forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ResponsePage.aspx Show response forms.office.com/Pages/	28 KB 8 KB	507ms 456ms	Document text/html	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8929724f8237551601892f1f1791587c45072d040389852c49ca1b9f13ad6ab4 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, must-revalidate, no-cache content-encoding br content-length 7249 content-type text/html; charset=utf-8 date Tue, 21 Jun 2022 21:30:59 GMT expires 0 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" pragma no-cache strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding x-cache CONFIG_NOCACHE x-content-type-options nosniff x-correlationid f0a4b0e9-2d63-4c8f-9e9e-e30aa9f9cf72 x-failurereason Unknown x-msedge-ref Ref A: 9E609654061A4C9BB45A455CFA5A021D Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:30:59Z x-officecluster usge-000.forms.gcc.osi.office365.us x-officefe FormsSingleBox_IN_1 x-officeversion 16.0.15411.36676 x-robots-tag noindex, nofollow x-routingcorrelationid f0a4b0e9-2d63-4c8f-9e9e-e30aa9f9cf72 x-routingofficecluster neu-100.forms.office.com usge-000.forms.gcc.osi.office365.us x-routingofficefe FormsSingleBox_IN_22 FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676 16.0.15411.36676 x-routingsessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 x-usersessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2
GET H2	200	ls-response.de.a30d4c81e.js Show response forms.office.com/Scripts/dists/	26 KB 9 KB	700ms 700ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/ls-response.de.a30d4c81e.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5efe2df4352e63d2c199dab9320817d9f506641bd317ca231c9bf82a499854d9 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 9302 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_8, FormsSingleBox_IN_2 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: F172E8CC2AF641BB80B49D3795125F37 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:00Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid a37a007f-961b-4132-afe4-a33f4f1e3b11 cache-control max-age=63072000 x-routingsessionid adee6ae4-4a03-4054-82b4-d840d185b222 accept-ranges bytes x-routingofficecluster weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.min.css forms.office.com/css/dist/	134 KB 24 KB	468ms 467ms	Stylesheet text/css	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/css/dist/light-response-page.min.css?v=dc4f02cfc8&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 17c22040507bd2319f944f94960db70b72f7887ae60b8bf74026c7b072c6b6d5 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 24062 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_13, FormsSingleBox_IN_0 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: 16AF600766E64984AD7D16F0C2EAA14A Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:00Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type text/css x-routingcorrelationid 3be9ba06-3165-42f0-97fa-9a818f114993 cache-control max-age=63072000 x-routingsessionid db12df4f-1526-44b6-8086-e612f2bc1648 accept-ranges bytes x-routingofficecluster neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.min.js Show response forms.office.com/Scripts/dists/	263 KB 83 KB	694ms 693ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9a28c393c4955d4beced7116d6e8bdd3f7be43798bd8a145d49da5f87c97a1ea Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 84497 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_2, FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: 71657A6AC3ED4C3EA5CC148AD2D66A5A Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:00Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid f011f9d5-176b-4b12-804a-65412c43a8fd cache-control max-age=63072000 x-routingsessionid a3017d7f-7738-45b7-a429-9260c7e001a8 accept-ranges bytes x-routingofficecluster weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu') Show response forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/	8 KB 3 KB	927ms 926ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/light/runtimeFormsWithResponses('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')?$expand=questions($expand=choices) Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e1808783c8e28affd2b8d2c6bb0c48528c0aaabe9d96fa24fc28e72582c9d244 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu X-UserSessionId 1b61f117-3a07-4290-8a74-5afb5ebec0d2 accept-language de-DE,de;q=0.9 __RequestVerificationToken vnEGcQLdZct83zLKnt5Sz_ECTTGqUes1-26e8cG-aCEyzZN6t6DDQxPClBwUshbmk_iw8wsm5fjMxWNHyVwiwTb5eH5Ikkk0Un907GOqSFs1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip x-officeversion 16.0.15411.36676 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_5, FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 x-correlationid e0b12ca2-410d-4cf3-a58a-10118a139daf x-officecluster usgsw-000.forms.gcc.osi.office365.us x-usersessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid e0b12ca2-410d-4cf3-a58a-10118a139daf x-routingsessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 x-msedge-ref Ref A: A7CAC8A3C2B84D6E8065026845987B6F Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:00Z x-robots-tag noindex, nofollow x-routingofficecluster weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_ext.5f496bc.js forms.office.com/Scripts/dists/	0 59 KB	153ms 152ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.5f496bc.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 59649 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_8, FormsSingleBox_IN_2 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: A3C823761A3E47FEAA2E325F72623468 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 669ef235-1524-4599-a0ce-cf0aba33d823 cache-control max-age=63072000 x-routingsessionid 24fe0455-2a20-4c9c-9029-c1d8aac71fb8 accept-ranges bytes x-routingofficecluster weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_post.boot.5ce793e.js forms.office.com/Scripts/dists/	0 4 KB	154ms 153ms	Other application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.5ce793e.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 4312 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_5, FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: E950B18BB32142869189C171BD395E14 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 9e5e940d-ff19-4254-90d9-a96ce6ea34ef cache-control max-age=63072000 x-routingsessionid 1702f0ed-8c85-43df-8b1b-66783a94be55 accept-ranges bytes x-routingofficecluster weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_ext.5f496bc.js Show response forms.office.com/Scripts/dists/	186 KB 59 KB	423ms 423ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.5f496bc.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 521dfa21356bc35a2b7170ab6bafff401961aeb342fff71850f553f8a8357c34 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 59649 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_12, FormsSingleBox_IN_2 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: E04BB0C5CA59400DBB2F83CC85585BAD Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z date Tue, 21 Jun 2022 21:31:01 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid f07e67e5-5de0-4150-ae9c-d4acc5258e70 cache-control max-age=63072000 x-routingsessionid cd0eaae6-92f1-4629-b06b-cd8806e88d4c accept-ranges bytes x-routingofficecluster neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	light-response-page.chunk.lrp_post.boot.5ce793e.js Show response forms.office.com/Scripts/dists/	11 KB 5 KB	106ms 105ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.5ce793e.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a903a0c3dca392a1b768486b5ef575d3efed9e8662b779ade3d87b14e889db97 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 4312 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_22, FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: 8C71341707E647BDB0590AC8BF83C9B3 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 30801097-3f65-4298-80b8-0a8dd356f7e9 cache-control max-age=63072000 x-routingsessionid aeb720fe-6208-4ae5-998a-4f75b33b9877 accept-ranges bytes x-routingofficecluster neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET DATA	200 OK	truncated /	4 KB 4 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da Request headers Referer Origin https://forms.office.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Content-Type font/woff2;charset=utf-8
GET H2	200	light-response-page.chunk.sw.eb6086d.js Show response forms.office.com/Scripts/dists/	1012 B 735 B	103ms 103ms	Script application/javascript	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.eb6086d.js?ring=UsGovGccProduction Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=dc4f02cfc8&ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff x-cache CONFIG_NOCACHE content-length 444 etag "0c33fff647dd81:0" x-routingofficefe FormsSingleBox_IN_13, FormsSingleBox_IN_0 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 last-modified Sat, 11 Jun 2022 07:29:34 GMT x-msedge-ref Ref A: 05242194B68A4AE19A0A6F6356E236F8 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z date Tue, 21 Jun 2022 21:31:00 GMT vary Accept-Encoding content-type application/javascript x-routingcorrelationid 71dc2172-2ec5-4e9d-b082-f884095cc6c0 cache-control max-age=63072000 x-routingsessionid e67e8980-1af9-482c-922d-303afa4634d5 accept-ranges bytes x-routingofficecluster neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
GET H2	200	ms.jsll-3.min.js Show response js.monitor.azure.com/scripts/c/	179 KB 58 KB	158ms 31ms	Script text/javascript	2620:1ec:46::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.5ce793e.js?ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:46::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 505d3664b4318563b0e7e5096e930a98debdad10c637be2df5fea2f005e8ca10 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 21:31:00 GMT content-encoding br x-azure-ref-originshield 0NjayYgAAAAAYO6sY2UM6S4s4iB+IBSfwQU1TMDRFREdFMTgxMwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY= content-md5 rTER0/T3X+0ON2+ZMJNo9Q== x-cache TCP_HIT x-ms-meta-jssdkver 3.2.3 last-modified Tue, 14 Jun 2022 19:58:10 GMT x-ms-meta-jssdksrc [cdn]/scripts/c/ms.jsll-3.2.3.min.js etag 0x8DA4E403540518B x-azure-ref 0lTiyYgAAAADMBiUt6vPsT6hjQNxYpss1QlJVMzBFREdFMDQxNQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY= content-type text/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id 56359652-901e-0047-27b1-85832e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800, immutable, no-transform x-ms-version 2009-09-19
GET H2	200	b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922 lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/	36 KB 37 KB	1581ms 132ms	Image image/png	52.127.240.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://lists.gcc.osi.office365.us/Images/07a94c98-f30f-4abb-bd7e-d63f8720dc02/753ca6af-900a-44d2-9845-a2cb3b70f789/T4REC9GF0S8UQEWHUWHK5Z6IF7/b95f3c2c-92c6-4fa6-a21c-cc4a03d1e922 Requested by Host: forms.office.com URL: https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.127.240.1 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers pragma no-cache date Tue, 21 Jun 2022 21:31:02 GMT x-routingofficeversion 16.0.15409.36252 strict-transport-security max-age=2592000; includeSubDomains content-type image/png x-routingcorrelationid 9c9b71d5-c964-4a29-978a-b74339155f14 cache-control no-cache x-routingsessionid e9aa52e7-6efd-45fe-930e-4b65916ae1d9 x-hivering 6 x-routingofficecluster usge-000.lists.gcc.osi.office365.us x-routingofficefe CollabDBReverseProxyWithMappingService_IN_1 expires -1
GET H2	200	'de' Show response forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQl...	2 B 397 B	266ms 266ms	XHR application/json	2620:1ec:a92::194 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://forms.office.com/formapi/api/07a94c98-f30f-4abb-bd7e-d63f8720dc02/groups/753ca6af-900a-44d2-9845-a2cb3b70f789/forms('mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu')/localeResource/'de' Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.5f496bc.js?ring=UsGovGccProduction Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers odata-version 4.0 x-correlationid b9dd67e9-2f66-4e18-a081-879a1b6e8053 x-usersessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 x-ms-form-request-ring gcc authorization content-type application/json accept-language de-DE,de;q=0.9 accept application/json Referer https://forms.office.com/Pages/ResponsePage.aspx?id=mEypBw_zu0q9ftY_hyDcAq-mPHUKkNJEmEWiyztw94lUNFJFQzlHRjBTOFVRRVdIVVdISzVaNklGNyQlQCN0PWcu odata-maxverion 4.0 __requestverificationtoken vnEGcQLdZct83zLKnt5Sz_ECTTGqUes1-26e8cG-aCEyzZN6t6DDQxPClBwUshbmk_iw8wsm5fjMxWNHyVwiwTb5eH5Ikkk0Un907GOqSFs1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 x-ms-form-request-source ms-formweb Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip x-officeversion 16.0.15411.36676 x-officefe FormsSingleBox_IN_2 x-cache CONFIG_NOCACHE x-routingofficefe FormsSingleBox_IN_5, FormsSingleBox_IN_1 x-routingofficeversion 16.0.15411.36676, 16.0.15411.36676 x-correlationid b9dd67e9-2f66-4e18-a081-879a1b6e8053 x-officecluster usgsw-000.forms.gcc.osi.office365.us x-usersessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 date Tue, 21 Jun 2022 21:31:01 GMT vary Accept-Encoding content-type application/json; charset=utf-8 x-routingcorrelationid b9dd67e9-2f66-4e18-a081-879a1b6e8053 x-routingsessionid 1b61f117-3a07-4290-8a74-5afb5ebec0d2 x-msedge-ref Ref A: 44FA5860A0544BF3ABFF0909985F6F39 Ref B: AMS04EDGE2806 Ref C: 2022-06-21T21:31:01Z x-robots-tag noindex, nofollow x-routingofficecluster weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	153 B 1 KB	39ms 9ms	XHR application/json	20.52.64.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 92075288cdbc2178daea6487f5fe219a0434b46af0dc0e0663ab3341d186efdb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1655847062518 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 time-delta-to-apply-millis use-collector-delta content-type application/x-json-stream cache-control no-cache, no-store apikey a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539 Referer https://forms.office.com/ Client-Id NO_AUTH Response headers Strict-Transport-Security max-age=31536000 Server Microsoft-HTTPAPI/2.0 Date Tue, 21 Jun 2022 21:31:01 GMT time-delta-millis 87 Access-Control-Allow-Methods POST P3P CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Access-Control-Allow-Origin https://forms.office.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Content-Type application/json Access-Control-Allow-Headers P3P,Set-Cookie,time-delta-millis Content-Length 153
OPTIONS H/1.1	200 OK	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	55ms 7ms	Preflight	20.52.64.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode Access-Control-Allow-Origin https://forms.office.com Access-Control-Max-Age 3600 Cache-Control public, 3600 Content-Length 0 Date Tue, 21 Jun 2022 21:31:01 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000
POST H/1.1	200 OK	/ Show response browser.pipe.aria.microsoft.com/Collector/3.0/	0 441 B	56ms 16ms	XHR application/json	20.52.64.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984&client-time-epoch-millis=1655847063806&time-delta-to-apply-millis=use-collector-delta Requested by Host: forms.office.com URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.5f496bc.js?ring=UsGovGccProduction Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.office.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Server Microsoft-HTTPAPI/2.0 Date Tue, 21 Jun 2022 21:31:03 GMT time-delta-millis 40 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers kill-tokens, kill-duration-seconds, time-delta-millis Access-Control-Allow-Headers Accept, Content-Type, Content-Encoding, Client-Id Content-Length 0
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/	24 B 462 B	113ms 112ms	XHR application/json	20.52.64.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D6cf370cced844ffe86dfca05681ffc60%26HASH%3D6cf3%26LV%3D202206%26V%3D4%26LU%3D1655847062605&w=0 Requested by Host: js.monitor.azure.com URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers upload-time 1655847064521 accept-language de-DE,de;q=0.9 client-version 1DS-Web-JS-3.2.3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 time-delta-to-apply-millis 87 content-type application/x-json-stream cache-control no-cache, no-store apikey a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539 Referer https://forms.office.com/ Client-Id NO_AUTH Response headers Strict-Transport-Security max-age=31536000 Server Microsoft-HTTPAPI/2.0 Date Tue, 21 Jun 2022 21:31:03 GMT time-delta-millis 115 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin https://forms.office.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Access-Control-Allow-Headers time-delta-millis Content-Length 24
OPTIONS H/1.1	200 OK	/ browser.events.data.microsoft.com/OneCollector/1.0/	0 0	8ms 8ms	Preflight	20.52.64.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D6cf370cced844ffe86dfca05681ffc60%26HASH%3D6cf3%26LV%3D202206%26V%3D4%26LU%3D1655847062605&w=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.52.64.201 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Access-Control-Request-Method POST Origin https://forms.office.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode Access-Control-Allow-Origin https://forms.office.com Access-Control-Max-Age 3600 Cache-Control public, 3600 Content-Length 0 Date Tue, 21 Jun 2022 21:31:03 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			forms.office.com/	1970-01-20 06:09:55	Name: DcLcid Value: ui=1031&data=1031
			.forms.office.com/	1970-01-20 04:40:39	Name: FormsWebSessionId Value: ec5a86e6-588a-424b-89a6-863be745940f
			.forms.office.com/	1970-01-20 04:40:39	Name: usenewauthrollout Value: True
			forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 7Vsp2rP6LfL4A1norUR30ndVAFDtxUvSOcJpdQIN8H8FDYdWrj8sIeftQg3zoobLRToF0cVi2A3KP0y6r8vH779kDz34PonH1Lc5nhww9sk1
			forms.office.com/	1970-01-20 12:43:03	Name: MicrosoftApplicationsTelemetryDeviceId Value: 5bb0c9c0-2a09-4cf9-9419-04a14a0356f6
			forms.office.com/	1970-01-20 03:57:28	Name: ai_session Value: cVOtcebBHrWKO7oaIkQwa2|1655847061516|1655847061516
			.microsoft.com/	1970-01-20 12:43:03	Name: MC1 Value: GUID=6cf370cced844ffe86dfca05681ffc60&HASH=6cf3&LV=202206&V=4&LU=1655847062605
			.microsoft.com/	1970-01-20 03:57:28	Name: MS0 Value: 109bf5e16faf423fa011816ba0d65d65
			forms.office.com/	1970-01-20 12:43:03	Name: MSFPC Value: GUID=6cf370cced844ffe86dfca05681ffc60&HASH=6cf3&LV=202206&V=4&LU=1655847062605

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
20.52.64.201
2620:1ec:46::60
2620:1ec:a92::194
52.127.240.1
17c22040507bd2319f944f94960db70b72f7887ae60b8bf74026c7b072c6b6d5
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505d3664b4318563b0e7e5096e930a98debdad10c637be2df5fea2f005e8ca10
521dfa21356bc35a2b7170ab6bafff401961aeb342fff71850f553f8a8357c34
5efe2df4352e63d2c199dab9320817d9f506641bd317ca231c9bf82a499854d9
8929724f8237551601892f1f1791587c45072d040389852c49ca1b9f13ad6ab4
92075288cdbc2178daea6487f5fe219a0434b46af0dc0e0663ab3341d186efdb
9a28c393c4955d4beced7116d6e8bdd3f7be43798bd8a145d49da5f87c97a1ea
a042987eb3b55b03ab1885f22b30e31b5aecc6d746298e5c71492a1313635976
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c
a903a0c3dca392a1b768486b5ef575d3efed9e8662b779ade3d87b14e889db97
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
e1808783c8e28affd2b8d2c6bb0c48528c0aaabe9d96fa24fc28e72582c9d244
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855