urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1O...
Submission: On May 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5602.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2620:1ec:a92:... 8068 (MICROSOFT...)
1 52.127.240.1 8070 (MICROSOFT...)
1 2620:1ec:46::40 8068 (MICROSOFT...)
4 13.69.109.131 8075 (MICROSOFT...)
1 40.79.189.59 8075 (MICROSOFT...)
21 5
14    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    52.127.240.1 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
1    2620:1ec:46::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
4    13.69.109.131 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    40.79.189.59 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
14 office.com
forms.office.com — Cisco Umbrella Rank: 5602
333 KB
5 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 239
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131
2 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3302
58 KB
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 149016
125 KB
21 4
Domain Requested by
14 forms.office.com forms.office.com
4 browser.events.data.microsoft.com js.monitor.azure.com
1 browser.pipe.aria.microsoft.com forms.office.com
1 js.monitor.azure.com forms.office.com
1 lists.gcc.osi.office365.us
21 5

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2022-02-17 -
2023-02-17		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 02		 2022-03-27 -
2023-03-22		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Frame ID: D38CD6A8D35CF4931AD4C71FA58BA1D7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vulnerability Management; Changes in Security Program Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

517 kB
Transfer

1138 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
385270a44d8ee9464adabec3be29e3a1441f689fbc12f604c2945613b08f92b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
content-encoding
br
content-length
7293
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 20:45:22 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
e3e147a4-7d5b-4e12-abf7-d087165dca13
x-failurereason
Unknown
x-msedge-ref
Ref A: 5723EDAF716C4131AE4E4AEA3A687B11 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.15315.36677
x-robots-tag
noindex, nofollow
x-routingcorrelationid
e3e147a4-7d5b-4e12-abf7-d087165dca13
x-routingofficecluster
eus2-101.forms.office.com usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_9 FormsSingleBox_IN_0
x-routingofficeversion
16.0.15319.36680 16.0.15315.36677
x-routingsessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
ls-response.default.012786fa9.js
forms.office.com/Scripts/dists/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/ls-response.default.012786fa9.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c19c47d6d93e939abeadf2ed03f18cd6243ee01a955908e43914500bbf346c38
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Origin
https://forms.office.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
7742
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_14, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: 9D3FA3076A76427F869BF56A4387D5D0 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
8f29b964-41c1-4282-aa6f-9bb73756ca0c
cache-control
max-age=63072000
x-routingsessionid
f1693420-725a-40b4-b8b8-c1bbda2d84a2
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.css
forms.office.com/css/dist/ 		130 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/light-response-page.min.css?v=dd7d472e4a&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5a5020e3ddf5fba503e8fcd4b5c3f0cc0259ec5ac4e1f3c9dbbb2e8c3802b97
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
23641
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: F0C9C96AD120419A9B8BE235EDB7029E Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
text/css
x-routingcorrelationid
2bb8af51-4c0e-493d-aa7d-feadd69b4266
cache-control
max-age=63072000
x-routingsessionid
089fb577-ca61-4a4c-b793-2ebbfd006b9d
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.js
forms.office.com/Scripts/dists/ 		261 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63c6a7ec945d7a47a80257ef78cd612d4323d69f23d74642f5eef33856c9998a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Origin
https://forms.office.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
84030
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: 8BE7A9B57DF14F6E988A352803638407 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
8a9e06a3-8cd5-427f-9dcc-f8ab2d93492e
cache-control
max-age=63072000
x-routingsessionid
8047dd0a-9217-44ee-99d4-32114d7e3196
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
runtimeFormsWithResponses('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u')
forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/light/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/light/runtimeFormsWithResponses('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7bc000dc645e1b95c06283eb5713555fb88e591eef8d3ed71e78e910bf788eb2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
X-UserSessionId
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
accept-language
en-CA,en;q=0.9
__RequestVerificationToken
P-6fJIw26m8opHPRAjknER6iSujIQHSSXPVcBAKOtCj1FKoZfA3t_bPlXFLceQZMOhmDrFPeThG11rptzbW7hblwQFXuPEKAQc_oAkV8r8k1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15315.36677
x-officefe
FormsSingleBox_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
3437
x-routingofficefe
FormsSingleBox_IN_3, FormsSingleBox_IN_0
pragma
no-cache
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
x-correlationid
27112f1d-9ae2-4a1b-a15f-60336c15254b
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
27112f1d-9ae2-4a1b-a15f-60336c15254b
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-msedge-ref
Ref A: 2DC66974DD65454486BFDD77185C2E3E Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
expires
-1
light-response-page.chunk.lrp_ext.a08f40e.js
forms.office.com/Scripts/dists/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.a08f40e.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
58850
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: D993372B62B04791AAFB55231CC24E81 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
9735dde4-ca82-41cf-96c8-eab9d4294415
cache-control
max-age=63072000
x-routingsessionid
47ab3414-2a01-41dd-9208-2675359537a1
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.4d0e6e4.js
forms.office.com/Scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.4d0e6e4.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
4310
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_17, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: 006677220FA8493091DB7A12B5472C8E Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
c02971f7-3c57-4eff-afd5-14b40943b997
cache-control
max-age=63072000
x-routingsessionid
1d2ab1ab-0f7a-466b-ba2e-527aab1ba19f
accept-ranges
bytes
x-routingofficecluster
eus2-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.a08f40e.js
forms.office.com/Scripts/dists/ 		184 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.a08f40e.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18932df4d82c463caa66d25bf307b275352da2b8dcb0b84bdea58fb8ad87f023
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
58850
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: EF796D72788542C5AA7C4AFC051DBB77 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
08ae914a-8e9c-453b-a93b-56a2ee915ed8
cache-control
max-age=63072000
x-routingsessionid
6f8bf032-f8e4-471e-b128-54dced64f02f
accept-ranges
bytes
x-routingofficecluster
eus2-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.4d0e6e4.js
forms.office.com/Scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.4d0e6e4.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a2bf5aeb6f28fb7851f9c35b49d588ee72e3be019474be8597f400d6ab30d83
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
4310
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_21, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: C44B6D8C6D514C789D1BE4D3EB59DBC1 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
c6a14111-69e7-4c62-80a3-46bd7677942b
cache-control
max-age=63072000
x-routingsessionid
22ed42c5-8c97-4ec9-b3f7-92edf2478218
accept-ranges
bytes
x-routingofficecluster
eus2-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.sw.eb6086d.js
forms.office.com/Scripts/dists/ 		1012 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.eb6086d.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
444
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: D465A93075124F1CB7E64B0E8C51B922 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/javascript
x-routingcorrelationid
7e43a662-7bd9-4288-a479-2ae07a7c447a
cache-control
max-age=63072000
x-routingsessionid
b5f3ac76-68e0-4731-aaf3-7505a6c8998a
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.css
forms.office.com/css/dist/ 		130 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/light-response-page.min.css?v=dd7d472e4a&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dd7d472e4a&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5a5020e3ddf5fba503e8fcd4b5c3f0cc0259ec5ac4e1f3c9dbbb2e8c3802b97
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
23641
etag
"06ccbe23468d81:0"
x-routingofficefe
FormsSingleBox_IN_17, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
last-modified
Sun, 15 May 2022 08:22:16 GMT
x-msedge-ref
Ref A: 3975D43981D24698BACD33FCAEA5B824 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
text/css
x-routingcorrelationid
a35f725e-f1ba-4f4e-af5c-4a98b0d52878
cache-control
max-age=63072000
x-routingsessionid
cabf4420-0da8-49d7-ab37-985f7e712aab
accept-ranges
bytes
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
GetThemes
forms.office.com/Pages/ResponsePage.aspx/ 		240 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx/GetThemes
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.a08f40e.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc33d91c9616fa5c3a957b189cf1cc944801edeaf74cf81f97caa41bc4824f9c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
undefined
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-ms-form-request-ring
gcc
authorization
content-type
application/json
accept-language
en-CA,en;q=0.9
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
odata-maxverion
4.0
__requestverificationtoken
P-6fJIw26m8opHPRAjknER6iSujIQHSSXPVcBAKOtCj1FKoZfA3t_bPlXFLceQZMOhmDrFPeThG11rptzbW7hblwQFXuPEKAQc_oAkV8r8k1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15315.36677
x-officefe
FormsSingleBox_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
134
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
x-correlationid
e55d36f0-403d-4ab9-9826-22559a9644c4
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
date
Wed, 25 May 2022 20:45:22 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
e55d36f0-403d-4ab9-9826-22559a9644c4
cache-control
max-age=0, private
x-failurereason
Unknown
x-routingsessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-msedge-ref
Ref A: 3D53D5387B5149168A38BC57B57724C7 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
x-routingofficecluster
eus2-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
3796dccf-6992-4756-8e88-9625765a169b
lists.gcc.osi.office365.us/Images/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/58778177-b81b-4406-bdd9-53504b229206/T917OQ3VLZC3BJ0YCR594T17RP/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/58778177-b81b-4406-bdd9-53504b229206/T917OQ3VLZC3BJ0YCR594T17RP/3796dccf-6992-4756-8e88-9625765a169b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.127.240.1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
622822052989522c5aabb684d98d0ef1aa1f7a8af23fb92d95929c35860218d8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 20:45:24 GMT
x-routingofficeversion
16.0.15311.36254
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
x-routingcorrelationid
42f45bc8-a6ed-498a-8b9c-a6b6dc4fbe4b
cache-control
no-cache
x-routingsessionid
751e3e92-801f-4e25-86fb-b8033f5a4512
x-hivering
6
x-routingofficecluster
usge-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
'en-ca'
forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/forms('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u'... 		2 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/forms('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u')/localeResource/'en-ca'
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.a08f40e.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
aa7f18b7-1357-4f90-9ae2-96f48407687f
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-ms-form-request-ring
gcc
authorization
content-type
application/json
accept-language
en-CA,en;q=0.9
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
odata-maxverion
4.0
__requestverificationtoken
P-6fJIw26m8opHPRAjknER6iSujIQHSSXPVcBAKOtCj1FKoZfA3t_bPlXFLceQZMOhmDrFPeThG11rptzbW7hblwQFXuPEKAQc_oAkV8r8k1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.15315.36677
x-officefe
FormsSingleBox_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
6
x-routingofficefe
FormsSingleBox_IN_13, FormsSingleBox_IN_0
pragma
no-cache
x-routingofficeversion
16.0.15319.36680, 16.0.15315.36677
x-correlationid
aa7f18b7-1357-4f90-9ae2-96f48407687f
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
date
Wed, 25 May 2022 20:45:23 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
aa7f18b7-1357-4f90-9ae2-96f48407687f
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
b323790e-1e4b-413e-98f1-5ee0b77e4bd6
x-msedge-ref
Ref A: 3DE43181B6884126BE161DEFBD295B42 Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
eus2-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
expires
-1
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		176 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.4d0e6e4.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b21bda744f7a01b25f1dd5c10edcd46737c9932d90534d1e9566295368e929f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 20:45:23 GMT
content-encoding
br
x-azure-ref-originshield
0sZGOYgAAAADSaW0O4Df3QYGLiaChEDDjRVdSMzBFREdFMTUwNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
pwwgb5u3voiuNSeRF9uLSg==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.2
last-modified
Tue, 17 May 2022 18:49:46 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.2.min.js
etag
0x8DA383603C7DDBE
x-azure-ref
0Y5WOYgAAAAD3lhf7bW/XSbwwzY/gYGjyQ0hHRURHRTE2MTMAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
764496f0-c01e-0065-3e73-704631000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
meeting.png
forms.office.com/Images/Theme/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.office.com/Images/Theme/meeting.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
58177
etag
"0a42af7676bd81:0"
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.15319.36680
last-modified
Thu, 19 May 2022 10:05:28 GMT
x-msedge-ref
Ref A: 0A832A6B58B3495A940A69A6EAFFDF9C Ref B: BL2EDGE1717 Ref C: 2022-05-25T20:45:23Z
date
Wed, 25 May 2022 20:45:23 GMT
content-type
image/png
x-routingcorrelationid
93e0ef40-3281-4693-b292-c71c1ed65135
cache-control
max-age=63072000
x-routingsessionid
88e181b6-e35e-43a9-a454-ac524c9fe8d7
accept-ranges
bytes
x-routingofficecluster
eus2-100.forms.office.com
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a252607eb797318a9bf4ae7ac822be60eb049c201747791e1ca28dd0b5e99e7d

Request headers

upload-time
1653511524969
accept-language
en-CA,en;q=0.9
client-version
1DS-Web-JS-3.2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Date
Wed, 25 May 2022 20:45:25 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
798
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 25 May 2022 20:45:25 GMT
Server
Microsoft-HTTPAPI/2.0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984&client-time-epoch-millis=1653511525758&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.a08f40e.js?ring=UsGovGccProduction
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.189.59 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 25 May 2022 20:45:25 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
625
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5a01de80850fe0fbfbcfa24b515bd8f187e1e4988e0c0b86a27a908a6670528d

Request headers

upload-time
1653511525971
accept-language
en-CA,en;q=0.9
client-version
1DS-Web-JS-3.2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
time-delta-to-apply-millis
798
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Date
Wed, 25 May 2022 20:45:25 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
156
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 25 May 2022 20:45:25 GMT
Server
Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

9 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033
.forms.office.com/ Name: FormsWebSessionId
Value: 1f89d64b-d537-4d2d-a73a-fda6156e745e
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: _bNuGphm_5-M2Av6y3vI3uToruQ5mlR2cTIebIs4vWnpHpGOSNraIdp2gLp5F0GcaKN7XOOrtVaWoZyCXyUpWQPw2tCcwkfF-h8J1Amgn3k1
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: ce38ce81-ef99-4989-8adb-aa33296db141
forms.office.com/ Name: ai_session
Value: Y6FOyB4EhwwFVCY+NMlZJr|1653511523966|1653511523966
.microsoft.com/ Name: MC1
Value: GUID=a559a574d6b340949aa39d8eb480268f&HASH=a559&LV=202205&V=4&LU=1653511525767
.microsoft.com/ Name: MS0
Value: 52b22b5f049945f08b149b904189477f
forms.office.com/ Name: MSFPC
Value: GUID=a559a574d6b340949aa39d8eb480268f&HASH=a559&LV=202205&V=4&LU=1653511525767

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff