forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ResponsePage.aspx Show response forms.office.com/Pages/	33 KB 10 KB	290ms 170ms	Document text/html	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 40ef3743c4062327945f3d4aedad42367d18d1860745ba48c9a7f33927bd15ee Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-encoding br content-length 8784 content-type text/html; charset=utf-8 date Wed, 22 Feb 2023 17:18:37 GMT expires 0 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" pragma no-cache strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding x-cache CONFIG_NOCACHE x-content-type-options nosniff x-correlationid eb7a6518-6667-43e7-ae98-540cee7d379d x-failurereason Unknown x-msedge-ref Ref A: 069D64CA25E0433C8BB938370876F0F2 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:37Z x-officecluster usgsw-000.forms.gcc.osi.office365.us x-officefe FormsSingleBox_IN_2 x-officeversion 16.0.16214.42053 x-robots-tag noindex, nofollow x-routingcorrelationid eb7a6518-6667-43e7-ae98-540cee7d379d x-routingofficecluster weu-100.forms.office.com usgsw-000.forms.gcc.osi.office365.us x-routingofficefe FormsSingleBox_IN_6 FormsSingleBox_IN_2 x-routingofficeversion 16.0.16216.42053 16.0.16214.42053 x-routingsessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-usersessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01
GET H2	200	ls-response.de.b178d9d29.js Show response forms.office.com/Scripts/dists/	32 KB 12 KB	130ms 129ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/ls-response.de.b178d9d29.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 46f55c1d415fb031e5b482986d6ad9e7dea4a5a1d4f9aaa9ad6514b44f026b88 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:37 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_0 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_1, FormsSingleBox_IN_0 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid 35741623-7ab9-44fd-9c67-d69e2ea93493 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 8e78f287-57c9-4afb-a6c0-696e476b6aa0 etag "1d9403faafdf755" vary Accept-Encoding x-msedge-ref Ref A: 70FC243C4B2745FFA911EFB5FFDCFDA8 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:37Z content-type application/javascript x-routingcorrelationid 35741623-7ab9-44fd-9c67-d69e2ea93493 cache-control public, max-age=31104000 x-routingsessionid 8e78f287-57c9-4afb-a6c0-696e476b6aa0 accept-ranges bytes x-routingofficecluster weu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.min.css forms.office.com/css/dist/	145 KB 28 KB	337ms 336ms	Stylesheet text/css	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/css/dist/light-response-page.min.css?v=67868d545b&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash def1d159ed80fe627468f69a5db5b8a4c60c18e97d76bc95172b64536e7d4eb9 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:37 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_0 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_0, FormsSingleBox_IN_0 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid b0c3f3d5-8c49-4316-ada8-31c1a14dc0ce x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 4e444b8a-1f6c-41cb-9541-1775d1821400 etag "1d9403faaffcb87" vary Accept-Encoding x-msedge-ref Ref A: B21E6F4470984719A9172727E2100C01 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:37Z content-type text/css x-routingcorrelationid b0c3f3d5-8c49-4316-ada8-31c1a14dc0ce cache-control public, max-age=31104000 x-routingsessionid 4e444b8a-1f6c-41cb-9541-1775d1821400 accept-ranges bytes x-routingofficecluster neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.min.js Show response forms.office.com/Scripts/dists/	311 KB 105 KB	581ms 581ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c04b93d9bdd4403b45c3aab1a0addc0358e12d148668d9068f147e7440ba2c73 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:37 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_13, FormsSingleBox_IN_2 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid b419dd9c-1bb9-4e51-886d-c228c5bcda1b x-officecluster usgsw-000.forms.gcc.osi.office365.us x-usersessionid 25ae9cde-9d64-44fe-98d3-bc9175f6ef18 etag "1d9403faaf95286" vary Accept-Encoding x-msedge-ref Ref A: B0D611DE762548EBB20147908E015AB8 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:37Z content-type application/javascript x-routingcorrelationid b419dd9c-1bb9-4e51-886d-c228c5bcda1b cache-control public, max-age=31104000 x-routingsessionid 25ae9cde-9d64-44fe-98d3-bc9175f6ef18 accept-ranges bytes x-routingofficecluster weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	runtimeFormsWithResponses('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u') Show response forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/light/	17 KB 4 KB	328ms 328ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/light/runtimeFormsWithResponses('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u')?$expand=questions($expand=choices) Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1f48c26d931b404d5be5994c216b9f0ac719550affd97cdcc284b9cc7b21b481 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u X-UserSessionId dd1913b8-1f48-4fc3-8996-8d43e2d2de01 accept-language de-DE,de;q=0.9 __RequestVerificationToken a8rR519TSaZn_5HDTjjR0-iNF4bwrAEQeaztXR0ZdnY804f_XDAaX2eqoT9B7c7ZlV4HKOaGZ4l9m3hGkXaysdBT_7p_8tVA-aZKICss-wI1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip date Wed, 22 Feb 2023 17:18:37 GMT x-officeversion 16.0.16214.42053, 16.0.16214.42053 x-officefe FormsSingleBox_IN_0, FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_11 x-routingofficeversion 16.0.16216.42053 x-correlationid e5495071-47bc-4899-b2a6-40693856c627 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01, dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-msedge-ref Ref A: EEF2C061C5BC4DD8BE6373DB37DFCF66 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:37Z vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid e5495071-47bc-4899-b2a6-40693856c627 x-routingsessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-robots-tag noindex, nofollow x-routingofficecluster neu-100.forms.office.com
GET H2	200	light-response-page.chunk.lrp_ext.d76873b.js forms.office.com/Scripts/dists/	0 71 KB	131ms 131ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.d76873b.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_1 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_6, FormsSingleBox_IN_1 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid fd09e232-510d-4167-94aa-bf43aaa4802a x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 5ac0bda9-021f-4897-bbef-de506a0e5c13 etag "1d9403faafea925" vary Accept-Encoding x-msedge-ref Ref A: 5A3E61A11EDC44089C989EA9BFF2E484 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid fd09e232-510d-4167-94aa-bf43aaa4802a cache-control public, max-age=31104000 x-routingsessionid 5ac0bda9-021f-4897-bbef-de506a0e5c13 accept-ranges bytes x-routingofficecluster frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_cover.4878077.js forms.office.com/Scripts/dists/	0 38 KB	127ms 126ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_cover.4878077.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_0, FormsSingleBox_IN_2 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid bcbc3543-4c79-4e00-9b68-2e076c851644 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid b81f1473-feea-4e2c-b7a6-a28cff503bbb etag "1d9403faafc6c81" vary Accept-Encoding x-msedge-ref Ref A: BDE2F8271335461783F2B3FB3DA180EA Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid bcbc3543-4c79-4e00-9b68-2e076c851644 cache-control public, max-age=31104000 x-routingsessionid b81f1473-feea-4e2c-b7a6-a28cff503bbb accept-ranges bytes x-routingofficecluster frc-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_post.boot.423ff39.js forms.office.com/Scripts/dists/	0 5 KB	407ms 406ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.423ff39.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_0 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_14, FormsSingleBox_IN_0 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid e9c9f6c1-e485-45a3-98d3-4ac684f088db x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 91346110-57e6-4bec-a3e1-ee9f590ec063 etag "1d9403faafda106" vary Accept-Encoding x-msedge-ref Ref A: DAEE6EDE49D04609900C3E68E251808D Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid e9c9f6c1-e485-45a3-98d3-4ac684f088db cache-control public, max-age=31104000 x-routingsessionid 91346110-57e6-4bec-a3e1-ee9f590ec063 accept-ranges bytes x-routingofficecluster weu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_ext.d76873b.js Show response forms.office.com/Scripts/dists/	200 KB 72 KB	123ms 123ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.d76873b.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a595b14b0b5004ef1d9ff485af59a29926d7df81f7d5e819adac9511346f7d8d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_1 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_3, FormsSingleBox_IN_1 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid 089abeb9-8706-4562-8ce6-9b8a9f333037 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 69cd8cd9-591e-4bb7-8780-3590b4c1fa33 etag "1d9403faafea925" vary Accept-Encoding x-msedge-ref Ref A: 63CFD57E8FEB4F13B7CEC8F1EE654974 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid 089abeb9-8706-4562-8ce6-9b8a9f333037 cache-control public, max-age=31104000 x-routingsessionid 69cd8cd9-591e-4bb7-8780-3590b4c1fa33 accept-ranges bytes x-routingofficecluster neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_post.boot.423ff39.js Show response forms.office.com/Scripts/dists/	10 KB 5 KB	415ms 414ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.423ff39.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 21f025d790f3c8be38ea17b17e1c246ea4ad36fa1c880547733365648e076199 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_0 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_3, FormsSingleBox_IN_0 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid be9d160b-0673-4068-9978-022eb5b5c742 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid dde8bd39-aba2-4ed1-9f01-be14925603f7 etag "1d9403faafda106" vary Accept-Encoding x-msedge-ref Ref A: 27C2D90091454EA8AAFB30037DCE2161 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid be9d160b-0673-4068-9978-022eb5b5c742 cache-control public, max-age=31104000 x-routingsessionid dde8bd39-aba2-4ed1-9f01-be14925603f7 accept-ranges bytes x-routingofficecluster weu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.sw.0b67d9e.js Show response forms.office.com/Scripts/dists/	1 KB 876 B	337ms 337ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.0b67d9e.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_7, FormsSingleBox_IN_2 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid ff85f83b-376c-4f5c-bc10-53bdb4a5b355 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 0a535315-0710-4ed5-9ded-e405d4192829 etag "1d9403faafd8dca" vary Accept-Encoding x-msedge-ref Ref A: 2A0802B8D6954F6F9E0F6CF16FB94CF4 Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid ff85f83b-376c-4f5c-bc10-53bdb4a5b355 cache-control public, max-age=31104000 x-routingsessionid 0a535315-0710-4ed5-9ded-e405d4192829 accept-ranges bytes x-routingofficecluster neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.1ds.4a73f96.js Show response forms.office.com/Scripts/dists/	92 KB 34 KB	123ms 123ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.4a73f96.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=67868d545b&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br date Wed, 22 Feb 2023 17:18:38 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_1 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_9, FormsSingleBox_IN_1 x-routingofficeversion 16.0.16216.42053, 16.0.16214.42053 last-modified Tue, 14 Feb 2023 06:43:38 GMT x-correlationid a025a896-adb7-4d7c-b6b5-c80b109c46a5 x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid 15675529-4786-4408-900d-678d503160d7 etag "1d9403faafce648" vary Accept-Encoding x-msedge-ref Ref A: 5DB630A7F09C43199D6D3B583B75739C Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z content-type application/javascript x-routingcorrelationid a025a896-adb7-4d7c-b6b5-c80b109c46a5 cache-control public, max-age=31104000 x-routingsessionid 15675529-4786-4408-900d-678d503160d7 accept-ranges bytes x-routingofficecluster weu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	83e90ef7-f27b-4c92-9dba-3f9b6a4b7990 lists.gcc.osi.office365.us/Images/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/b7079559-5f21-4191-885d-03d8cb68615e/T2QF4CUV908NS2FB5FKLRQ384L/	19 KB 19 KB	624ms 233ms	Image image/png	52.127.244.58 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://lists.gcc.osi.office365.us/Images/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/b7079559-5f21-4191-885d-03d8cb68615e/T2QF4CUV908NS2FB5FKLRQ384L/83e90ef7-f27b-4c92-9dba-3f9b6a4b7990 Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.127.244.58 Phoenix, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 476f90c57d064388e9b26a94922a71bf69e3f2d19823786add86ec45a641be72 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma no-cache date Wed, 22 Feb 2023 17:18:38 GMT strict-transport-security max-age=2592000; includeSubDomains x-routingofficeversion 16.0.16214.42100 content-type image/png x-routingcorrelationid c8fb83a0-cafe-47d3-8816-13908180b324 cache-control no-cache x-routingsessionid d625bf75-0501-4222-8219-3bda38427eaf x-hivering 6 x-routingofficecluster usgsw-000.lists.gcc.osi.office365.us x-routingofficefe CollabDBReverseProxyWithMappingService_IN_2 expires -1
GET H2	200	'de' Show response forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/forms('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u'...	2 B 376 B	585ms 585ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/forms('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u')/localeResource/'de' Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.d76873b.js?ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers odata-version 4.0 x-correlationid 34f70f2c-d13e-47b3-bb01-e0fa8d8eaefd x-usersessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-ms-form-request-ring gcc accept-language de-DE,de;q=0.9 authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 content-type application/json odata-maxverion 4.0 accept application/json Referer https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u x-ms-form-request-source ms-formweb __requestverificationtoken a8rR519TSaZn_5HDTjjR0-iNF4bwrAEQeaztXR0ZdnY804f_XDAaX2eqoT9B7c7ZlV4HKOaGZ4l9m3hGkXaysdBT_7p_8tVA-aZKICss-wI1 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip date Wed, 22 Feb 2023 17:18:39 GMT x-officeversion 16.0.16214.42053 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_9 x-routingofficeversion 16.0.16216.42053 x-correlationid 34f70f2c-d13e-47b3-bb01-e0fa8d8eaefd x-officecluster usge-000.forms.gcc.osi.office365.us x-usersessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-msedge-ref Ref A: 7AAA85DDE2624FD590837242C86D1BDD Ref B: AMS231032609047 Ref C: 2023-02-22T17:18:38Z vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid 34f70f2c-d13e-47b3-bb01-e0fa8d8eaefd x-routingsessionid dd1913b8-1f48-4fc3-8996-8d43e2d2de01 x-robots-tag noindex, nofollow x-routingofficecluster frc-101.forms.office.com
GET H2	200	ms.jsll-3.min.js Show response js.monitor.azure.com/scripts/c/	179 KB 61 KB	167ms 24ms	Script text/javascript	2620:1ec:48:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.423ff39.js?ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 22 Feb 2023 17:18:38 GMT content-encoding br x-ms-meta-jssdkver 3.2.9 last-modified Tue, 21 Feb 2023 18:33:42 GMT x-ms-meta-jssdksrc [cdn]/scripts/c/ms.jsll-3.2.9.min.js content-md5 b+j9g6sJxD1l0IIs+rjbCw== etag 0x8DB143A28B32497 x-azure-ref 0b072YwAAAACWn9LfQsBhQZjK2fVXWjvgRlJBMjMxMDUwNDE3MDM1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng== x-cache TCP_HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id 2f961dfc-b01e-00dd-46de-4673f6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800, immutable, no-transform x-ms-version 2009-09-19
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 1 KB	121ms 29ms	XHR application/json	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 8c08b0cd675de57d9ecfb8e2be8abbedea757f6588236160b33d471020f86760 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1677086320197 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 time-delta-to-apply-millis use-collector-delta content-type application/x-json-stream cache-control no-cache, no-store Referer https://forms.office.com/ apikey a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539 Client-Id NO_AUTH Response headers Strict-Transport-Security max-age=31536000 Date Wed, 22 Feb 2023 17:18:39 GMT Server Microsoft-HTTPAPI/2.0 time-delta-millis 338 Access-Control-Allow-Methods POST P3P CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Content-Type application/json Access-Control-Allow-Origin https://forms.office.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Access-Control-Allow-Headers P3P,Set-Cookie,time-delta-millis Content-Length 153
OPTIONS H/1.1	200 OK	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	230ms 29ms	Preflight	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody Access-Control-Allow-Origin https://forms.office.com Access-Control-Max-Age 3600 Cache-Control public, 3600 Content-Length 0 Date Wed, 22 Feb 2023 17:18:39 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 591 B	62ms 61ms	XHR application/json	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.4a73f96.js?ring=UsGovGccProduction Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash d72e9e61923db0eef20104c39dbe8dfe19ef29831fae6858858c14d7252404a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1677086320978 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 time-delta-to-apply-millis use-collector-delta content-type application/x-json-stream cache-control no-cache, no-store Referer https://forms.office.com/ apikey aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984 Client-Id NO_AUTH Response headers Strict-Transport-Security max-age=31536000 Date Wed, 22 Feb 2023 17:18:40 GMT Server Microsoft-HTTPAPI/2.0 time-delta-millis 41 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin https://forms.office.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Access-Control-Allow-Headers time-delta-millis Content-Length 153
OPTIONS H/1.1	200 OK	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	29ms 29ms	Preflight	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody Access-Control-Allow-Origin https://forms.office.com Access-Control-Max-Age 3600 Cache-Control public, 3600 Content-Length 0 Date Wed, 22 Feb 2023 17:18:40 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 591 B	33ms 33ms	XHR application/json	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 1878bc46126d8ab7fbf9f6c53383107f8c7b5f7d993145078d04b380cbe9bebd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1677086321199 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 time-delta-to-apply-millis 338 content-type application/x-json-stream cache-control no-cache, no-store Referer https://forms.office.com/ apikey a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539 Client-Id NO_AUTH Response headers Strict-Transport-Security max-age=31536000 Date Wed, 22 Feb 2023 17:18:40 GMT Server Microsoft-HTTPAPI/2.0 time-delta-millis 39 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin https://forms.office.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Access-Control-Allow-Headers time-delta-millis Content-Length 153
OPTIONS H/1.1	200 OK	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	29ms 29ms	Preflight	40.79.141.152 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.141.152 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody Access-Control-Allow-Origin https://forms.office.com Access-Control-Max-Age 3600 Cache-Control public, 3600 Content-Length 0 Date Wed, 22 Feb 2023 17:18:40 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __stylesheet__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.forms.office.com/	1970-01-20 10:34:38	Name: FormsWebSessionId Value: cabce431-3422-4eaa-a00a-4378912a7d21
			.forms.office.com/	1970-01-20 10:34:38	Name: usenewauthrollout Value: True
			forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: rArtqO2nuEkP1SCTLadjzAT5eGQgVZej3XDbi9mZJ3FLrG3FXybhsA8aNfSs_fEGcje-DfJLjDQ7S0HPjPxv__VnHoNQwli_XWDUpR2a9Ac1
			forms.office.com/	1970-01-20 18:37:02	Name: MicrosoftApplicationsTelemetryDeviceId Value: b7b434c2-136c-414c-b0d6-ef3ddb06cb1c
			forms.office.com/	1970-01-20 09:51:28	Name: ai_session Value: 1X+tePLwcY8GQGRMQX7mPI|1677086319194|1677086319194
			.microsoft.com/	1970-01-20 18:37:02	Name: MC1 Value: GUID=09304c97e8894a6e9b439670f6b78549&HASH=0930&LV=202302&V=4&LU=1677086320535
			.microsoft.com/	1970-01-20 09:51:28	Name: MS0 Value: 3caced6e33d1429987fe0e9a1f8af938
			forms.office.com/	1970-01-20 18:37:02	Name: MSFPC Value: GUID=09304c97e8894a6e9b439670f6b78549&HASH=0930&LV=202302&V=4&LU=1677086320535

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
2620:1ec:48:1::45
2620:1ec:a92::194
40.79.141.152
52.127.244.58
1878bc46126d8ab7fbf9f6c53383107f8c7b5f7d993145078d04b380cbe9bebd
1f48c26d931b404d5be5994c216b9f0ac719550affd97cdcc284b9cc7b21b481
21f025d790f3c8be38ea17b17e1c246ea4ad36fa1c880547733365648e076199
40ef3743c4062327945f3d4aedad42367d18d1860745ba48c9a7f33927bd15ee
46f55c1d415fb031e5b482986d6ad9e7dea4a5a1d4f9aaa9ad6514b44f026b88
476f90c57d064388e9b26a94922a71bf69e3f2d19823786add86ec45a641be72
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
8c08b0cd675de57d9ecfb8e2be8abbedea757f6588236160b33d471020f86760
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8
a595b14b0b5004ef1d9ff485af59a29926d7df81f7d5e819adac9511346f7d8d
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5
c04b93d9bdd4403b45c3aab1a0addc0358e12d148668d9068f147e7440ba2c73
d72e9e61923db0eef20104c39dbe8dfe19ef29831fae6858858c14d7252404a4
def1d159ed80fe627468f69a5db5b8a4c60c18e97d76bc95172b64536e7d4eb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749