urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkI...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ...
Submission: On May 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6432.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:4838:101... 29748 (QTS-ASH)
1 14 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2620:1ec:40::45 8075 (MICROSOFT...)
1 52.127.240.1 8070 (MICROSOFT...)
2 13.69.116.104 8075 (MICROSOFT...)
1 20.42.65.85 8075 (MICROSOFT...)
19 6
1    2001:4838:101:2::4275:3dfa (United States)

ASN29748 (QTS-ASH, US)
lnks.gd
14    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    52.127.240.1 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
2    13.69.116.104 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    20.42.65.85 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
14 office.com
forms.office.com — Cisco Umbrella Rank: 6432
257 KB
3 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 280
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 151
2 KB
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 202761
598 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3882
55 KB
1 lnks.gd
lnks.gd — Cisco Umbrella Rank: 34027
879 B
19 5
Domain Requested by
14 forms.office.com 1 redirects lnks.gd
forms.office.com
2 browser.events.data.microsoft.com js.monitor.azure.com
1 browser.pipe.aria.microsoft.com forms.office.com
1 lists.gcc.osi.office365.us forms.office.com
1 js.monitor.azure.com forms.office.com
1 lnks.gd
19 6

This site contains links to these domains. Also see Links.

Domain
www.tcole.texas.gov
go.microsoft.com
Subject Issuer Validity Valid
lnks.gd
GoGetSSL RSA DV CA		 2021-07-08 -
2022-07-08		 a year crt.sh
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-03-27 -
2023-03-22		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2022-02-17 -
2023-02-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Frame ID: AE8C32C4571826DE61D885C67BA93071
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Customer Service Survey

Page URL History Show full URLs

  1. https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGlja... Page URL
  2. https://forms.office.com/g/fvBKbp4shR?utm_medium=email&utm_source=govdelivery HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWO... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

912 kB
Transfer

1431 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjA1MTIuNTc4MzA4MDEiLCJ1cmwiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vZy9mdkJLYnA0c2hSP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1nb3ZkZWxpdmVyeSJ9.cR517YuunIke_hfYOxl8q-vUcbcSpWTtrvEAStJq20w/s/2569989469/br/131243660747-l Page URL
  2. https://forms.office.com/g/fvBKbp4shR?utm_medium=email&utm_source=govdelivery HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
131243660747-l
lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjA1MTIuNTc4MzA4MDEiLCJ1cmwiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vZy9mdkJLYnA0c2hSP3V0bV... 		430 B
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjA1MTIuNTc4MzA4MDEiLCJ1cmwiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vZy9mdkJLYnA0c2hSP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1nb3ZkZWxpdmVyeSJ9.cR517YuunIke_hfYOxl8q-vUcbcSpWTtrvEAStJq20w/s/2569989469/br/131243660747-l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4838:101:2::4275:3dfa , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Date
Fri, 13 May 2022 11:05:02 GMT
ETag
W/"1344dc446e5e6ed95ffef711243f3e32"
Referer
lnks.gd
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Request-Id
488cd339-284f-4fb8-836f-af6271344d5e
X-Runtime
0.005598
X-Served-By
prod-hyruleweb8.as.gdi
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/g/fvBKbp4shR?utm_medium=email&utm_source=govdelivery
  • https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Requested by
Host: lnks.gd
URL: https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjA1MTIuNTc4MzA4MDEiLCJ1cmwiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vZy9mdkJLYnA0c2hSP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1nb3ZkZWxpdmVyeSJ9.cR517YuunIke_hfYOxl8q-vUcbcSpWTtrvEAStJq20w/s/2569989469/br/131243660747-l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0dc795da8a521fb750d52d1557c6a5045fa651370575482d29476e2b4ffa43b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjA1MTIuNTc4MzA4MDEiLCJ1cmwiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vZy9mdkJLYnA0c2hSP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1nb3ZkZWxpdmVyeSJ9.cR517YuunIke_hfYOxl8q-vUcbcSpWTtrvEAStJq20w/s/2569989469/br/131243660747-l
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
content-encoding
br
content-length
7340
content-type
text/html; charset=utf-8
date
Fri, 13 May 2022 11:05:03 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
df3faa07-97e6-446a-a856-7634d5577865
x-failurereason
Unknown
x-msedge-ref
Ref A: 9823D316EE47487C8293A7E95B94635B Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:02Z
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.15312.34201
x-robots-tag
noindex, nofollow
x-routingcorrelationid
df3faa07-97e6-446a-a856-7634d5577865
x-routingofficecluster
weu-100.forms.office.com usgsw-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_22 FormsSingleBox_IN_1
x-routingofficeversion
16.0.15309.36679 16.0.15312.34201
x-routingsessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
x-usersessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 13 May 2022 11:05:02 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
85de08c2-1cf1-4d1c-b856-202931550bb3
x-msedge-ref
Ref A: F10EEE19167F4EC28705B200BC908EA9 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:02Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormIntelligenceService_IN_0
x-officeversion
16.0.15312.34201
x-routingcorrelationid
85de08c2-1cf1-4d1c-b856-202931550bb3
x-routingofficecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.15312.34201
x-routingsessionid
3a46b2d4-3ab8-4959-add1-78182fc15b4d
x-usersessionid
3a46b2d4-3ab8-4959-add1-78182fc15b4d
ls-response.de.f60cdad79.js
forms.office.com/Scripts/dists/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/ls-response.de.f60cdad79.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f5d92d8d201cc4e7b89614ad2de4550b0ef9ca0ce543eeae993858b23ae12c8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
9280
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 4DD0CCAB424049D9BE603313E0C91997 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:03 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
6a0db28b-5beb-4319-8b1a-d5ca7bd8d8f5
cache-control
max-age=63072000
x-routingsessionid
f05c064e-6f87-4779-b3fe-d9d3e0903e52
accept-ranges
bytes
x-routingofficecluster
weu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.css
forms.office.com/css/dist/ 		129 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/light-response-page.min.css?v=f5da5007e7&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f84f063cd4d7a01cce6b8e9a9cc12b9548c37e0b812a5b994a66950995fb41d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
23489
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 8B6DA225C408471A86BB732CA087073D Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:03 GMT
vary
Accept-Encoding
content-type
text/css
x-routingcorrelationid
16467d5c-95c5-4490-abb9-81bb728f816e
cache-control
max-age=63072000
x-routingsessionid
8e1fce94-eb96-4357-a82f-961a96a94532
accept-ranges
bytes
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.js
forms.office.com/Scripts/dists/ 		257 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aedb6f3d2eb8ccad32227069a59bdc8eb3c367417c9f8c3f0666eda1df64e982
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
82295
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 7D9F434135104BA2A41B3FC64DF653D9 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:03 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
a53c7fc9-2cb8-47e2-ac02-deac9d9fdc66
cache-control
max-age=63072000
x-routingsessionid
6f2f4e54-2307-47d6-80cd-af5fbdb29d18
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
runtimeFormsWithResponses('P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu')
forms.office.com/formapi/api/f21e433f-b4f3-4b12-8476-8f367f107ccc/groups/75687ca1-66c4-496b-b59a-df7f2949b0b0/light/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/f21e433f-b4f3-4b12-8476-8f367f107ccc/groups/75687ca1-66c4-496b-b59a-df7f2949b0b0/light/runtimeFormsWithResponses('P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5d5da5b8486369882b64ed6049a3c3d2e1c9bc2107409faaa936cb03a54c5dd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
X-UserSessionId
f80623d1-f12a-4fdd-b575-ade3c69e745c
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
XJc5cLUAjAMCJvr4dhrWfU8bXcn50fal7BCEt__z3foUSsL-cfMygWU3EUUxEabFjVLGpkSFdSUkqCOM_7HXQENy_g_ORczfqBRDEszHUm81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15312.34201
x-officefe
FormsSingleBox_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
2759
x-routingofficefe
FormsSingleBox_IN_1, FormsSingleBox_IN_2
pragma
no-cache
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
x-correlationid
ad12b601-b139-4617-8f3b-e776a87f2497
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
date
Fri, 13 May 2022 11:05:03 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
ad12b601-b139-4617-8f3b-e776a87f2497
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
x-msedge-ref
Ref A: 0A7646789BB646239DBA684E20BDDE91 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
expires
-1
light-response-page.chunk.lrp_ext.90818b5.js
forms.office.com/Scripts/dists/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.90818b5.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
58802
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_16, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 68513CE84368439B941D062B126D7CD0 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
8c2ecd7c-d7b1-4c51-8b99-f088747f6e1f
cache-control
max-age=63072000
x-routingsessionid
ed0e34dc-308d-4363-ac03-5d14b8554cd3
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.6195ac0.js
forms.office.com/Scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.6195ac0.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
4311
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_7, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 5580EE303C2340ACBE5DFA5FD7B083B1 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
463205bf-b708-46fb-8df4-19b36934be83
cache-control
max-age=63072000
x-routingsessionid
e7ee5fee-96da-4113-92b5-ea914ca0b035
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.90818b5.js
forms.office.com/Scripts/dists/ 		184 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.90818b5.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb55bb6cb5852f2a827959ede9164cf506237f230249266e1d660903e47d282c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
58802
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 22C4F484E8EE468BA7BEA0938FF3E598 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:03Z
date
Fri, 13 May 2022 11:05:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
bd48fa11-ed4a-4475-b293-544b51cc7de4
cache-control
max-age=63072000
x-routingsessionid
159817ce-0484-40e0-9736-6eec9d75d8db
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.6195ac0.js
forms.office.com/Scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.6195ac0.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3054bc0b74fbc0e93668c8305f308d849409c0369234a85930a3dea8de6c6493
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
4311
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_9, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 6394977507CB4D4487D4E42A259E3E14 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:04Z
date
Fri, 13 May 2022 11:05:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
94484e7f-1da5-4699-a0cd-9866fb3c3b3e
cache-control
max-age=63072000
x-routingsessionid
2146d80a-8802-4c31-a56b-c9eba08f7083
accept-ranges
bytes
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
ir_white_title.svg
forms.office.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/images/ir_white_title.svg
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
2271
etag
"034e3d67463d81:0"
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.15309.36679
last-modified
Mon, 09 May 2022 07:17:28 GMT
x-msedge-ref
Ref A: 93C69BA0197A4680B27E6EE43E7EFAB4 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:04Z
date
Fri, 13 May 2022 11:05:03 GMT
content-type
image/svg+xml
x-routingcorrelationid
e8eda67d-c7ec-411d-a573-12f482de1ad0
cache-control
max-age=63072000
x-routingsessionid
6a4485f6-4398-4a46-9c54-7ca77f7865b8
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com
immersive-reader-icon_black.svg
forms.office.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/images/immersive-reader-icon_black.svg
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
2384
etag
"034e3d67463d81:0"
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.15309.36679
last-modified
Mon, 09 May 2022 07:17:28 GMT
x-msedge-ref
Ref A: 4B5FD6018629449AB7555C5AFAA849EB Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:04Z
date
Fri, 13 May 2022 11:05:03 GMT
content-type
image/svg+xml
x-routingcorrelationid
0eab6cff-ba38-4e54-b9e1-6cdc936995e6
cache-control
max-age=63072000
x-routingsessionid
21de6335-61c7-4fa4-8e9d-27aa4e4978c7
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.sw.0a9e7d7.js
forms.office.com/Scripts/dists/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.0a9e7d7.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=f5da5007e7&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5548e0471c380ae6ff16940fa92f7caeec4c4d78cebc6821b1baee3641cde692
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
760
etag
"09e36db165d81:0"
x-routingofficefe
FormsSingleBox_IN_6, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
last-modified
Thu, 12 May 2022 03:36:12 GMT
x-msedge-ref
Ref A: 1629813302B7408C8354A73659C5DFC3 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:04Z
date
Fri, 13 May 2022 11:05:04 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
9d893f46-85de-4a60-bc3a-aae839a3f817
cache-control
max-age=63072000
x-routingsessionid
e602bcba-61cf-4124-9caa-6e1e93a4ca6f
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.6195ac0.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2798f151600e63249fe8ecb9e50ee6075ade8bfb5da57d2394bdfe091274ddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 11:05:04 GMT
content-encoding
br
x-azure-ref-originshield
0CzV+YgAAAAAFX0sdOfKrSKr9lTSepDZwQU1TMDRFREdFMTkxMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
o1adWcKopF4PFhenqd1UQw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.1.11
last-modified
Wed, 27 Apr 2022 23:21:54 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.1.11.min.js
etag
0x8DA28A4B7636C30
x-azure-ref
0YDt+YgAAAAByvry8YVBYQKpkYsAqhmzMRlJBMjMxMDUwNDE5MDExAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c5f99b41-d01e-0069-21b2-66d139000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
f2abe564-e036-4b02-bb89-740bfe165502
lists.gcc.osi.office365.us/Images/f21e433f-b4f3-4b12-8476-8f367f107ccc/75687ca1-66c4-496b-b59a-df7f2949b0b0/T5QV9NPUDPC4NR3WGQKCUWUB3H/ 		597 KB
598 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/f21e433f-b4f3-4b12-8476-8f367f107ccc/75687ca1-66c4-496b-b59a-df7f2949b0b0/T5QV9NPUDPC4NR3WGQKCUWUB3H/f2abe564-e036-4b02-bb89-740bfe165502
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.127.240.1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c7d91a689f1787410df53deea09339ae32e96e42a83939eddbe232577461766e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 11:05:06 GMT
x-routingofficeversion
16.0.15304.36252
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
x-routingcorrelationid
fa1d7ade-ea2e-4971-bfb6-5fbe6a71de2a
cache-control
no-cache
x-routingsessionid
83e44421-2301-412c-b8f4-a233d4659bba
x-hivering
6
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_1
expires
-1
'de'
forms.office.com/formapi/api/f21e433f-b4f3-4b12-8476-8f367f107ccc/groups/75687ca1-66c4-496b-b59a-df7f2949b0b0/forms('P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQl... 		2 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/f21e433f-b4f3-4b12-8476-8f367f107ccc/groups/75687ca1-66c4-496b-b59a-df7f2949b0b0/forms('P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.90818b5.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
1967f6ba-05e4-4762-b3a4-db74ed440aa5
x-usersessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
x-ms-form-request-ring
gcc
authorization
content-type
application/json
accept-language
de-DE,de;q=0.9
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=P0Me8vO0EkuEdo82fxB8zKF8aHXEZmtJtZrffylJsLBUNVFWOU5QVURQQzROUjNXR1FLQ1VXVUIzSCQlQCN0PWcu&utm_medium=email&utm_source=govdelivery
odata-maxverion
4.0
__requestverificationtoken
XJc5cLUAjAMCJvr4dhrWfU8bXcn50fal7BCEt__z3foUSsL-cfMygWU3EUUxEabFjVLGpkSFdSUkqCOM_7HXQENy_g_ORczfqBRDEszHUm81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15312.34201
x-officefe
FormsSingleBox_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
6
x-routingofficefe
FormsSingleBox_IN_21, FormsSingleBox_IN_2
pragma
no-cache
x-routingofficeversion
16.0.15309.36679, 16.0.15312.34201
x-correlationid
1967f6ba-05e4-4762-b3a4-db74ed440aa5
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
date
Fri, 13 May 2022 11:05:05 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
1967f6ba-05e4-4762-b3a4-db74ed440aa5
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
f80623d1-f12a-4fdd-b575-ade3c69e745c
x-msedge-ref
Ref A: 6B7C54EB45E14EBEB5DACAC72A76BC31 Ref B: AM3EDGE0109 Ref C: 2022-05-13T11:05:04Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
expires
-1
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1652439905562&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.116.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6a18e86d2df36d67a5d199f2c201c71e4ed2fca5cf8ab423cea9dedb6cab2772

Request headers

Referer
https://forms.office.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 May 2022 11:05:04 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
71
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984&client-time-epoch-millis=1652439906542&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.90818b5.js?ring=UsGovGccProduction
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.85 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 11:05:06 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
492
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		24 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1652439908264&ext.intweb.msfpc=GUID%3Dd7dc8b5b0cd44103b7f18ebd5b1a31b2%26HASH%3Dd7dc%26LV%3D202205%26V%3D4%26LU%3D1652439905633&time-delta-to-apply-millis=71&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.116.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58

Request headers

Referer
https://forms.office.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 May 2022 11:05:07 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
-5
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

9 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1031&data=1031
.forms.office.com/ Name: FormsWebSessionId
Value: a3a54941-fb60-483f-bc1f-a76f584b6155
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: Y2gpqHU6JSifkn-D53mYPzUbIMut1AceFyA2pOb4qevbZuHyqTYW_8bicEBonnkhjxNZrt2EuaS-srDAgeNCgFtKDOdrJt6cP1wyUrM84uA1
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 93555265-21a4-42d2-a41c-bd0ee1ef3c7e
forms.office.com/ Name: ai_session
Value: Xd7VQ/npe+S/rcwTm8FV4Q|1652439904560|1652439904560
.microsoft.com/ Name: MC1
Value: GUID=d7dc8b5b0cd44103b7f18ebd5b1a31b2&HASH=d7dc&LV=202205&V=4&LU=1652439905633
.microsoft.com/ Name: MS0
Value: 4f2bacb9111a4511b1000f3b53f937ea
forms.office.com/ Name: MSFPC
Value: GUID=d7dc8b5b0cd44103b7f18ebd5b1a31b2&HASH=d7dc&LV=202205&V=4&LU=1652439905633

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000