Submitted URL: https://forms.office.com/g/3bjXPyNAqj
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2R...
Submission: On April 04 via manual from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2397.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on April 1st 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 2620:1ec:a92:... 8068 (MICROSOFT...)
1 52.127.244.58 8070 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
4 20.42.73.27 8075 (MICROSOFT...)
29 5
Apex Domain
Subdomains
Transfer
25 office.com
forms.office.com — Cisco Umbrella Rank: 2397
c.office.com — Cisco Umbrella Rank: 19980
1 MB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 109
871 B
1 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 285
32 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 234
757 B
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 83994
9 KB
29 5
Domain Requested by
23 forms.office.com 1 redirects forms.office.com
4 browser.events.data.microsoft.com forms.office.com
2 c.office.com 1 redirects
1 res-1.cdn.office.net
1 c.bing.com 1 redirects
1 lists.gcc.osi.office365.us
29 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 04
2024-04-01 -
2025-03-27
a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA
2024-03-13 -
2025-03-13
a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA
2024-02-20 -
2025-02-20
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2023-12-31 -
2024-12-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Frame ID: A70FB63A9CA240BDF02FAF7780822007
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

ZSFG Annual Employee Celebration 2024

Page URL History Show full URLs

  1. https://forms.office.com/g/3bjXPyNAqj HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

29
Requests

97 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

1232 kB
Transfer

1850 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/g/3bjXPyNAqj HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&RedC=c.office.com&MXFR=34246C610AEE69A0222078360EEE621A HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&MUID=34246C610AEE69A0222078360EEE621A

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/g/3bjXPyNAqj
  • https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
54 KB
15 KB
Document
General
Full URL
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
427edbd255074a67e614f43466a6b7c1c1345a1790ca3babaafe5b1faa15a837
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 20:14:26 GMT
expires
0
link
<https://forms.office.com/gcc/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
a8d9534d-1c7c-4f13-9f91-b75adc2dfb39
x-msedge-ref
Ref A: 71E20772150F4E45B9E244B6EAE02EC8 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.17524.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
a8d9534d-1c7c-4f13-9f91-b75adc2dfb39
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.17526.42059
x-routingsessionid
2382d9e1-398d-42f2-a27a-18e8201cf6be
x-usersessionid
2382d9e1-398d-42f2-a27a-18e8201cf6be

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 04 Apr 2024 20:14:26 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
4e52f1e2-cbdf-47d2-a3a9-74f2e162c76c
x-msedge-ref
Ref A: D0B304E95FDB40C4B923B66142A32A34 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:25Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.17524.42051
x-routingcorrelationid
4e52f1e2-cbdf-47d2-a3a9-74f2e162c76c
x-routingofficecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.17524.42051
x-routingsessionid
5e1b5bb6-e234-407d-aeaf-0a0b67c906d0
x-usersessionid
5e1b5bb6-e234-407d-aeaf-0a0b67c906d0
ls-response.en-us.a8251b6ca.js
forms.office.com/gcc/cdn/scripts/dists/
36 KB
13 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/ls-response.en-us.a8251b6ca.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d622dca1201abce3cc5720bf7f0cbe30160bf176db018f05205fdcdf137e6798

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:47 GMT
x-msedge-ref
Ref A: 76B3813C8F474B2F8E7297A2F0240181 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8170B5CDA
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
48589c1c-501e-002f-21a0-84bea8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
dll-dompurify.min.bcf1a85.js
forms.office.com/gcc/cdn/scripts/dists/
37 KB
13 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:03:32 GMT
x-msedge-ref
Ref A: B59471AD3D42439FBF98515D62D0E82C Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC4D282CA88E33
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2ece466f-b01e-0072-4d5f-81bdf4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.min.373ad7a.js
forms.office.com/gcc/cdn/scripts/dists/
467 KB
136 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c937337ae765889fe3621a1b4d211eea39bac221bce62f456f52ca95783ddc1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:03:00 GMT
x-msedge-ref
Ref A: FD00C92A8D1C4D63A4DEFE3AF42EDAC5 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8429FD03A
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fd3238d0-801e-0079-53a0-84469f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
runtimeFormsWithResponses('z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u')
forms.office.com/formapi/api/22d5c2cf-ce3e-443d-9a7f-dfcc0231f73f/users/5a89f6fa-851d-4252-aa0f-9b8719efb182/light/
22 KB
5 KB
XHR
General
Full URL
https://forms.office.com/formapi/api/22d5c2cf-ce3e-443d-9a7f-dfcc0231f73f/users/5a89f6fa-851d-4252-aa0f-9b8719efb182/light/runtimeFormsWithResponses('z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6673189522d03d775840c97ba8f000ccfde38be53bc0fdcaa87aabb0e87ad2b3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-UserSessionId
2382d9e1-398d-42f2-a27a-18e8201cf6be
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
__RequestVerificationToken
SR7CO1qJ3WHzy-vArvOd2k3VfSF_I8rJ7kLfyaT0YXq-804ORZYsImVT5L2KhocpiPK-7ZEin3Mg_1OZl3nP8cvD64z1D5DtYuwrFsAhb1s1
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 04 Apr 2024 20:14:26 GMT
x-officeversion
16.0.17524.42051
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3, FormsSingleBox_IN_1
x-routingofficeversion
16.0.17526.42059, 16.0.17524.42051
x-correlationid
5cce9baf-20ae-460b-a550-84e5076ae85d
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
2382d9e1-398d-42f2-a27a-18e8201cf6be
x-msedge-ref
Ref A: 9B3A7D03C2FE428F9636914EFE8D4A88 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
5cce9baf-20ae-460b-a550-84e5076ae85d
x-routingsessionid
2382d9e1-398d-42f2-a27a-18e8201cf6be
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.18e77aa.js
forms.office.com/gcc/cdn/scripts/dists/
0
118 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.18e77aa.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:03:00 GMT
x-msedge-ref
Ref A: 0075AC117C7442D1AC50708FADAC282A Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8428A0179
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
82c8acd0-c01e-0057-1a15-861488000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.be92ffc.js
forms.office.com/gcc/cdn/scripts/dists/
0
10 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.be92ffc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:42 GMT
x-msedge-ref
Ref A: 5092127E02D24DE0AA63CAB1CF76F01D Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8143DB04E
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5007bc05-e01e-0072-5aa0-844eac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_groupnote.37ecaae.js
forms.office.com/gcc/cdn/scripts/dists/
0
2 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_groupnote.37ecaae.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:03:00 GMT
x-msedge-ref
Ref A: E80341829D5848D68EA956590BD1F330 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A84289DA70
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c234c89d-101e-0019-3ba0-843a00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_cover.d369fa2.js
forms.office.com/gcc/cdn/scripts/dists/
0
19 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_cover.d369fa2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:42 GMT
x-msedge-ref
Ref A: 0C4395A8CF4740189C87E207D95AEBF3 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8142DD415
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eba539e4-b01e-0025-38a0-84a721000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.0072e88.js
forms.office.com/gcc/cdn/scripts/dists/
0
5 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.0072e88.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:42 GMT
x-msedge-ref
Ref A: 9BF4FD4F3ED14750B0D3D705F387B22E Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC52A8143BDBD2
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
05e2dba1-b01e-002e-69a0-84bf55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
favicon.ico
forms.office.com/gcc/cdn/images/
8 KB
8 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
last-modified
Tue, 26 Mar 2024 00:03:04 GMT
x-msedge-ref
Ref A: FF89916786554B76BE6196DD1EA2F5E0 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:26Z
etag
0x8DC4D281C432186
x-cache
TCP_HIT
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
ed45118c-901e-0038-1da9-811e7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
7886
x-cid
7
light-response-page.chunk.lrp_ext.18e77aa.js
forms.office.com/gcc/cdn/scripts/dists/
386 KB
118 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_ext.18e77aa.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
24291966647bda2bcd69357dec9684750adb96e7e0cba7d7c5a3ad8ed87c78b3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:03:00 GMT
x-msedge-ref
Ref A: 8AF8F1F8C3CD434292921FF61EB46967 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC52A8428A0179
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
82c8acd0-c01e-0057-1a15-861488000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_saveresponse.be92ffc.js
forms.office.com/gcc/cdn/scripts/dists/
32 KB
10 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.be92ffc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72b8c92ac1443e22151518d7abbf70eb422d11d7151e446803f9c321512364af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:42 GMT
x-msedge-ref
Ref A: 9F9A658164B74608896A74C5D35DF6A7 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC52A8143DB04E
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5007bc05-e01e-0072-5aa0-844eac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.lrp_post.boot.0072e88.js
forms.office.com/gcc/cdn/scripts/dists/
15 KB
5 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.0072e88.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ab5785905ba7d43c901c487ddfdc44444be00c8b1b162feca878b32bb113f75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:26 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:01:42 GMT
x-msedge-ref
Ref A: 0F345F5608C74EBAA6A4D4B0DE5DD6BD Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC52A8143BDBD2
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
05e2dba1-b01e-002e-69a0-84bf55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
f21f8604-6856-4027-b39d-becf518825ab
lists.gcc.osi.office365.us/Images/22d5c2cf-ce3e-443d-9a7f-dfcc0231f73f/5a89f6fa-851d-4252-aa0f-9b8719efb182/T9DMUET8RHI4IBZ2FX6DXINYRW/
8 KB
9 KB
Image
General
Full URL
https://lists.gcc.osi.office365.us/Images/22d5c2cf-ce3e-443d-9a7f-dfcc0231f73f/5a89f6fa-851d-4252-aa0f-9b8719efb182/T9DMUET8RHI4IBZ2FX6DXINYRW/f21f8604-6856-4027-b39d-becf518825ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.127.244.58 Phoenix, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5dd3cc6003b49cd469f37661bc29117d606ca4472c9dc6a8715dd430c60a1b77
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 20:14:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17601.42525
content-type
image/jpeg
x-routingcorrelationid
386c52d7-5957-4765-ba45-1e558abd8d46
cache-control
no-cache
x-routingsessionid
b3c574b6-2c32-4986-84fe-b03f905fa42b
x-hivering
6
x-routingofficecluster
usgsw-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
expires
-1
light-response-page.chunk.sw.a6ac500.js
forms.office.com/gcc/cdn/scripts/dists/
1 KB
814 B
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:02:20 GMT
x-msedge-ref
Ref A: FE07EB8F74EF488C94B7327A0A66F488 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D280192A32C
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a04318e7-101e-0089-6260-8186b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.officebrowserfeedback.3b74b9f.js
forms.office.com/gcc/cdn/scripts/dists/
0
117 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.officebrowserfeedback.3b74b9f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:03:35 GMT
x-msedge-ref
Ref A: 2447845F0E9F445085A945E22D9FBB04 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D282E64F120
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5ec0adfe-b01e-0062-08b2-83789c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.try_dv.d33b8a6.js
forms.office.com/gcc/cdn/scripts/dists/
0
2 KB
Other
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:02:20 GMT
x-msedge-ref
Ref A: 87BDA0EFA1FE4813A62FB896F9B91B2E Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D2801949EB1
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d193819d-e01e-009c-6d4d-81442f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.1ds.a8079b3.js
forms.office.com/gcc/cdn/scripts/dists/
108 KB
37 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:03:35 GMT
x-msedge-ref
Ref A: 09F4462857714598973F3B22681FCFEC Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D282E51BA11
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bb075c83-601e-0071-5d63-815c90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.utel.7e207a8.js
forms.office.com/gcc/cdn/scripts/dists/
31 KB
9 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel.7e207a8.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ddf1a64ff84ec8bf8f2537376a7760c7d72f0c907b557cdd18fea66cbb147d3f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 00:03:00 GMT
x-msedge-ref
Ref A: EFD75E0E8913437CB97CE91F87B31A91 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC52A8429BB224
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6864af48-d01e-0074-4ba1-848e4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&RedC=c.office.com&MXFR=34246C610AEE69A0222078360EEE621A
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&MUID=34246C610AEE69A0222078360EEE621A
42 B
332 B
Image
General
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&MUID=34246C610AEE69A0222078360EEE621A
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 20:14:27 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Apr 2024 20:14:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4332A8DBA2984528A3B1E84B0A9E1617 Ref B: FRAEDGE1211 Ref C: 2024-04-04T20:14:27Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=596B6AA9079A44B69C41A8C413642999&MUID=34246C610AEE69A0222078360EEE621A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/
31 KB
32 KB
Font
General
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:241b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 20:14:27 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=7, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
31824
last-modified
Tue, 15 Aug 2023 21:20:28 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.17247e68.1712261667.16a8dfcb&TotalRTCDNTime=7&CompressionType=&FileSize=31824"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
4d0b3570-f01e-0055-6316-d0ef1c000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
akamai-request-bc
[a=104.126.36.23,b=380166091,c=g,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin
*
microsoft365logo_v1.png
forms.office.com/gcc/cdn/images/
6 KB
6 KB
Image
General
Full URL
https://forms.office.com/gcc/cdn/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
last-modified
Tue, 26 Mar 2024 00:03:05 GMT
x-msedge-ref
Ref A: 290837D009864EF0A46B7050B1F8C1E9 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D281CAEF2E9
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6c1b9c85-301e-0098-5ccb-819ada000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
5895
x-cid
7
cheerful_holidays.mp3
forms.office.com/gcc/cdn/formsresources/eventcard/
507 KB
507 KB
Media
General
Full URL
https://forms.office.com/gcc/cdn/formsresources/eventcard/cheerful_holidays.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db978de1f3f680505026549e0a554837e41b30c7fb34bfeba660771a1d16ff50

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:28 GMT
content-md5
jjb+nLJf9S/+e9474SZHdQ==
x-cache
TCP_MISS
Content-Range
bytes 0-518783/518784
Content-Length
518784
x-ms-lease-status
unlocked
last-modified
Mon, 25 Mar 2024 08:47:45 GMT
x-msedge-ref
Ref A: C2192147AB28407FBE8EA71CC2AA36AA Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4CA83E112121
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
9f1372dc-401e-0091-57cc-86ab23000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
light-response-page.chunk.utel_1ds.c419280.js
forms.office.com/gcc/cdn/scripts/dists/
99 KB
34 KB
Script
General
Full URL
https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.utel_1ds.c419280.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.min.373ad7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feec3269001a82dd131d49fe8536753a81bd0e7e4049aebbeff7ec0a29e341e7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 04 Apr 2024 20:14:27 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2024 00:02:20 GMT
x-msedge-ref
Ref A: 88D60A1E23C44CEDAD1262B8F190AA83 Ref B: AMS231032605023 Ref C: 2024-04-04T20:14:27Z
etag
0x8DC4D2801942991
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
25c59513-101e-000a-14c9-81261b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.27 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 04 Apr 2024 20:14:28 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/
25 B
292 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.27 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time
1712261668438
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161,91531c5d891c486da00dddb1049c30a2-e90b69b1-4f29-40bb-8d25-66d7d26ede43-7437
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Apr 2024 20:14:29 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1524
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.27 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 04 Apr 2024 20:14:29 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/
153 B
579 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/gcc/cdn/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.27 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e1096076acfcdd2b496e927753f643caa966a4b000472e3652b7125b3bc341ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time
1712261669908
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Apr 2024 20:14:29 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
538
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 890566cd-d31f-4b1e-b7ad-e98811e8df6f
forms.office.com/ Name: __RequestVerificationToken
Value: 0DkL4VlAAV8gkXaRnUofbMGfyUOR2WRviEHKzoKUxrVOmajSaCbtO8DaPm1R8WWG-SBUgk6fjuol-_7pAW8bnImanNM3U0gaHHPsV0Fhn301
.office.com/ Name: MUID
Value: 34246C610AEE69A0222078360EEE621A
.bing.com/ Name: MUID
Value: 34246C610AEE69A0222078360EEE621A
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 34246C610AEE69A0222078360EEE621A
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=7689554c66b64a8aa6838d1602b20cb6&HASH=7689&LV=202404&V=4&LU=1712261670446
.microsoft.com/ Name: MS0
Value: 44056f9534ef4070838be737815af178

5 Console Messages

Source Level URL
Text
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://forms.office.com/pages/responsepage.aspx?id=z8LVIj7OPUSaf9_MAjH3P_r2iVodhVJCqg-bhxnvsYJUOURNVUVUOFJISTRJQloyRlg2RFhJTllSVy4u
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
forms.office.com
lists.gcc.osi.office365.us
res-1.cdn.office.net
20.42.73.27
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:7100::687e:241b
52.127.244.58
68.219.88.97
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
24291966647bda2bcd69357dec9684750adb96e7e0cba7d7c5a3ad8ed87c78b3
427edbd255074a67e614f43466a6b7c1c1345a1790ca3babaafe5b1faa15a837
4c937337ae765889fe3621a1b4d211eea39bac221bce62f456f52ca95783ddc1
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5dd3cc6003b49cd469f37661bc29117d606ca4472c9dc6a8715dd430c60a1b77
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
6673189522d03d775840c97ba8f000ccfde38be53bc0fdcaa87aabb0e87ad2b3
6ab5785905ba7d43c901c487ddfdc44444be00c8b1b162feca878b32bb113f75
72b8c92ac1443e22151518d7abbf70eb422d11d7151e446803f9c321512364af
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
d622dca1201abce3cc5720bf7f0cbe30160bf176db018f05205fdcdf137e6798
db978de1f3f680505026549e0a554837e41b30c7fb34bfeba660771a1d16ff50
ddf1a64ff84ec8bf8f2537376a7760c7d72f0c907b557cdd18fea66cbb147d3f
e1096076acfcdd2b496e927753f643caa966a4b000472e3652b7125b3bc341ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
feec3269001a82dd131d49fe8536753a81bd0e7e4049aebbeff7ec0a29e341e7