urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.office.com/g/ik0MAK6Gmw
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5W...
Submission: On April 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 32 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6969.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2.16.112.34 16625 (AKAMAI-AS)
6 52.182.143.211 8075 (MICROSOFT...)
32 4
Apex Domain
Subdomains		 Transfer
25 office.com
forms.office.com — Cisco Umbrella Rank: 6969
743 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 251
1 KB
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 3288
36 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1869
61 KB
32 4
Domain Requested by
25 forms.office.com 1 redirects forms.office.com
6 browser.events.data.microsoft.com js.monitor.azure.com
forms.office.com
1 static2.sharepointonline.com
1 js.monitor.azure.com forms.office.com
32 4

This site contains links to these domains. Also see Links.

Domain
www.michigan.gov
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Frame ID: 7551B4C44C94A26B38372F807A2D0021
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Box Tree Moth (BTM)                    Compliance Agreement Request

Page URL History Show full URLs

  1. https://forms.office.com/g/ik0MAK6Gmw HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

841 kB
Transfer

1898 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/g/ik0MAK6Gmw HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/g/ik0MAK6Gmw
  • https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3cb6bd00c7fd42f22498b8f37915b17b7d8813da009b2cd2766f4c11db18046c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
8989
content-type
text/html; charset=utf-8
date
Tue, 11 Apr 2023 11:45:18 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
dbb6c1e1-701f-4383-8592-0ffa70628e58
x-failurereason
Unknown
x-msedge-ref
Ref A: CEB2C8AB7A6845CCB027422A9B8E7656 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:17Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16409.42501
x-robots-tag
noindex, nofollow
x-routingcorrelationid
dbb6c1e1-701f-4383-8592-0ffa70628e58
x-routingofficecluster
neu-100.forms.office.com usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_10 FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500 16.0.16409.42501
x-routingsessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-usersessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 11 Apr 2023 11:45:17 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
c734fd9d-eed9-4e32-a049-d12da5a88658
x-msedge-ref
Ref A: 08C9C22A279D4FA78CB879851C7E5C93 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:17Z
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.16409.42501
x-routingcorrelationid
c734fd9d-eed9-4e32-a049-d12da5a88658
x-routingofficecluster
usge-000.forms.gcc.osi.office365.us
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.16409.42501
x-routingsessionid
2865da1e-4c3c-4cf7-9e4a-425e63ed064c
x-usersessionid
2865da1e-4c3c-4cf7-9e4a-425e63ed064c
ls-response.de.31e06cc3c.js
forms.office.com/Scripts/dists/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/ls-response.de.31e06cc3c.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a448bc96fb55d34dd246730cf0af1ee8f3661399778d63d9d72120dda78d0785
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:18 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
a50cc15a-a8aa-4746-b96b-1308efa9fa2f
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
77e3757a-63e9-4cb5-86d3-6f243822f8e3
etag
"1d96a8980518898"
vary
Accept-Encoding
x-msedge-ref
Ref A: D7B37B38867B496FBDC29F23D9DF2B21 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:18Z
content-type
text/javascript
x-routingcorrelationid
a50cc15a-a8aa-4746-b96b-1308efa9fa2f
cache-control
public, max-age=31104000
x-routingsessionid
77e3757a-63e9-4cb5-86d3-6f243822f8e3
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.css
forms.office.com/css/dist/ 		100 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/css/dist/light-response-page.min.css?v=42153ab511&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:18 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_8, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
d450aaff-1736-401b-a2b5-3815a33a6014
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
bccafe67-564b-4a5c-a940-de21fe6fb597
etag
"1d96a8980509fae"
vary
Accept-Encoding
x-msedge-ref
Ref A: ED16A4116B98474D9097C4931BA0A74D Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:18Z
content-type
text/css
x-routingcorrelationid
d450aaff-1736-401b-a2b5-3815a33a6014
cache-control
public, max-age=31104000
x-routingsessionid
bccafe67-564b-4a5c-a940-de21fe6fb597
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.min.js
forms.office.com/Scripts/dists/ 		378 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
405e0dbe8d05fa0f4adc082a0ed77c4bce8edff33d6223cc83c768ac68413425
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:18 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_13, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
3b2393f7-7a30-42ac-9fe1-1936441b370e
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
f7a78978-9ec1-4e2d-80ee-1060800aef39
etag
"1d96a898054e944"
vary
Accept-Encoding
x-msedge-ref
Ref A: 9DC563C4E884455F9A9C90664D3CFDF9 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:18Z
content-type
text/javascript
x-routingcorrelationid
3b2393f7-7a30-42ac-9fe1-1936441b370e
cache-control
public, max-age=31104000
x-routingsessionid
f7a78978-9ec1-4e2d-80ee-1060800aef39
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
runtimeFormsWithResponses('h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu')
forms.office.com/formapi/api/d5fb7087-3777-42ad-966a-892ef47225d1/groups/312cc959-f962-425a-8e06-9d5a5e73a94e/light/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/d5fb7087-3777-42ad-966a-892ef47225d1/groups/312cc959-f962-425a-8e06-9d5a5e73a94e/light/runtimeFormsWithResponses('h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6614a7d05b4f919be3270f412d105627c292de0b157d1251a3ea161dcb855e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
X-UserSessionId
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
5afO4WYOwP0bQ_Uf2HNE_oD7pcWTSBxo6SYilu4SYsmkatu1TvqQqM8MN-5sMyMEdjyd6dYEl1s_uGlApi81dAepwDsGAXEic26Ik-_qqB41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 11 Apr 2023 11:45:18 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500
x-correlationid
27e4d52f-dcd4-4ce7-8e81-c7ca16c5db7b
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-msedge-ref
Ref A: 0D2D70A205E94535B43F4657C88BCEA4 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:18Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
27e4d52f-dcd4-4ce7-8e81-c7ca16c5db7b
x-routingsessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com
light-response-page.chunk.lrp_ext.f415522.js
forms.office.com/Scripts/dists/ 		0
82 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.f415522.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
2ff710a8-2791-45a8-b17a-9b38c779863f
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
2b5ece0d-dbb9-47c8-ae35-067b06fa4909
etag
"1d96a8980529ad8"
vary
Accept-Encoding
x-msedge-ref
Ref A: 002639789B6A4E36A742BF8FB3F1168C Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
2ff710a8-2791-45a8-b17a-9b38c779863f
cache-control
public, max-age=31104000
x-routingsessionid
2b5ece0d-dbb9-47c8-ae35-067b06fa4909
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_cover.1a88adb.js
forms.office.com/Scripts/dists/ 		0
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_cover.1a88adb.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
917b8312-ffc6-4dbe-95c9-c19e3265ca5e
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
e8f396e8-1c17-47b3-9548-587f589fbf2b
etag
"1d96a8980508b22"
vary
Accept-Encoding
x-msedge-ref
Ref A: D55B74BF2D1F46A19BA5B0079AF13ABD Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
917b8312-ffc6-4dbe-95c9-c19e3265ca5e
cache-control
public, max-age=31104000
x-routingsessionid
e8f396e8-1c17-47b3-9548-587f589fbf2b
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_phishing.1a60536.js
forms.office.com/Scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_phishing.1a60536.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_7, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
1aec6022-3af9-454f-ad7d-42ea995946ba
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
654f0735-0830-406b-8375-6ba3d0cc89bc
etag
"1d96a8980511cba"
vary
Accept-Encoding
x-msedge-ref
Ref A: 4499851403814F799809E583D0050D1D Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
1aec6022-3af9-454f-ad7d-42ea995946ba
cache-control
public, max-age=31104000
x-routingsessionid
654f0735-0830-406b-8375-6ba3d0cc89bc
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_saveresponse.505fbb3.js
forms.office.com/Scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_saveresponse.505fbb3.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_0, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
78f793c9-62cf-49c3-9e0a-82d611d8b48d
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
2dbeedbc-5677-4687-a49a-a84f20d8e515
etag
"1d96a8980513bac"
vary
Accept-Encoding
x-msedge-ref
Ref A: 6D4CEB10039441AC9FD5E4203BD59D0A Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
78f793c9-62cf-49c3-9e0a-82d611d8b48d
cache-control
public, max-age=31104000
x-routingsessionid
2dbeedbc-5677-4687-a49a-a84f20d8e515
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.23f38cf.js
forms.office.com/Scripts/dists/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.23f38cf.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
4a6d4c3e-3842-4b05-93e4-60d20a62ad53
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
90565a78-a7a0-4454-a258-56e25d88146f
etag
"1d96a8980513afb"
vary
Accept-Encoding
x-msedge-ref
Ref A: 071D78A6F8F14BC79C6CDC90D7A423CC Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
4a6d4c3e-3842-4b05-93e4-60d20a62ad53
cache-control
public, max-age=31104000
x-routingsessionid
90565a78-a7a0-4454-a258-56e25d88146f
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_ext.f415522.js
forms.office.com/Scripts/dists/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.f415522.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab0e4982e78ea261cd465101c79cd23147f68ce2ad9a1db6381c30ce29c6cd49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
1505bb47-7d08-4c66-b0c9-99fa7688081a
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
4eb65767-0911-4970-a5ee-4e93ae131a62
etag
"1d96a8980529ad8"
vary
Accept-Encoding
x-msedge-ref
Ref A: C71656748C1543D4905708F01DFBF451 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
1505bb47-7d08-4c66-b0c9-99fa7688081a
cache-control
public, max-age=31104000
x-routingsessionid
4eb65767-0911-4970-a5ee-4e93ae131a62
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_cover.1a88adb.js
forms.office.com/Scripts/dists/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_cover.1a88adb.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbddf1db08015164a9faf982fe0cb6ece700d7acfa4cec719fddd678d84c7fb2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16406.42054, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
b8ade3b7-2305-44b4-b638-afd18cfed3b1
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
86b5764f-a2c5-49e5-b6dc-e123db363bc5
etag
"1d96a8980508b22"
vary
Accept-Encoding
x-msedge-ref
Ref A: 26EA96E2FD6A43E89819E4205BC43C0B Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
b8ade3b7-2305-44b4-b638-afd18cfed3b1
cache-control
public, max-age=31104000
x-routingsessionid
86b5764f-a2c5-49e5-b6dc-e123db363bc5
accept-ranges
bytes
x-routingofficecluster
weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_saveresponse.505fbb3.js
forms.office.com/Scripts/dists/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_saveresponse.505fbb3.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebf79a95078e2e1cee414454fa50378b0bfa7a7ce7bdbb14dd950b857cab1162
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_1, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
a452a8e3-9397-4cfe-82aa-3cb90d998617
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
f1feb2fe-989d-40ac-9180-88bab9beaf2e
etag
"1d96a8980513bac"
vary
Accept-Encoding
x-msedge-ref
Ref A: ED974C73B6874D839DECBCE6716E57B5 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
a452a8e3-9397-4cfe-82aa-3cb90d998617
cache-control
public, max-age=31104000
x-routingsessionid
f1feb2fe-989d-40ac-9180-88bab9beaf2e
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_learningassistant.6f30f05.js
forms.office.com/Scripts/dists/ 		446 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_learningassistant.6f30f05.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac7781730aa3d4f56194d661a1a201bad57fa62611b1decd82f02249cbf984e4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_8, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
fd318dc5-aefb-47a6-b614-57e5d4e2aac9
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
4c2fbf13-68ac-4b44-8731-c05317734f0e
etag
"1d96a898057f905"
vary
Accept-Encoding
x-msedge-ref
Ref A: BC3336FF20F5463BAA1EFF38D9C4CD18 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
fd318dc5-aefb-47a6-b614-57e5d4e2aac9
cache-control
public, max-age=31104000
x-routingsessionid
4c2fbf13-68ac-4b44-8731-c05317734f0e
accept-ranges
bytes
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_post.boot.23f38cf.js
forms.office.com/Scripts/dists/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.23f38cf.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e712527a3747a84c85a54a6f8f34bd4f2070fdb00f9fab79962f5309a4fc448b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
f3bacd74-28c5-44d4-87d3-26c058e7d7a8
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
6c0f046b-7d7a-40f1-afb2-a5bca6fcda6a
etag
"1d96a8980513afb"
vary
Accept-Encoding
x-msedge-ref
Ref A: DF59E97603284F798FB657F821670339 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
f3bacd74-28c5-44d4-87d3-26c058e7d7a8
cache-control
public, max-age=31104000
x-routingsessionid
6c0f046b-7d7a-40f1-afb2-a5bca6fcda6a
accept-ranges
bytes
x-routingofficecluster
neu-101.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_poll.45c924b.js
forms.office.com/Scripts/dists/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_poll.45c924b.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef6820434eac9623e3fd003576b3d69ca19c175a8b7ecbe8faf43b773e73e4e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_8, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16406.42054, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
df7752c6-7ce7-4224-aff0-c847646b15ff
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
8786f56b-b1aa-40d6-82c9-d8e8246a8977
etag
"1d96a8980512728"
vary
Accept-Encoding
x-msedge-ref
Ref A: FDB025D3B72E433DB1A610E718C62072 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
df7752c6-7ce7-4224-aff0-c847646b15ff
cache-control
public, max-age=31104000
x-routingsessionid
8786f56b-b1aa-40d6-82c9-d8e8246a8977
accept-ranges
bytes
x-routingofficecluster
weu-100.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.sw.98b4871.js
forms.office.com/Scripts/dists/ 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.sw.98b4871.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8124e395fd1fa3f7e2f8a428b4fb21ab900aa34f2fbf0d59690b1a02734a111
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
41e6ac3c-f037-483b-bdfb-cc065babc614
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
8e555e9c-be21-43a0-a4ac-2c19ca582ab5
etag
"1d96a8980510b6a"
vary
Accept-Encoding
x-msedge-ref
Ref A: D90FB7DDE02840CD9B630AC751C62ED4 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
41e6ac3c-f037-483b-bdfb-cc065babc614
cache-control
public, max-age=31104000
x-routingsessionid
8e555e9c-be21-43a0-a4ac-2c19ca582ab5
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.fluent.5d5e124.js
forms.office.com/Scripts/dists/ 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.fluent.5d5e124.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0adb1bd307eb4393253674c3f22d9f5606c58cc692ca173f00f45a67f3a5e48a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:20 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_0, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
b47792d2-53ac-4ead-b2a8-1073e21565ae
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
fb981a1e-0b13-4022-b74a-db2ca1550be5
etag
"1d96a8980524f22"
vary
Accept-Encoding
x-msedge-ref
Ref A: 6005E0E934364BACB7AAB7C234F574C8 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
b47792d2-53ac-4ead-b2a8-1073e21565ae
cache-control
public, max-age=31104000
x-routingsessionid
fb981a1e-0b13-4022-b74a-db2ca1550be5
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.lrp_template.6ab90a0.js
forms.office.com/Scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_template.6ab90a0.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:20 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
b89cba5e-2891-4de3-ac62-cd44b609b730
x-officecluster
usgsw-000.forms.gcc.osi.office365.us
x-usersessionid
61ce6edc-92d6-469a-87eb-a8e4bd2d21a7
etag
"1d96a898051c95f"
vary
Accept-Encoding
x-msedge-ref
Ref A: AAAF58448F7745E7A9628CD8316D7515 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
b89cba5e-2891-4de3-ac62-cd44b609b730
cache-control
public, max-age=31104000
x-routingsessionid
61ce6edc-92d6-469a-87eb-a8e4bd2d21a7
accept-ranges
bytes
x-routingofficecluster
weu-101.forms.office.com, usgsw-000.forms.gcc.osi.office365.us
light-response-page.chunk.try_dv.c774be8.js
forms.office.com/Scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.try_dv.c774be8.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2, FormsSingleBox_IN_0
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
f248c82e-0ac3-44d3-a24c-78a943e4f176
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
3b3b2cf3-cf0f-4b1b-b629-f92e7842ea48
etag
"1d96a8980512843"
vary
Accept-Encoding
x-msedge-ref
Ref A: 747FA884E3B848ECBFBC0F3E6736F6F4 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
f248c82e-0ac3-44d3-a24c-78a943e4f176
cache-control
public, max-age=31104000
x-routingsessionid
3b3b2cf3-cf0f-4b1b-b629-f92e7842ea48
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
light-response-page.chunk.1ds.3356ffb.js
forms.office.com/Scripts/dists/ 		104 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.3356ffb.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc6faf40bb416398f2af907de9217302ad7f01c4e139c35867cd966b9ac8dcc2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:19 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_5, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
f644b090-b48f-4096-bfba-09678a25f7a2
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
15cc841e-e88a-40bb-a1f1-5799575dae09
etag
"1d96a898050ae1d"
vary
Accept-Encoding
x-msedge-ref
Ref A: 65F3EE0A01E547D8A7CD832B7AC357ED Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
f644b090-b48f-4096-bfba-09678a25f7a2
cache-control
public, max-age=31104000
x-routingsessionid
15cc841e-e88a-40bb-a1f1-5799575dae09
accept-ranges
bytes
x-routingofficecluster
neu-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
'de'
forms.office.com/formapi/api/d5fb7087-3777-42ad-966a-892ef47225d1/groups/312cc959-f962-425a-8e06-9d5a5e73a94e/forms('h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQl... 		2 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/d5fb7087-3777-42ad-966a-892ef47225d1/groups/312cc959-f962-425a-8e06-9d5a5e73a94e/forms('h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu')/localeResource/'de'
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_ext.f415522.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
4f9a4928-548e-49b6-94af-bce58da439d8
x-usersessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-ms-form-request-ring
gcc
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
x-ms-form-request-source
ms-formweb
__requestverificationtoken
5afO4WYOwP0bQ_Uf2HNE_oD7pcWTSBxo6SYilu4SYsmkatu1TvqQqM8MN-5sMyMEdjyd6dYEl1s_uGlApi81dAepwDsGAXEic26Ik-_qqB41

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 11 Apr 2023 11:45:20 GMT
x-officeversion
16.0.16409.42501, 16.0.16409.42501
x-officefe
FormsSingleBox_IN_1, FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.16403.42500
x-correlationid
4f9a4928-548e-49b6-94af-bce58da439d8
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f, 7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-msedge-ref
Ref A: AFDEB5C8EC424CAB951C8160CD449852 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
4f9a4928-548e-49b6-94af-bce58da439d8
x-routingsessionid
7517115b-43fa-43c2-89b4-5c51b7dbfb8f
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
light-response-page.chunk.lrp_trial.2e3b869.js
forms.office.com/Scripts/dists/ 		0
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_trial.2e3b869.js?ring=UsGovGccProduction
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.min.js?v=42153ab511&ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
date
Tue, 11 Apr 2023 11:45:20 GMT
x-officeversion
16.0.16409.42501
x-officefe
FormsSingleBox_IN_2
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_14, FormsSingleBox_IN_2
x-routingofficeversion
16.0.16403.42500, 16.0.16409.42501
last-modified
Sun, 09 Apr 2023 02:17:58 GMT
x-correlationid
bfcff996-09ec-4a6c-8b78-015b7a57c9d9
x-officecluster
usge-000.forms.gcc.osi.office365.us
x-usersessionid
fa63465c-5f9d-4711-9464-c58762df302b
etag
"1d96a8980501186"
vary
Accept-Encoding
x-msedge-ref
Ref A: 350DCB1C5E654714B01B2F07021D9831 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:19Z
content-type
text/javascript
x-routingcorrelationid
bfcff996-09ec-4a6c-8b78-015b7a57c9d9
cache-control
public, max-age=31104000
x-routingsessionid
fa63465c-5f9d-4711-9464-c58762df302b
accept-ranges
bytes
x-routingofficecluster
frc-100.forms.office.com, usge-000.forms.gcc.osi.office365.us
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.lrp_post.boot.23f38cf.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:45:19 GMT
content-encoding
br
x-azure-ref-originshield
0jkQ1ZAAAAAC3cIwL7XHwQ4hEfZgArsgSRlJBMjMxMDUwNDE4MDQ1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
b+j9g6sJxD1l0IIs+rjbCw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.9.min.js
etag
0x8DB143A28B32497
x-azure-ref
0UEg1ZAAAAACi8I1q7hNqSqUllfdc74DvRlJBMzFFREdFMDMyMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
100a5e67-401e-0036-3b66-6c4396000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
fluent-hybrid-icons-d54cb751.woff
forms.office.com/fonts/light/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/fonts/light/fluent-hybrid-icons-d54cb751.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=h3D71Xc3rUKWaoku9HIl0VnJLDFi-VpCjgadWl5zqU5UMUVHWlZYNEVRMzVPVUhKOVI5Wk9PU1FOVyQlQCN0PWcu
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Tue, 11 Apr 2023 11:45:20 GMT
x-officeversion
16.0.16403.42500
x-officefe
FormsSingleBox_IN_7
x-cache
CONFIG_NOCACHE
content-length
1964
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.16403.42500
last-modified
Mon, 03 Apr 2023 23:55:30 GMT
x-correlationid
67708624-600d-4d5d-8861-32b67f417a7a
x-officecluster
frc-101.forms.office.com
x-usersessionid
933ccbe1-d856-4648-a57f-17e759895cdb
etag
"1d96687c53f02ac"
x-msedge-ref
Ref A: 27AD0F41897E46D3A89A21907E725241 Ref B: AMS231032603011 Ref C: 2023-04-11T11:45:20Z
content-type
application/font-woff
x-routingcorrelationid
67708624-600d-4d5d-8861-32b67f417a7a
cache-control
public, max-age=31104000
x-routingsessionid
933ccbe1-d856-4648-a57f-17e759895cdb
accept-ranges
bytes
x-routingofficecluster
frc-101.forms.office.com
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.112.34 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-112-34.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Apr 2023 11:45:20 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
408b2921-501e-009a-41df-e318f4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=16283710
x-ms-version
2009-09-19
content-length
36344
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ab6e1d3fc09d1e8b5db2fa18cf87d7fcde730db726f213ee3e25a46f1b3c602c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1681213521136
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Apr 2023 11:45:21 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
821
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 11 Apr 2023 11:45:20 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.office.com
URL: https://forms.office.com/Scripts/dists/light-response-page.chunk.1ds.3356ffb.js?ring=UsGovGccProduction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6bcfab6c893125733144512063f81b60fe28b46bdf7d504be5c720b2e5842b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1681213522068
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
aa96061debfd4ec7b9704f62060b4ca6-a498d428-fdba-43da-bc8b-4fe51865cb7f-7984
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Apr 2023 11:45:22 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
202
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 11 Apr 2023 11:45:21 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c8fc93a6e36e5a373f7263988f592f0054f0d4458487ae2b09736fc56aae8bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1681213522139
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
821
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Apr 2023 11:45:22 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
271
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 11 Apr 2023 11:45:21 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap boolean| __COMPAT_PREACT_FOCUSZONE__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__

7 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: YRL5j6ZSrnZLyYRUhkBQAAlA-fxTUHeNRPQ1tsXIaivG9oWxYI4u1K7k7GEFtLw_8K8FXlXpipSjC_UrjGHh1GnAyzdwOx3_ZEwtUQ1XJFE1
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 284dce81-718a-4320-9646-f3da72261ef4
forms.office.com/ Name: ai_session
Value: fM2/f7Phku74v2Anz04UT2|1681213520133|1681213520133
.microsoft.com/ Name: MC1
Value: GUID=e1210ef9775e4a3397dca2d54f179b71&HASH=e121&LV=202304&V=4&LU=1681213521957
.microsoft.com/ Name: MS0
Value: 31edb70130b14074b7d6b55257509f84
forms.office.com/ Name: MSFPC
Value: GUID=e1210ef9775e4a3397dca2d54f179b71&HASH=e121&LV=202304&V=4&LU=1681213521957

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
forms.office.com
js.monitor.azure.com
static2.sharepointonline.com
2.16.112.34
2620:1ec:4f:1::45
2620:1ec:a92::194
52.182.143.211
0adb1bd307eb4393253674c3f22d9f5606c58cc692ca173f00f45a67f3a5e48a
3cb6bd00c7fd42f22498b8f37915b17b7d8813da009b2cd2766f4c11db18046c
405e0dbe8d05fa0f4adc082a0ed77c4bce8edff33d6223cc83c768ac68413425
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6bcfab6c893125733144512063f81b60fe28b46bdf7d504be5c720b2e5842b92
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a448bc96fb55d34dd246730cf0af1ee8f3661399778d63d9d72120dda78d0785
ab0e4982e78ea261cd465101c79cd23147f68ce2ad9a1db6381c30ce29c6cd49
ab6e1d3fc09d1e8b5db2fa18cf87d7fcde730db726f213ee3e25a46f1b3c602c
ac7781730aa3d4f56194d661a1a201bad57fa62611b1decd82f02249cbf984e4
b8124e395fd1fa3f7e2f8a428b4fb21ab900aa34f2fbf0d59690b1a02734a111
c8fc93a6e36e5a373f7263988f592f0054f0d4458487ae2b09736fc56aae8bb6
cbddf1db08015164a9faf982fe0cb6ece700d7acfa4cec719fddd678d84c7fb2
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
d6614a7d05b4f919be3270f412d105627c292de0b157d1251a3ea161dcb855e2
dc6faf40bb416398f2af907de9217302ad7f01c4e139c35867cd966b9ac8dcc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749
e712527a3747a84c85a54a6f8f34bd4f2070fdb00f9fab79962f5309a4fc448b
ebf79a95078e2e1cee414454fa50378b0bfa7a7ce7bdbb14dd950b857cab1162
ef6820434eac9623e3fd003576b3d69ca19c175a8b7ecbe8faf43b773e73e4e5