urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdIS...
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 34 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6737.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2620:1ec:46::45 8075 (MICROSOFT...)
1 52.127.244.58 8070 (MICROSOFT...)
7 52.178.17.2 8075 (MICROSOFT...)
34 4
Apex Domain
Subdomains		 Transfer
25 office.com
forms.office.com — Cisco Umbrella Rank: 6737
651 KB
7 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 194
2 KB
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 135948
37 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1834
77 KB
34 4
Domain Requested by
25 forms.office.com forms.office.com
7 browser.events.data.microsoft.com js.monitor.azure.com
forms.office.com
1 lists.gcc.osi.office365.us
1 js.monitor.azure.com forms.office.com
34 4

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-06-21 -
2024-06-15		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2023-06-05 -
2024-06-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-06-06 -
2024-05-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Frame ID: 0001FC99B4A5B5B7CABBACEBB4C7CEEA
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citizen Service Feedback

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

34
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

767 kB
Transfer

1325 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		50 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e19bb6709c64feea37bceb3b9857fe5f5b60c794ca925aa6022c9b7a38c39d80
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 14:33:11 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
76b132db-8f91-48c5-8280-5e6de1a8876e
x-msedge-ref
Ref A: AF68724D522D43E3A6850E4EA4B1CA2D Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16627.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
76b132db-8f91-48c5-8280-5e6de1a8876e
x-routingofficecluster
weu-101.forms.office.com usgsw-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_11 FormsSingleBox_IN_0
x-routingofficeversion
16.0.16625.42500 16.0.16627.42500
x-routingsessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
x-usersessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
ls-response.de.b38b50231.js
forms.office.com/gcc/cdn/scripts/dists/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.de.b38b50231.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
472061c24ec173270f8b000658a299062261cadbee9de1072fb803142c4f664a

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:04 GMT
x-msedge-ref
Ref A: FBE03D6086794CF2849BB86C616887A1 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8C60389B5
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0a6dbf3-001e-009d-777a-ad45d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
dll-dompurify.min.3c32c70.js
forms.office.com/gcc/cdn/scripts/dists/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:24:55 GMT
x-msedge-ref
Ref A: 96C583A02C084CC5B97379A493621A3A Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8C095CEAF
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
be960f76-501e-0085-1d50-ad6847000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.min.362bac2.js
forms.office.com/gcc/cdn/scripts/dists/ 		404 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4c94890f736d34ccf32b553ac2960c687c4178394f8800992657d1c6f2f1fff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: ECF62CA8E4E343FAA382E8A5C96D6909 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8FBB1CB74
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
270ff236-801e-0024-6e61-ad4c1b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')
forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
557c43f38fd00ba42c780efd154dc0b941239131892f45f7457fadfcb83a2874
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
X-UserSessionId
8e52fee0-d55d-469f-aeb7-dc70611d2691
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
1Slp9Od_i08zT8LdF5ZKjIoLcxkvtiJ6KZA1-W1FEuyBFkJEerR1V-E5EQ78dhCDMOCyickHctaM02xoYKYwJkf5wOJp6kvngOP3VtGBiFA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 03 Jul 2023 14:33:11 GMT
x-officeversion
16.0.16627.42500
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.16625.42500
x-correlationid
c6dce0fb-8fa4-44c6-8aa1-f4128e4fb392
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
x-msedge-ref
Ref A: FC25F531CB3445EABBA9FDDE57D9044F Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
c6dce0fb-8fa4-44c6-8aa1-f4128e4fb392
x-routingsessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.4bb9b4f.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
101 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.4bb9b4f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 0EB06CC6A84C4BF0B1F72602AA934512 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8FB908CE2
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
08a0b27c-b01e-0062-7e56-ad789c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_phishing.25fb654.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_phishing.25fb654.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: D2845371BB8A4271A8939173ECCD72CF Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8C3C4EB2D
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
26269cd0-601e-0086-556f-ad6b40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.5a9e2f3.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.5a9e2f3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: BD9989BFE0284925A67A0B98C771FAAC Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8C3C8E238
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a131ed9c-601e-004a-715e-ad0ff5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.ed30bba.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.ed30bba.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: 24C19F77110D416897576ABA9910D31D Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8C3BB019B
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
917c9bef-e01e-003d-616f-ad8ab4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.216d659.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.216d659.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:11 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 6FFCB2AA001343969C08B63833314213 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:11Z
etag
0x8DB76F8FB9853E6
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
58380dce-901e-0075-2667-add197000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_ext.4bb9b4f.js
forms.office.com/gcc/cdn/scripts/dists/ 		313 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.4bb9b4f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
601933306171adfecd77bd43a671a839c7367780f4efe7759b5c9a968f711393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 0B18A338128641AAA84EE2F3F262BBF2 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FB908CE2
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
08a0b27c-b01e-0062-7e56-ad789c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_phishing.25fb654.js
forms.office.com/gcc/cdn/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_phishing.25fb654.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9178e580981d38c15933667426f4999233daa690e4751792ea93fc25f32d7dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: 60FE294C15D64E08BBD42D4AC8F234D3 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3C4EB2D
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
26269cd0-601e-0086-556f-ad6b40000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.5a9e2f3.js
forms.office.com/gcc/cdn/scripts/dists/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.5a9e2f3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b1b95daa3d9f065afc49a5db8f8f7eb2e226c65395e57065c12199f76e76f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: D54E9BA272B14B06ABDF38B24A411EA4 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3C8E238
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a131ed9c-601e-004a-715e-ad0ff5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.216d659.js
forms.office.com/gcc/cdn/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.216d659.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b795fbdf2458794acead5e82f8040c16a9d705ea917298e58d3829d53dc5dddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 83FBFB69409B4113B0B0A064AA5A7F50 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FB9853E6
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
58380dce-901e-0075-2667-add197000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_poll.d4c591c.js
forms.office.com/gcc/cdn/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_poll.d4c591c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f4285fef6eb0be4f31f721838dc43c6900654bab7d3a2c0115aa3f524f981d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: AB961A7368A44EDEBB086890206ACEBF Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FB95BC39
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c341ba36-d01e-0064-6d61-ad4b23000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
wave-pattern-v1.svg
forms.office.com/gcc/cdn/images/aio/ 		2 KB
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/gcc/cdn/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:24:22 GMT
x-msedge-ref
Ref A: 8CEDB2FC87D040B198305F346A7E302A Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8ACA72A7B
x-cache
TCP_HIT
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
21bd6e02-401e-009a-1e67-adb357000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.sw.cc78b7e.js
forms.office.com/gcc/cdn/scripts/dists/ 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.cc78b7e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: A067FE5975DE423EAF718CD3485467B2 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3E0D37C
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e31735d6-a01e-005c-3550-adce6b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_trial.7b2ff24.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_trial.7b2ff24.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 58A7DACD4F134EF495F7CE16758FD495 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FB9BD5CF
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
77d8bdca-c01e-0025-6a64-ad13c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		180 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.216d659.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
vary
Accept-Encoding
x-azure-ref
20230703T143312Z-v4pext6s7t6bxf3suyaw38fzv400000009c00000000035qg
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
72f0d4ac-001e-004a-79ef-a1458f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
light-response-page.chunk.lrp_ty2svg.2ac265e.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: ED3361BC411A4388B61E107BBAEE4D09 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FB9E6D79
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0f435849-601e-004e-206b-ad9433000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.officebrowserfeedback.39bdf71.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: 7BCC684AD31C490F8F0878EEB420DD02 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3D7D42B
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
beb8c0cb-a01e-009b-4c61-adb2aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.try_dv.d33b8a6.js
forms.office.com/gcc/cdn/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: 4CB67666AF7045498B83DE3310938B4A Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3D7AD1C
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4a073c6c-801e-00a5-286b-ad048b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.utel.1381696.js
forms.office.com/gcc/cdn/scripts/dists/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.1381696.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f65e751e8a2bdacd9b98b5f7d0ba56c372f52181683400069314ae2aa120a753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:26:34 GMT
x-msedge-ref
Ref A: 96C35D3CE43A4525930C04B8B3D35F03 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8FBA98F52
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
77e2ded4-501e-0027-126b-adad7f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922
lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.127.244.58 Phoenix, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 14:33:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16619.42101
content-type
image/png
x-routingcorrelationid
0ce206d4-a43b-42b4-a9ee-e6ecde94ff2a
cache-control
no-cache
x-routingsessionid
51a827f1-43a9-4ae9-8d5a-bd972e4d87f8
x-hivering
6
x-routingofficecluster
usgsw-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
expires
-1
light-response-page.chunk.1ds.37175a1.js
forms.office.com/gcc/cdn/scripts/dists/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.362bac2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 10:25:01 GMT
x-msedge-ref
Ref A: 5BC5912B30CA4BD3A2EFAFA40E825BEB Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB76F8C3B7A6B3
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6f9978a5-b01e-0043-4c56-ad157b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
'de'
forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQl... 		2 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.4bb9b4f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
f43f451a-948f-46d1-8789-89cf4f003735
x-usersessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
x-ms-form-request-ring
gcc
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
x-ms-form-request-source
ms-formweb
__requestverificationtoken
1Slp9Od_i08zT8LdF5ZKjIoLcxkvtiJ6KZA1-W1FEuyBFkJEerR1V-E5EQ78dhCDMOCyickHctaM02xoYKYwJkf5wOJp6kvngOP3VtGBiFA1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 03 Jul 2023 14:33:12 GMT
x-officeversion
16.0.16627.42500, 16.0.16627.42500
x-officefe
FormsSingleBox_IN_0, FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.16625.42500
x-correlationid
f43f451a-948f-46d1-8789-89cf4f003735
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691, 8e52fee0-d55d-469f-aeb7-dc70611d2691
x-msedge-ref
Ref A: CDEFB3F75B96439D814A710E416B663B Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
f43f451a-948f-46d1-8789-89cf4f003735
x-routingsessionid
8e52fee0-d55d-469f-aeb7-dc70611d2691
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 14:33:12 GMT
content-encoding
br
last-modified
Mon, 03 Jul 2023 04:58:11 GMT
x-msedge-ref
Ref A: D5B2DE725EE14F13970A0613B98ABDF1 Ref B: AMS231032601005 Ref C: 2023-07-03T14:33:12Z
etag
0x8DB7B8219BFADB3
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
332ac125-201e-000b-586f-ad68df000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 14:33:12 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f0826d31e2d8a8a89db6f4e3f6556776055b44583a1e1a21055785276349d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688394793671
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 14:33:13 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
-32
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 14:33:13 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3bf5e46e1f798a83c084db6cc38af4ce5572f69a8d7794215b3cadb1ffb5898a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688394794673
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
-32
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 14:33:14 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
-34
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 14:33:14 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 03 Jul 2023 14:33:14 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
52d54512313da6d405d019306260adb1b624282027b8a55a8fbd91e85459bb58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1688394794688
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 14:33:14 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
-33
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
154

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

5 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: rBkSV8Fqqsm2RaLNKJTolnziKdwdiZLV1OZ56VJuuqGIZZ3PEbEFbhpMHiRpNv5LssKrQUjMbQiJwUWVoHrnAfvAen3AEutYuPEAGgq4Mkw1
forms.office.com/ Name: ai_session
Value: 8KKec+MIkIX/WHw4j1Pflc|1688394792669|1688394792669
.microsoft.com/ Name: MC1
Value: GUID=55557d19f21342ebb212de2c41283be7&HASH=5555&LV=202307&V=4&LU=1688394793639
.microsoft.com/ Name: MS0
Value: 9d6967e188d84dce946db24911377103
forms.office.com/ Name: MSFPC
Value: GUID=55557d19f21342ebb212de2c41283be7&HASH=5555&LV=202307&V=4&LU=1688394793639

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
2620:1ec:46::45
2620:1ec:a92::194
52.127.244.58
52.178.17.2
0b1b95daa3d9f065afc49a5db8f8f7eb2e226c65395e57065c12199f76e76f20
3bf5e46e1f798a83c084db6cc38af4ce5572f69a8d7794215b3cadb1ffb5898a
472061c24ec173270f8b000658a299062261cadbee9de1072fb803142c4f664a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52d54512313da6d405d019306260adb1b624282027b8a55a8fbd91e85459bb58
557c43f38fd00ba42c780efd154dc0b941239131892f45f7457fadfcb83a2874
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50
601933306171adfecd77bd43a671a839c7367780f4efe7759b5c9a968f711393
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
8f4285fef6eb0be4f31f721838dc43c6900654bab7d3a2c0115aa3f524f981d1
9178e580981d38c15933667426f4999233daa690e4751792ea93fc25f32d7dac
a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976
b795fbdf2458794acead5e82f8040c16a9d705ea917298e58d3829d53dc5dddb
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
e19bb6709c64feea37bceb3b9857fe5f5b60c794ca925aa6022c9b7a38c39d80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c94890f736d34ccf32b553ac2960c687c4178394f8800992657d1c6f2f1fff
f0826d31e2d8a8a89db6f4e3f6556776055b44583a1e1a21055785276349d6aa
f65e751e8a2bdacd9b98b5f7d0ba56c372f52181683400069314ae2aa120a753
fc72407edbb46b2afd5dab68d6297fd426ee0e13959e1607085015f1505e5e40