urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u7638122.ct.sendgrid.net/ls/click?upn=GFRcQogCiFwwdkeveE0rTan54Rtt4GM8SCU1GdEIgHnW-2BnkHm4f50Kv-2F-2Bzeke3akOmyYmEHH7hUR-...
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYO...
Submission: On November 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 12381.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
12 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2620:1ec:46::45 8068 (MICROSOFT...)
1 52.127.244.58 8070 (MICROSOFT...)
6 51.11.192.49 8075 (MICROSOFT...)
20 4
1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u7638122.ct.sendgrid.net
12    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    52.127.244.58 (Phoenix, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us
6    51.11.192.49 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
12 office.com
forms.office.com — Cisco Umbrella Rank: 12381
301 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 757
2 KB
1 office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 532498
9 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3781
61 KB
1 sendgrid.net
u7638122.ct.sendgrid.net
336 B
20 5
Domain Requested by
12 forms.office.com forms.office.com
6 browser.events.data.microsoft.com js.monitor.azure.com
forms.office.com
1 lists.gcc.osi.office365.us forms.office.com
1 js.monitor.azure.com forms.office.com
1 u7638122.ct.sendgrid.net 1 redirects
20 5

This site contains links to these domains. Also see Links.

Domain
isbdc.org
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
lists.gcc.osi.office365.us
DigiCert SHA2 Secure Server CA		 2022-02-17 -
2023-02-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-09-08 -
2023-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Frame ID: 6ECB8E53458C6294E024AF2F1F81CD16
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Indiana SBDC HireUp Application (Seite 1 von 3)

Page URL History Show full URLs

  1. https://u7638122.ct.sendgrid.net/ls/click?upn=GFRcQogCiFwwdkeveE0rTan54Rtt4GM8SCU1GdEIgHnW-2BnkHm4f50Kv-2F-2B... HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

20
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

373 kB
Transfer

944 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u7638122.ct.sendgrid.net/ls/click?upn=GFRcQogCiFwwdkeveE0rTan54Rtt4GM8SCU1GdEIgHnW-2BnkHm4f50Kv-2F-2Bzeke3akOmyYmEHH7hUR-2B6C1wfdZnoR8aW6j4AnVmFO9ep2dLXcrHk-2BoMkShiUqObR5-2BWme-2FsYUgUjkWyGAtdJei31hr7CmtafWs1NCF1cY37q1st0ybfsBJIk6USOmgpmtdq-2BruL-xS_Zsfsc4Wzubyyy40FedhleOUZL-2Fu6FedEI9N78J9TkjSM4ItgVJ-2BmpH1gChJZsDX4GUWY7-2FNs-2Fo-2Bc1t7ZAfHgJCUPPoSHBW5Uaey0AVj5nUwi1jt7Qq8dybZODjQmUugteyloqY3JwD8rAwhkZUapePrA6dsGXwuZe8xt3PhaaBKVulnWAMXPl5rtuf-2BmfpYR3Gm6FkOte-2BVX52kQ-2B7h-2BGRR83ioQXCdFZfJ3WRyiBSE-2F06j-2F09bpxCXTEy063V37MtlGdsjWqN1MHpI8neOWE-2BDcDdB6j40PfYVhC-2Fmon4rOwwPQMP4WnE-2FUO3x-2Ftl7Hbt7hJUVBawEgWM-2B2Luy605fdxNl47pRdA3aYaM7MvccJGsOd9psHyfSY8bsYjHkIInYhghBggfPs-2F7OaoYhNv8FyS8DBQFD2-2B7ET7z28-2FXjvrD-2BGvc-2Fre8L5-2BSk3np3Fl-2BVpSXnf3EhgIhOfKKO6MHG70kluyssZG6-2FRLYq1QC8UqW1yL18xj1EltV-2BR5cwA9tPiSWk3EjkfukI-2FwONDnGfD6OKIl7qsuZKvjHTU3Eqha5n4YxHqDEbUCAR37ey3OFuOtgw4DmboGfm2XYuSq86jcrgFYUQIvdsNe48NqjxDKaFNsmHhl-2F-2BFsqAP0lJnSxfOYalfnIb-2BpMDL1fvmWB-2Fm2ysfwNYMcE8677BbBQ36pe92qXMxFqlXW3CzqTJToFbAXtRF6tk1hUhkfQjYTFqEVARUxXhZAD2dVN-2Fxja9VKKabwytMe8yXRSE3z2sCUqCZHT6xSLQmTMT0VxxatedpaLgOWyzlF7P5WDIbjrGmFZ-2BUEYsqamlDKOlu6FwNpgfhB978l3cTL5PzOFiukg-3D-3D HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://u7638122.ct.sendgrid.net/ls/click?upn=GFRcQogCiFwwdkeveE0rTan54Rtt4GM8SCU1GdEIgHnW-2BnkHm4f50Kv-2F-2Bzeke3akOmyYmEHH7hUR-2B6C1wfdZnoR8aW6j4AnVmFO9ep2dLXcrHk-2BoMkShiUqObR5-2BWme-2FsYUgUjkWy...
  • https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa211962fc4a5411f2b09abd4d9f135ef1c8d38c85e409c82ad403a168715811
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
8029
content-type
text/html; charset=utf-8
date
Wed, 02 Nov 2022 14:34:38 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
d353b4a9-ea86-4dd3-8f08-cce6c86c0984
x-failurereason
Unknown
x-msedge-ref
Ref A: A26FB0E7F0524A7BA5B36C3EDA072B4E Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:38Z
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.15824.42050
x-robots-tag
noindex, nofollow
x-routingcorrelationid
d353b4a9-ea86-4dd3-8f08-cce6c86c0984
x-routingofficecluster
frc-101.forms.office.com usgsw-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_5 FormsSingleBox_IN_0
x-routingofficeversion
16.0.15824.42050 16.0.15824.42050
x-routingsessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-usersessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6

Redirect headers

Connection
keep-alive
Content-Length
155
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Nov 2022 14:34:38 GMT
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Server
nginx
X-Robots-Tag
noindex, nofollow
ls-response.de.d82f0383a.js
forms.office.com/Scripts/dists/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/ls-response.de.d82f0383a.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b14f8573d3125afefc5b291ed870de66e03abf5fcd6ba63d82ede8428c8fc743
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:39 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
45715274-26ca-4020-ac79-e58967066dc8
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
bc6ec7c5-011a-4303-828f-0a519587b460
etag
"1d8e780ef0f7127"
vary
Accept-Encoding
x-msedge-ref
Ref A: 7A38C9E589C04192B84B63F307C4B9F7 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
45715274-26ca-4020-ac79-e58967066dc8
cache-control
public, max-age=31104000
x-routingsessionid
bc6ec7c5-011a-4303-828f-0a519587b460
accept-ranges
bytes
x-routingofficecluster
neu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.min.css
forms.office.com/css/dist/ 		142 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/light-response-page.min.css?v=82c0ed6ed4&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c05a6c103f7c81d26c2f32820446de48e0f016acff777238e6468e2b3d794b7b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:39 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_5, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
cd6e66eb-ec50-459a-8222-2df705db94ec
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
217031fc-df6c-437d-a72e-5e0f51098200
etag
"1d8e780ef0d3dae"
vary
Accept-Encoding
x-msedge-ref
Ref A: C43C05C6A6824D4A90862B1CB7DA2813 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
text/css
x-routingcorrelationid
cd6e66eb-ec50-459a-8222-2df705db94ec
cache-control
public, max-age=31104000
x-routingsessionid
217031fc-df6c-437d-a72e-5e0f51098200
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.min.js
forms.office.com/Scripts/dists/ 		297 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c22ddeb222e5b314227224c08711b38ba5b73dfb65c0dd3aa4ccf0a7d6b45de
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:39 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_0
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
d18cb375-66f7-43d8-92cd-21e318cf4270
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
cb8eb523-3929-4093-83a0-634e10a3d35e
etag
"1d8e780ef0ba813"
vary
Accept-Encoding
x-msedge-ref
Ref A: 9DB9A3D85D6147EFB7B06819F5C8C79A Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
d18cb375-66f7-43d8-92cd-21e318cf4270
cache-control
public, max-age=31104000
x-routingsessionid
cb8eb523-3929-4093-83a0-634e10a3d35e
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
runtimeFormsWithResponses('ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u')
forms.office.com/formapi/api/2199bfba-a409-4f13-b0c4-18b45933d88d/users/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/light/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/2199bfba-a409-4f13-b0c4-18b45933d88d/users/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/light/runtimeFormsWithResponses('ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a53cfa2d50a2a27034fe6281ce9817ed411a0985a0c1cc1483babc352df43be3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
X-UserSessionId
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
9_gZgjqHo_DbydzSZ3s4W0dmttYCXjcwx-kvIQCDxcwRRDeDega5SuA-tyzY1cuJqovDUNjmokCW0AZp8EypQ4pptheRdxzlOmp4zeSkf6E1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 02 Nov 2022 14:34:39 GMT
x-officeversion
16.0.15824.42050, 16.0.15824.42050
x-officefe
FormsSingleBox_IN_1, FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.15824.42050
x-correlationid
3ca07c0d-70e1-443e-a5dc-2ea2ffaf142e
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6, bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-msedge-ref
Ref A: 564A5A187AE148589679982A41B1740D Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
3ca07c0d-70e1-443e-a5dc-2ea2ffaf142e
x-routingsessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.05db01f.js
forms.office.com/Scripts/dists/ 		0
54 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.05db01f.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:40 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_16, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
acfbd14f-31a3-4ca7-b2c2-067a824971eb
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
e19adf0b-3eff-4395-b2e3-5571f0af2120
etag
"1d8e780ef0d5ed3"
vary
Accept-Encoding
x-msedge-ref
Ref A: 966993CFB2254BEAAC9C793955A2F0DF Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
acfbd14f-31a3-4ca7-b2c2-067a824971eb
cache-control
public, max-age=31104000
x-routingsessionid
e19adf0b-3eff-4395-b2e3-5571f0af2120
accept-ranges
bytes
x-routingofficecluster
weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.e3f225f.js
forms.office.com/Scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.e3f225f.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:40 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_7, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
d3641553-f43a-4e0d-8dc3-cc06c59a9462
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
ba2285f8-3140-4aa6-8064-e355284e8105
etag
"1d8e780ef0f2631"
vary
Accept-Encoding
x-msedge-ref
Ref A: DFDA6C7B22874380826359536A830B87 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
d3641553-f43a-4e0d-8dc3-cc06c59a9462
cache-control
public, max-age=31104000
x-routingsessionid
ba2285f8-3140-4aa6-8064-e355284e8105
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.05db01f.js
forms.office.com/Scripts/dists/ 		149 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.05db01f.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5637fa3aa2f1aebd6d2220aa2b0ec9a50361c95c87da3655ad8b326e65254e71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:40 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
725fc075-a587-4b0d-9958-a3a62d1281b7
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
a2539210-bcea-4f8a-8e95-e40cb0943f56
etag
"1d8e780ef0d5ed3"
vary
Accept-Encoding
x-msedge-ref
Ref A: 34F8D82659774D18AE2DFE2D25DCD512 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
725fc075-a587-4b0d-9958-a3a62d1281b7
cache-control
public, max-age=31104000
x-routingsessionid
a2539210-bcea-4f8a-8e95-e40cb0943f56
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.e3f225f.js
forms.office.com/Scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.e3f225f.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6c72b3129885f1554e0997071091f75933f42e786105a5bac4191fdc6893041
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:40 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
c2fa47de-8a06-4e2d-8f62-eecece7ffb5c
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
2541166e-f301-4104-864d-6ec4cadeb479
etag
"1d8e780ef0f2631"
vary
Accept-Encoding
x-msedge-ref
Ref A: 55536E4823AB49528E3CE8788F61EEB8 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:39Z
content-type
application/javascript
x-routingcorrelationid
c2fa47de-8a06-4e2d-8f62-eecece7ffb5c
cache-control
public, max-age=31104000
x-routingsessionid
2541166e-f301-4104-864d-6ec4cadeb479
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.sw.d097b04.js
forms.office.com/Scripts/dists/ 		953 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.d097b04.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0bc4f76140d38f7af2ec7f7404a74986432a90b064b3f5cdcb345a823fa8849
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:40 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
4db02603-af19-49a8-91c5-4d10ee241046
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
2ebc4581-7e7a-43f0-a17b-5edb76a0d498
etag
"1d8e780ef0f09b9"
vary
Accept-Encoding
x-msedge-ref
Ref A: 75329A38B03F4310AF15E8ACDA7F9882 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:40Z
content-type
application/javascript
x-routingcorrelationid
4db02603-af19-49a8-91c5-4d10ee241046
cache-control
public, max-age=31104000
x-routingsessionid
2ebc4581-7e7a-43f0-a17b-5edb76a0d498
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		178 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.e3f225f.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a92971d46a2a77706a9d0fbfb68fd78f51cf0b55f95bbf41e1bebafd33618156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 14:34:39 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.7
last-modified
Mon, 17 Oct 2022 18:13:29 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.7.min.js
content-md5
4oMQ+cqKYTCPFrkuXEzsOg==
etag
0x8DAB06B4B052716
x-azure-ref
0AIBiYwAAAACVHalxIsx8Q40BwMlJGzZMQU1TMDRFREdFMTgxMQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c9dde676-601e-00c8-6bc7-ee44de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
light-response-page.chunk.1ds.2a84df3.js
forms.office.com/Scripts/dists/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.2a84df3.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=82c0ed6ed4&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
92db9750961fd5f7d803cb44fb6bb6460f3ed0809bfd518ac82b15a3ef08629a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Wed, 02 Nov 2022 14:34:41 GMT
x-officeversion
16.0.15824.42050
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_2
x-routingofficeversion
16.0.15824.42050, 16.0.15824.42050
last-modified
Mon, 24 Oct 2022 08:16:36 GMT
x-correlationid
13279cf9-358f-4224-a96f-1e48938dce02
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
75878ebd-b7d7-47d8-8ab9-41d0ce613c60
etag
"1d8e780ef0e4ac6"
vary
Accept-Encoding
x-msedge-ref
Ref A: 5CB6B85A1DB447A3B7A59006B2420C25 Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:40Z
content-type
application/javascript
x-routingcorrelationid
13279cf9-358f-4224-a96f-1e48938dce02
cache-control
public, max-age=31104000
x-routingsessionid
75878ebd-b7d7-47d8-8ab9-41d0ce613c60
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
25b1512e-5ef5-4830-943d-aa68247ef52a
lists.gcc.osi.office365.us/Images/2199bfba-a409-4f13-b0c4-18b45933d88d/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/T6IZWMDWRPI2COC6MSX8X2MLUX/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.gcc.osi.office365.us/Images/2199bfba-a409-4f13-b0c4-18b45933d88d/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/T6IZWMDWRPI2COC6MSX8X2MLUX/25b1512e-5ef5-4830-943d-aa68247ef52a
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.127.244.58 Phoenix, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ed81f949fe621d44b3de289c136ba68daa36fdca96c0479de0683935e5fb378
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 14:34:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.15823.42100
content-type
image/png
x-routingcorrelationid
7fa65f55-f8ed-4143-a289-b4eb4d7e60d4
cache-control
no-cache
x-routingsessionid
a44eb5b7-d47d-4b96-9285-e5e03e24ecdc
x-hivering
6
x-routingofficecluster
usgsw-000.lists.gcc.osi.office365.us
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
'de'
forms.office.com/formapi/api/2199bfba-a409-4f13-b0c4-18b45933d88d/users/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/forms('ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u'... 		2 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/2199bfba-a409-4f13-b0c4-18b45933d88d/users/dea3ba1c-f46d-47fd-9872-a02fd0a6f5d4/forms('ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.05db01f.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
e618ea0d-cba8-4ca0-9b20-6a694ea8f52f
x-usersessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-ms-form-request-ring
gcc
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ur-ZIQmkE0-wxBi0WTPYjRy6o95t9P1HmHKgL9Cm9dRUNklaV01EV1JQSTJDT0M2TVNYOFgyTUxVWC4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
9_gZgjqHo_DbydzSZ3s4W0dmttYCXjcwx-kvIQCDxcwRRDeDega5SuA-tyzY1cuJqovDUNjmokCW0AZp8EypQ4pptheRdxzlOmp4zeSkf6E1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 02 Nov 2022 14:34:41 GMT
x-officeversion
16.0.15824.42050, 16.0.15824.42050
x-officefe
FormsSingleBox_IN_2, FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.15824.42050
x-correlationid
e618ea0d-cba8-4ca0-9b20-6a694ea8f52f
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6, bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-msedge-ref
Ref A: F8E83A2B1A9D45C3834784E31F17B99A Ref B: AMS231032608017 Ref C: 2022-11-02T14:34:40Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
e618ea0d-cba8-4ca0-9b20-6a694ea8f52f
x-routingsessionid
bbbd8a2b-18fe-4fed-9e02-177f6a12f0e6
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-100.forms.office.com
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
bece337268bf65554410e34411c287f078548ec19b9293999914e4a3cdb1c520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1667399681766
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 02 Nov 2022 14:34:41 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
351
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 02 Nov 2022 14:34:41 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b0c1bcb685c9cae94465219b7d2d057f5de345360709fcb9dd96dbeb52396699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1667399682768
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
time-delta-to-apply-millis
351
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 02 Nov 2022 14:34:42 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
37
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 02 Nov 2022 14:34:41 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.2a84df3.js?ring=UsGovGccProduction
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
9eb2eeda3a95b4ef9eab4b28b84917c5de6e4d38b4599925b71a89a8a4eb7951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1667399683555
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 02 Nov 2022 14:34:43 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
31
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 02 Nov 2022 14:34:42 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

7 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: FormsWebSessionId
Value: 8508a1e5-2211-4906-9172-e8ee981a85b2
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: Np5pYLa6HSGqFq5X7LrQMDrMa9r8fbqkgecD9rGhLEVLsVUfKk59sDk98BS7GKUwAkiFOjPsbfWA8dSKiBSotHi4mKfEtzECU_9XudekJOw1
forms.office.com/ Name: ai_session
Value: 8U/a7g5Fs8wgxCbwC6QXC0|1667399680761|1667399680761
.microsoft.com/ Name: MC1
Value: GUID=f20d5551729147caad57820526d965f6&HASH=f20d&LV=202211&V=4&LU=1667399682117
.microsoft.com/ Name: MS0
Value: 290a7c89afdb4fcf9365461f13239f67
forms.office.com/ Name: MSFPC
Value: GUID=f20d5551729147caad57820526d965f6&HASH=f20d&LV=202211&V=4&LU=1667399682117

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff