forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ResponsePage.aspx Show response forms.office.com/Pages/	49 KB 15 KB	535ms 410ms	Document text/html	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0ba75bb98483189565c5fb974d5560b180c9fe6d42772a7596139734116f8c51 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-encoding br content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:58:29 GMT expires 0 link <https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous pragma no-cache strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding x-cache CONFIG_NOCACHE x-correlationid 6d788dac-11e3-4e45-9f8b-365ddb6165f2 x-msedge-ref Ref A: 820E700EB8ED45669B6A1323C13BB6C8 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z x-officecluster usge-000.forms.gcc.osi.office365.us x-officefe FormsSingleBox_IN_1 x-officeversion 16.0.16925.42053 x-robots-tag noindex, nofollow x-routingcorrelationid 6d788dac-11e3-4e45-9f8b-365ddb6165f2 x-routingofficecluster frc-100.forms.office.com usge-000.forms.gcc.osi.office365.us x-routingofficefe FormsSingleBox_IN_5 FormsSingleBox_IN_1 x-routingofficeversion 16.0.16927.42052 16.0.16925.42053 x-routingsessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-usersessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c
GET H2	200	ls-response.de.04d426e00.js Show response forms.office.com/gcc/cdn/scripts/dists/	38 KB 13 KB	35ms 34ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.04d426e00.js Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 870d0292df6ee1cb1748e5c7c4efa94767074d64d5512a2cc4bbdb665b8d1c31 Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:29 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:58 GMT x-msedge-ref Ref A: 439FF1DB1AD6485FAFFE60487E0DA638 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC9241F9FA9A8 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id b86ac3a0-a01e-0057-782f-fbd61f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	dll-dompurify.min.3c32c70.js Show response forms.office.com/gcc/cdn/scripts/dists/	16 KB 7 KB	33ms 33ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.3c32c70.js Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47 Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:29 GMT content-encoding br last-modified Mon, 25 Sep 2023 23:25:28 GMT x-msedge-ref Ref A: 540EC45E06494368AF57AA5C262E8972 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBBE1EB45E0583 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id e408d3a2-101e-006b-3d71-f93d4f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.min.64a00a2.js Show response forms.office.com/gcc/cdn/scripts/dists/	420 KB 126 KB	35ms 35ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a164a004465dafe8117b861ed5f15dbd4b8b98756103ff63732a5f7c7ac7940 Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:29 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:03:25 GMT x-msedge-ref Ref A: 2B33EB936014492B8AE3FA625C1527A1 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC9245303A862 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 427a176e-b01e-0010-061f-fb7fd3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu') Show response forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/	8 KB 3 KB	572ms 572ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')?$expand=questions($expand=choices)&$top=1 Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 60be4631917b72764e78cc73297c6cc5a0b6b8cf944baa852ecb2fff41bf9c42 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu X-UserSessionId 6aac4623-8d59-4ae8-ab06-af4c8173ad5c accept-language de-DE,de;q=0.9 __RequestVerificationToken 44vJlKRLAX4TgbK_YokUbxzZ5J_AYQ4g-HXx1NJHcJLw86YcQZaCR4hymVnJmgKBFr_LbxsPoWFqb68ZPvQaz1t3lSGWyxp57h9J4CmYmQk1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip date Tue, 10 Oct 2023 17:58:30 GMT x-officeversion 16.0.16925.42053 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_9 x-routingofficeversion 16.0.16927.42052 x-correlationid 915afe76-5c6a-4193-a940-8d82ef5aa56a x-officecluster usgsw-000.forms.gcc.osi.office365.us x-usersessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-msedge-ref Ref A: 7AA5F7C8279646FC8F00DBE107E2C343 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid 915afe76-5c6a-4193-a940-8d82ef5aa56a x-routingsessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-robots-tag noindex, nofollow x-routingofficecluster weu-101.forms.office.com
GET H2	200	light-response-page.chunk.lrp_ext.80400f9.js forms.office.com/gcc/cdn/scripts/dists/	0 104 KB	32ms 31ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.80400f9.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:03:24 GMT x-msedge-ref Ref A: 667DC00955D248AE97C687205549A5F1 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC92452DC771A x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 10958a49-e01e-0050-161f-fb78eb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_saveresponse.494be9e.js forms.office.com/gcc/cdn/scripts/dists/	0 7 KB	30ms 29ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.494be9e.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: E0684AB1D0B6486AA9CAC1BF996BDD18 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC9241D8444D0 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 7b1dcea7-f01e-0044-0320-fbe3fe000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_cover.0fdeef7.js forms.office.com/gcc/cdn/scripts/dists/	0 18 KB	31ms 30ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.0fdeef7.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:03:24 GMT x-msedge-ref Ref A: 228219ED925F475AA868A3EF409AA659 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC92452D91C39 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id cce9978e-301e-0098-2320-fb9ada000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_post.boot.2ecf5fe.js forms.office.com/gcc/cdn/scripts/dists/	0 6 KB	30ms 29ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.2ecf5fe.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: C79DFD3EB081435FB64D531AFB6FAE0E Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:30Z etag 0x8DBC9241D82BE6A x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 8b05d0aa-801e-0040-0b6b-fb167c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_ext.80400f9.js Show response forms.office.com/gcc/cdn/scripts/dists/	320 KB 104 KB	46ms 46ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.80400f9.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 081252c84494eb099c9dd70b0a936f982b9edf800651708d3ab245e47dde0cbf Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:03:24 GMT x-msedge-ref Ref A: 066DA0A28E474217B254037C959A28A0 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC92452DC771A x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 10958a49-e01e-0050-161f-fb78eb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_saveresponse.494be9e.js Show response forms.office.com/gcc/cdn/scripts/dists/	18 KB 7 KB	40ms 40ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.494be9e.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 383ed25236eeada60c8035140537665c543fd71d34f04286aa91704f1df99dc1 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: 589AA29D578E4480AC2B6D8D363736DD Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC9241D8444D0 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 7b1dcea7-f01e-0044-0320-fbe3fe000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.lrp_post.boot.2ecf5fe.js Show response forms.office.com/gcc/cdn/scripts/dists/	15 KB 6 KB	39ms 39ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.2ecf5fe.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 15ee1384a8ad265a87340e5dc3132a9b3438cc506b704d2fbe0f9dd4c8d942c3 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: D9EFCD2EC4774AADB7BC850C4ED3AC81 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC9241D82BE6A x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 8b05d0aa-801e-0040-0b6b-fb167c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	wave-pattern-v1.svg forms.office.com/gcc/cdn/images/aio/	2 KB 806 B	32ms 31ms	Image image/svg+xml	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://forms.office.com/gcc/cdn/images/aio/wave-pattern-v1.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:02:46 GMT x-msedge-ref Ref A: CFBAB5C990BF4FEF9DEEF4B817CE47B1 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC9243BC2D1AD x-cache TCP_HIT content-type image/svg+xml access-control-allow-origin * x-ms-request-id 5ed08374-f01e-005c-3d67-fbefe3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.sw.31d3b50.js Show response forms.office.com/gcc/cdn/scripts/dists/	1 KB 815 B	30ms 30ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.31d3b50.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a12e651312666a2519bcec5a7699bf94739e8e9b68b17f9619889b1075977288 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Mon, 25 Sep 2023 23:25:32 GMT x-msedge-ref Ref A: D77201EE5DF84C4C85D95139811F82E6 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBBE1EB6B6B860 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 06d6b224-001e-0048-3c75-f9a78c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.officebrowserfeedback.39bdf71.js forms.office.com/gcc/cdn/scripts/dists/	0 117 KB	73ms 72ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Mon, 25 Sep 2023 23:25:32 GMT x-msedge-ref Ref A: A4261C1EE88445CCA3B9D8FDE63F8B6E Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBBE1EB6B7A29B x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id a17825cf-901e-0038-1b91-f91e7b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.try_dv.d33b8a6.js forms.office.com/gcc/cdn/scripts/dists/	0 2 KB	72ms 71ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: 94906AAAFF7D498E9250FBFF7EE25570 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC9241D91D762 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id 6085abff-b01e-000c-576b-fbd163000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.1ds.37175a1.js Show response forms.office.com/gcc/cdn/scripts/dists/	104 KB 36 KB	62ms 61ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.37175a1.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:01:55 GMT x-msedge-ref Ref A: 896F4D6B827C404DB672DA98E74F3493 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC9241D75EF1D x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id ab4af8c5-201e-0046-3863-fbe104000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	light-response-page.chunk.utel.416b286.js Show response forms.office.com/gcc/cdn/scripts/dists/	23 KB 8 KB	53ms 52ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.416b286.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.64a00a2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a77ffbc96c2b930dba2ee53fb0bea719fd88cbee4a175d82ec001f83df4e90ce Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Tue, 10 Oct 2023 00:03:25 GMT x-msedge-ref Ref A: 006D03C29F78459BAB090A6B0D4FA63D Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC92452F5A0B4 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id d9a2fd45-201e-0060-6720-fbc624000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
GET H2	200	b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922 lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/	36 KB 37 KB	716ms 259ms	Image image/png	52.127.244.58 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.127.244.58 Phoenix, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Tue, 10 Oct 2023 17:58:32 GMT strict-transport-security max-age=2592000; includeSubDomains x-routingofficeversion 16.0.16925.42101 content-type image/png x-routingcorrelationid c0c96a6a-8d0d-4f7f-b8f6-d6ff2af24866 cache-control no-cache x-routingsessionid 4c17aca9-53ca-419c-a01d-39294169ed3c x-hivering 6 x-routingofficecluster usgsw-000.lists.gcc.osi.office365.us x-routingofficefe CollabDBReverseProxyWithMappingService_IN_1 expires -1
GET H2	200	'de' Show response forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQl...	2 B 647 B	571ms 571ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')/localeResource/'de' Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.80400f9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers odata-version 4.0 x-correlationid 27a2bac1-f8d7-494f-a80d-9b518e85f49e x-usersessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-ms-form-request-ring gcc accept-language de-DE,de;q=0.9 authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type application/json odata-maxverion 4.0 accept application/json Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu x-ms-form-request-source ms-formweb __requestverificationtoken 44vJlKRLAX4TgbK_YokUbxzZ5J_AYQ4g-HXx1NJHcJLw86YcQZaCR4hymVnJmgKBFr_LbxsPoWFqb68ZPvQaz1t3lSGWyxp57h9J4CmYmQk1 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip date Tue, 10 Oct 2023 17:58:31 GMT x-officeversion 16.0.16925.42053, 16.0.16925.42053 x-officefe FormsSingleBox_IN_1, FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_14 x-routingofficeversion 16.0.16927.42052 x-correlationid 27a2bac1-f8d7-494f-a80d-9b518e85f49e x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c, 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-msedge-ref Ref A: 7E31868651DB4599B957142CA2AA027D Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid 27a2bac1-f8d7-494f-a80d-9b518e85f49e x-routingsessionid 6aac4623-8d59-4ae8-ab06-af4c8173ad5c x-robots-tag noindex, nofollow x-routingofficecluster neu-101.forms.office.com
GET H2	200	ms.jsll-3.min.js Show response js.monitor.azure.com/scripts/c/	181 KB 78 KB	176ms 83ms	Script text/javascript	2620:1ec:bdf::63 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Requested by Host: forms.office.com URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.2ecf5fe.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ed20090ab9eac537cd83a784f70dd61f1ea14da013e0e9c38174bfc691353304 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 17:58:31 GMT content-encoding br x-ms-meta-jssdkver 3.2.14 last-modified Thu, 21 Sep 2023 19:29:40 GMT x-ms-meta-jssdksrc [cdn]/scripts/c/ms.jsll-3.2.14.min.js vary Accept-Encoding x-azure-ref 20231010T175831Z-up30fm0yzp6thf1r3v66mdsbgs000000054g00000000rwcb content-type text/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id f7f6e223-301e-006d-2054-f705b2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800, immutable, no-transform x-cache TCP_HIT x-ms-version 2009-09-19
GET H2	200	telemetry-worker.1.js forms.office.com/cdn/scripts/dists/	94 KB 32 KB	57ms 56ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/cdn/scripts/dists/telemetry-worker.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 85ed8f512f9c9a0d23eed31481d4df9b66538a0b93930db40ebcbe6d2122ff3b Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 10 Oct 2023 17:58:30 GMT content-encoding br last-modified Sat, 07 Oct 2023 04:28:17 GMT x-msedge-ref Ref A: 2101B198D94147DE91AC2D59771B1540 Ref B: AMS231032603007 Ref C: 2023-10-10T17:58:31Z etag 0x8DBC6EDD47AC434 x-cache TCP_HIT content-type application/javascript access-control-allow-origin * x-ms-request-id fd9ffaee-901e-015c-358c-f938e1000000 access-control-expose-headers x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type cache-control max-age=31536000 x-ms-version 2009-09-19 x-cid 7
OPTIONS H2	200	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	2561ms 2138ms	Preflight	20.189.173.15 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.189.173.15 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-allow-origin https://forms.office.com access-control-max-age 3600 cache-control public, 3600 content-length 0 date Tue, 10 Oct 2023 17:58:33 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
OPTIONS		/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0
POST		/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0
POST		/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0
OPTIONS		/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

browser.events.data.microsoft.com

URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Domain

browser.events.data.microsoft.com

URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Domain

browser.events.data.microsoft.com

URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Domain

browser.events.data.microsoft.com

URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl object| oneDS3 object| oneDS object| awa

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			forms.office.com/	1970-01-20 16:05:52	Name: FormsWebSessionId Value: 74462d25-b90c-41c2-99fa-a9bccc6299d7
			forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: -9k2IfHNr1lKT8csTSrNURf8KU0UTWDVBFJu4hKF76AtYDH4YRjtOxYHxginD4pyoH9NwXkM0RmhH6XUzufNbF7o_mb924owVWDE-rC7k9M1
			forms.office.com/	1970-01-21 00:08:16	Name: MicrosoftApplicationsTelemetryDeviceId Value: b708bc00-75bb-43c6-9f69-a54b48bcab14
			forms.office.com/	1970-01-20 15:22:42	Name: ai_session Value: CWdOKcYbtWeXbfeZYe3mfa|1696960711813|1696960711813

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
browser.events.data.microsoft.com
20.189.173.15
2620:1ec:a92::194
2620:1ec:bdf::63
52.127.244.58
081252c84494eb099c9dd70b0a936f982b9edf800651708d3ab245e47dde0cbf
0ba75bb98483189565c5fb974d5560b180c9fe6d42772a7596139734116f8c51
15ee1384a8ad265a87340e5dc3132a9b3438cc506b704d2fbe0f9dd4c8d942c3
383ed25236eeada60c8035140537665c543fd71d34f04286aa91704f1df99dc1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
60be4631917b72764e78cc73297c6cc5a0b6b8cf944baa852ecb2fff41bf9c42
7a164a004465dafe8117b861ed5f15dbd4b8b98756103ff63732a5f7c7ac7940
85ed8f512f9c9a0d23eed31481d4df9b66538a0b93930db40ebcbe6d2122ff3b
870d0292df6ee1cb1748e5c7c4efa94767074d64d5512a2cc4bbdb665b8d1c31
a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976
a12e651312666a2519bcec5a7699bf94739e8e9b68b17f9619889b1075977288
a77ffbc96c2b930dba2ee53fb0bea719fd88cbee4a175d82ec001f83df4e90ce
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed20090ab9eac537cd83a784f70dd61f1ea14da013e0e9c38174bfc691353304