Ref B: LON212050713011 Ref C: 2024-03-20T10:10:49Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
8ee08682-de83-42aa-874b-0e177ed9674b
x-routingsessionid
822947a5-6f91-4ebe-a397-a07f4729c8d9
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com, neu-101.forms.office.com
ls-response.es.35159401b.js
cdn.forms.office.net/forms/scripts/dists/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.es.35159401b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
74c1373632c115ed69370bd7419f633d3a68c7553baf739a9239fb49cee409c3

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:50 GMT
content-encoding
br
content-md5
hhkd/uM1zFGps9FKY85gVA==
content-length
12682
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB4D2BB88
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c60efbb5-001e-0049-6e01-799a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:50 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:50 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0251a506-201e-001a-0b2a-628696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:50 GMT
light-response-page.min.6e2e6fc.js
cdn.forms.office.net/forms/scripts/dists/ 		468 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=toJ1fqriXEWDUr6f1KQR3ZGimedDrUFPmWq67QuNZU5UNEpBRkJURTIwQVdSSVIxMVQ2OTgyWUhSVC4u&sc_src=email_7020406&sc_lid=559718588&sc_uid=4mBRoDozYm&sc_llid=6147&sc_customer=&utm_source=emarsys&utm_medium=email&utm_campaign=Madriferr+Phoning+Milwaukee_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
908b2f02807037b90356bd457861cb03c2f7b32c3bd5bf596e2c927bb17c5d70

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:50 GMT
content-encoding
br
content-md5
NSJCpsQdfy830dRkJbvLxw==
content-length
126135
x-ms-lease-status
unlocked
last-modified
Wed, 20 Mar 2024 07:44:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC48B19E0BDCC1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75e522e9-701e-0002-709e-7aab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:50 GMT
light-response-page.chunk.lrp_ext.842e131.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.842e131.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
qBbJhO3m/1VGSe8mO0KHAg==
content-length
106536
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EB4A14
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d636b5a-d01e-0026-35ff-78324d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_saveresponse.cc8ce17.js
cdn.forms.office.net/forms/scripts/dists/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.cc8ce17.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
rdJ0z2LgQH/YD+6JB02Cpg==
content-length
11063
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1FB4D4C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a4fb1e69-101e-005d-28ff-7859fd000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_groupnote.aae5661.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.aae5661.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
xbnW4VCr9xmCiQ054Lkynw==
content-length
1611
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EAFBF9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c8d0ea3-c01e-005f-75ff-785b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_cover.5e78fe4.js
cdn.forms.office.net/forms/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.5e78fe4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
CTv/KBQFju9fvtWQRZyCiw==
content-length
17487
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EB2302
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c047824-b01e-0036-2eff-7804ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_post.boot.a203ed6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.a203ed6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
vHuX5yMYBB5NiAhZSO7aXg==
content-length
4970
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EF6824
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c047866-b01e-0036-66ff-7804ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_ext.842e131.js
cdn.forms.office.net/forms/scripts/dists/ 		157 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.842e131.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
qBbJhO3m/1VGSe8mO0KHAg==
content-length
106536
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EB4A14
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d636b5a-d01e-0026-35ff-78324d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_cover.5e78fe4.js
cdn.forms.office.net/forms/scripts/dists/ 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.5e78fe4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2e6fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.172.149 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-172-149.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6164bd8723641297bbaa0483f977ed4470a2df7a08b989ed88c70462d7e71a41

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Mar 2024 10:10:52 GMT
content-encoding
br
content-md5
CTv/KBQFju9fvtWQRZyCiw==
content-length
17487
x-ms-lease-status
unlocked
last-modified
Mon, 18 Mar 2024 05:38:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC470DB1EB2302
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c047824-b01e-0036-2eff-7804ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 20 Mar 2025 10:10:52 GMT
light-response-page.chunk.lrp_post.boot.a203ed6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
0
2b067dc2-5d0d-4add-b1c1-e94074b6ca78
lists.office.com/Images/7e7582b6-e2aa-455c-8352-be9fd4a411dd/e799a291-ad43-4f41-996a-baed0b8d654e/T4JAFBTE20AWRIR11T6982YHRT/ 		0
0
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.forms.office.net
URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.a203ed6.js
Domain
lists.office.com
URL
https://lists.office.com/Images/7e7582b6-e2aa-455c-8352-be9fd4a411dd/e799a291-ad43-4f41-996a-baed0b8d654e/T4JAFBTE20AWRIR11T6982YHRT/2b067dc2-5d0d-4add-b1c1-e94074b6ca78
Domain
cdn.forms.office.net
URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap

2 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 0f7d9e27-e579-45e4-90b1-16bdc025fe50
forms.office.com/ Name: __RequestVerificationToken
Value: ot5ux42lldg1o-15NYLHLUJrb_yjjCNyXidSZqxpHK-GhAxggrk0w5LwJH4uIeiwwCLfq_uaqAOIZ1BY6E5G_4VOvjAfqnvW8LP4y6MUR6U1