forms.office.com Open in urlscan Pro
13.107.9.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ozdemirhukuk.morsbilisim.com/
Effective URL:
https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxM...
Submission: On November 01 via manual (November 1st 2021, 12:30:49 pm UTC) from TR — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 39 HTTP transactions. The main IP is 13.107.9.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.

This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.162.146.6 185.162.146.6	60721 (BURSABIL) (BURSABIL)
1 5	13.107.9.194 13.107.9.194	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	92.123.225.33 92.123.225.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.107.246.44 13.107.246.44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	142.250.185.150 142.250.185.150	15169 (GOOGLE) (GOOGLE)
2	13.69.109.130 13.69.109.130	() ()
39	13

1 185.162.146.6 (Turkey) 1 redirects

ASN60721 (BURSABIL, TR)
PTR: turkey.bogahost.com

ozdemirhukuk.morsbilisim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.9.194 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forms.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 92.123.225.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-33.deploy.static.akamaitechnologies.com

cdn.forms.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.150 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.109.130 (None, )

ASN- ()

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	office.net cdn.forms.office.net	220 KB
8	youtube.com www.youtube.com	692 KB
7	office.com 2 redirects forms.office.com c.office.com	102 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
2	microsoft.com browser.events.data.microsoft.com	1009 B
2	gstatic.com fonts.gstatic.com www.gstatic.com Failed	27 KB
1	ytimg.com i.ytimg.com	20 KB
1	ggpht.com yt3.ggpht.com	5 KB
1	google.com www.google.com	14 KB
1	bing.com 1 redirects c.bing.com	660 B
1	azure.com js.monitor.azure.com	54 KB
1	morsbilisim.com 1 redirects ozdemirhukuk.morsbilisim.com	209 B
39	12

	Domain	Requested by
14	cdn.forms.office.net	forms.office.com cdn.forms.office.net
8	www.youtube.com	cdn.forms.office.net www.youtube.com
5	forms.office.com	1 redirects forms.office.com cdn.forms.office.net
2	browser.events.data.microsoft.com	js.monitor.azure.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	c.office.com	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	c.bing.com	1 redirects
1	js.monitor.azure.com	cdn.forms.office.net
1	ozdemirhukuk.morsbilisim.com	1 redirects
0	www.gstatic.com Failed	www.youtube.com
39	15

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid
forms.office.com DigiCert Cloud Services CA-1	`2021-09-02` - `2022-09-01`	a year	crt.sh
cdn.forms.office.net Microsoft RSA TLS CA 01	`2021-10-12` - `2022-10-12`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2021-09-28` - `2022-09-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-09-23` - `2022-09-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
Frame ID: 7400638335D2ABD0DDC4DEBB195E56A9
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
Frame ID: 37DC9FDC1F36FB65CBFA1FDD74E26245
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bilgi Güvenliği Farkındalık Eğitimi

Page URL History Show full URLs

http://ozdemirhukuk.morsbilisim.com/ HTTP 301
https://forms.office.com/r/rrU3KbgR7b HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKV... Page URL

Page Statistics

39
Requests

90 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1139 kB
Transfer

3581 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?linkid=866263
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ozdemirhukuk.morsbilisim.com/ HTTP 301
https://forms.office.com/r/rrU3KbgR7b HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://c.office.com/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&RedC=c.office.com&MXFR=1BE35F00046565E204184FE200656ECA HTTP 302
https://c.office.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&MUID=1BE35F00046565E204184FE200656ECA

Request Chain 27

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request responsepage.aspx Show response
forms.office.com/pages/
Redirect Chain

http://ozdemirhukuk.morsbilisim.com/
https://forms.office.com/r/rrU3KbgR7b
https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u

127 KB
41 KB

281ms
281ms

Document
text/html

13.107.9.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.9.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7db78ec52dc9e601440ef6834e744b65d652b70ad367d6e12d835818757230e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, no-cache
pragma: no-cache
content-length: 40972
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: weu-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_11
x-routingofficeversion: 16.0.14629.34201
x-routingsessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-routingcorrelationid: 8ef37982-216d-4f01-acf5-8fd9f1cbb756
x-correlationid: 8ef37982-216d-4f01-acf5-8fd9f1cbb756
x-usersessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-officefe: FormsSingleBox_IN_11
x-officeversion: 16.0.14629.34201
x-officecluster: weu-101.forms.office.com
x-failurereason: Unknown
x-robots-tag: noindex, nofollow
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8577C2453F184DB486312C4174EF0109 Ref B: VIEEDGE2509 Ref C: 2021-11-01T12:30:44Z
date: Mon, 01 Nov 2021 12:30:44 GMT

Redirect headers

cache-control: no-cache
pragma: no-cache
expires: -1
location: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: weu-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_3
x-routingofficeversion: 16.0.14629.34201
x-routingsessionid: f3c89f19-d1ae-40c5-9bc4-ead224d15649
x-routingcorrelationid: 227e2fff-4701-4007-b783-6d8a67c1c834
x-correlationid: 227e2fff-4701-4007-b783-6d8a67c1c834
x-usersessionid: f3c89f19-d1ae-40c5-9bc4-ead224d15649
x-officefe: FormIntelligenceService_IN_0
x-officeversion: 16.0.14629.34201
x-officecluster: weu-101.forms.office.com
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4AB2871CC6E74EFBBE99C443836FE079 Ref B: VIEEDGE2509 Ref C: 2021-11-01T12:30:44Z
date: Mon, 01 Nov 2021 12:30:44 GMT
content-length: 0

GET
H2 200 light-response-page.min.6644574.css
cdn.forms.office.net/forms/css/dist/ 127 KB
21 KB 39ms
8ms Stylesheet
text/css 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/css/dist/light-response-page.min.6644574.css
Requested by: Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 06eb2015bd23b3ede931b76e5c1c5a7a71751889701eb73deef476392d6bbd83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: 4lC/g/5h38e9ClbAJNBnRw==
content-length: 21509
x-ms-lease-status: unlocked
last-modified: Wed, 20 Oct 2021 03:44:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9937BFA448EF8
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8ea7997f-c01e-0008-1e7a-c54fa7000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 light-response-page.min.ba678d2.js Show response
cdn.forms.office.net/forms/scripts/dists/ 244 KB
70 KB 38ms
7ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f7b8af79cab1133e45727040700e43a4b213554fc84a34d512cfb317a0d3361

Request headers

Referer: https://forms.office.com/
Origin: https://forms.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: /Tk0Pa2955RJ+Yo8F6nU7w==
content-length: 70869
x-ms-lease-status: unlocked
last-modified: Thu, 21 Oct 2021 03:51:30 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D994461140872C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 78e9cba0-701e-00d6-2d36-c61f0e000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 runtimeFormsWithResponses('MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u') Show response
forms.office.com/formapi/api/96347132-55fc-4a29-aee6-fdf510c7d88d/users/50f15771-452a-4bda-9898-8f1a063e8740/light/ 8 KB
2 KB 2409ms
2408ms XHR
application/json 13.107.9.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/formapi/api/96347132-55fc-4a29-aee6-fdf510c7d88d/users/50f15771-452a-4bda-9898-8f1a063e8740/light/runtimeFormsWithResponses('MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u')?$expand=questions($expand=choices)

Requested by

Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.9.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

090e5011d241691e143df4781f798caa635b93e4afe694d71ea281e7211d0244

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
X-UserSessionId: 042b520b-23b6-4a53-8681-80bebb93abf3
Accept-Language: de-DE,de;q=0.9
__RequestVerificationToken: IGYFEysvRtZAG3ZTwbSTMNLDabhevSpWbScLvlpR7W7waStgLnRNu0xip3Cgb-ZcdJlhbhNjjnALAkjYLMYuDXYyhqEvf2lgKAhg0R1eOjk1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.14629.34201
x-officefe: FormsSingleBox_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-length: 2010
x-routingofficefe: FormsSingleBox_IN_10
pragma: no-cache
x-routingofficeversion: 16.0.14629.34201
x-correlationid: e2bb7210-b159-4db2-9c69-7fc772c774d3
x-officecluster: neu-101.forms.office.com
x-usersessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-powered-by: ASP.NET
date: Mon, 01 Nov 2021 12:30:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-routingcorrelationid: e2bb7210-b159-4db2-9c69-7fc772c774d3
cache-control: no-cache
x-failurereason: Unknown
x-routingsessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-msedge-ref: Ref A: AF080637FB7E480E9571EB557627AD89 Ref B: VIEEDGE2509 Ref C: 2021-11-01T12:30:45Z
x-robots-tag: noindex, nofollow
x-routingofficecluster: neu-101.forms.office.com
expires: -1

GET
H2 404 ls-response.de-de.a24d4d0de.js
cdn.forms.office.net/forms/scripts/dists/ 0
0 200ms
174ms Script
application/xml 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: abe91703-c01e-010c-501c-cffc70000000
access-control-expose-headers: x-ms-request-id,x-ms-version
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 215
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 light-response-page.chunk.828.e0e72f65.js
cdn.forms.office.net/forms/scripts/dists/ 0
9 KB 8ms
7ms Other
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f65.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: zxp4AML1p2rSAfANuPv6UQ==
content-length: 8956
x-ms-lease-status: unlocked
last-modified: Sun, 26 Sep 2021 04:46:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D980A890A0B4D2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4e951c65-e01e-00f1-6994-b28547000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 light-response-page.chunk.ext.dd995887.js
cdn.forms.office.net/forms/scripts/dists/ 0
42 KB 9ms
8ms Other
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.dd995887.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: vIprFkTERoG1MlYFwvxV5A==
content-length: 42244
x-ms-lease-status: unlocked
last-modified: Wed, 20 Oct 2021 03:45:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9937C0EE7F7B2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 611dff73-a01e-0013-387a-c56135000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 light-response-page.chunk.post.boot.645ffac9.js
cdn.forms.office.net/forms/scripts/dists/ 0
4 KB 11ms
11ms Other
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.645ffac9.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: lV1gJCx6TA4VxmHGRjqKKA==
content-length: 3979
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 05:35:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D992C24B86EFF8
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8f2024a2-d01e-0118-72b4-c43f14000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 200 ls-response.de.a24d4d0de.js Show response
cdn.forms.office.net/forms/scripts/dists/ 37 KB
12 KB 8ms
8ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.a24d4d0de.js
Requested by: Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0b91331579cc0d39a9b7b995749001733fe8ef84e36c932fd99640e4a41dd461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:45 GMT
content-encoding: br
content-md5: 2MmZ/L1jEI8Uge7O9eeoTw==
content-length: 11706
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 05:53:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F1F91E934A3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fbf26954-101e-00e4-3010-b147de000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:45 GMT

GET
H2 404 ls-response.de-de.d7cda4056.js
cdn.forms.office.net/forms/scripts/dists/ 0
0 171ms
171ms Script
application/xml 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.d7cda4056.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 6d34781d-d01e-003e-401c-cfe2f5000000
access-control-expose-headers: x-ms-request-id,x-ms-version
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
content-length: 215
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 light-response-page.chunk.828.e0e72f65.js Show response
cdn.forms.office.net/forms/scripts/dists/ 24 KB
9 KB 7ms
7ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f65.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
content-md5: zxp4AML1p2rSAfANuPv6UQ==
content-length: 8956
x-ms-lease-status: unlocked
last-modified: Sun, 26 Sep 2021 04:46:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D980A890A0B4D2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4e951c65-e01e-00f1-6994-b28547000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 light-response-page.chunk.ext.dd995887.js Show response
cdn.forms.office.net/forms/scripts/dists/ 154 KB
42 KB 9ms
8ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.dd995887.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d254cff3ed4762052667b2ca02eba3b1b0d7b3a51e7c3250cc3f718cbbc4efd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
content-md5: vIprFkTERoG1MlYFwvxV5A==
content-length: 42244
x-ms-lease-status: unlocked
last-modified: Wed, 20 Oct 2021 03:45:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9937C0EE7F7B2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 611dff73-a01e-0013-387a-c56135000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 light-response-page.chunk.post.boot.645ffac9.js Show response
cdn.forms.office.net/forms/scripts/dists/ 11 KB
4 KB 7ms
7ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.645ffac9.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 96028f6c09492d7bbec61fe6ba31921981ee9987881940c905af0f6453a6182b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
content-md5: lV1gJCx6TA4VxmHGRjqKKA==
content-length: 3979
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 05:35:43 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D992C24B86EFF8
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8f2024a2-d01e-0118-72b4-c43f14000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 ir_white_title.svg
cdn.forms.office.net/forms/images/ 2 KB
3 KB 8ms
7ms Image
image/svg+xml 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/ir_white_title.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-md5: 10Dd1PpC6lRQDD1f/z25Sw==
content-length: 2271
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 05:23:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8FA4E75CEBCFD
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a8dc9c9f-801e-00ae-6c70-2c77b9000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 immersive-reader-icon_black.svg
cdn.forms.office.net/forms/images/ 2 KB
3 KB 8ms
8ms Image
image/svg+xml 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.forms.office.net/forms/images/immersive-reader-icon_black.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-md5: KcE1VrPtrNUxMzaM4LNsNw==
content-length: 2384
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 05:23:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8FA4E75C481E8
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2940f4cf-d01e-0053-0c70-2c48db000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin: https://forms.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 light-response-page.chunk.sw.78b3a1d0.js Show response
cdn.forms.office.net/forms/scripts/dists/ 2 KB
1 KB 8ms
7ms Script
application/javascript 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.78b3a1d0.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fde55e57aa677b8b95528cb09e7244366e441bf4350ecab20c0435e1521c88ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
content-md5: l6wJgaGC1Xw67WdsYsO0RQ==
content-length: 777
x-ms-lease-status: unlocked
last-modified: Sun, 26 Sep 2021 04:46:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D980A890D5D831
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bab5be37-701e-0099-4096-b2db16000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=31536000
x-ms-version: 2009-09-19
timing-allow-origin: *
expires: Tue, 01 Nov 2022 12:30:47 GMT

GET
H2 200 ms.jsll-3.min.js Show response
js.monitor.azure.com/scripts/c/ 175 KB
54 KB 230ms
9ms Script
text/javascript 13.107.246.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by: Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.645ffac9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7a05a878ebad7153b928d6a0e9f5b5e78fb356ffbe6c2f311adf46452ec5a7ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:47 GMT
content-encoding: br
x-azure-ref-originshield: 0bN1/YQAAAAD6Ndzpdw7XS7aay5rv6GimTE9OMjFFREdFMDExNABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5: bScySq2trF3VfdFPlChwog==
x-cache: TCP_HIT
x-ms-meta-jssdkver: 3.1.7
last-modified: Tue, 05 Oct 2021 17:45:29 GMT
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-3.1.7.min.js
etag: 0x8D98827EC1951F3
x-azure-ref: 0+N1/YQAAAADtuCr9QofHTqIxd7urGzhLRlJBMzFFREdFMDkxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: aca51006-801e-0080-3019-cf1773000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 BM6boTfroP4 Show response
www.youtube.com/embed/ Frame 37DC 58 KB
25 KB 91ms
55ms Document
text/html 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Requested by

Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ba678d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

951d6eed488b3ba98191c22c373102c022109fbeccdd80602bbf95fc8cf7533e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Nov 2021 12:30:47 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 GetThemes Show response
forms.office.com/pages/responsepage.aspx/ 240 B
621 B 60ms
60ms XHR
application/json 13.107.9.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.office.com/pages/responsepage.aspx/GetThemes

Requested by

Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.dd995887.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.9.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc33d91c9616fa5c3a957b189cf1cc944801edeaf74cf81f97caa41bc4824f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

odata-version: 4.0
x-correlationid: undefined
x-usersessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-ms-form-request-ring: business
authorization
content-type: application/json
Accept-Language: de-DE,de;q=0.9
accept: application/json
Referer: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
odata-maxverion: 4.0
__requestverificationtoken: IGYFEysvRtZAG3ZTwbSTMNLDabhevSpWbScLvlpR7W7waStgLnRNu0xip3Cgb-ZcdJlhbhNjjnALAkjYLMYuDXYyhqEvf2lgKAhg0R1eOjk1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-ms-form-request-source: ms-formweb

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-officeversion: 16.0.14629.34201
x-officefe: FormsSingleBox_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-length: 134
x-routingofficefe: FormsSingleBox_IN_0
x-routingofficeversion: 16.0.14629.34201
x-correlationid: 0fa329ab-6e92-4885-9bb0-538d9dc20dbe
x-officecluster: neu-100.forms.office.com
x-usersessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
date: Mon, 01 Nov 2021 12:30:47 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-routingcorrelationid: undefined
cache-control: max-age=0, private
x-failurereason: Unknown
x-routingsessionid: 042b520b-23b6-4a53-8681-80bebb93abf3
x-msedge-ref: Ref A: 257D5E45B97842ED8ABC91F639B0BDD3 Ref B: VIEEDGE2509 Ref C: 2021-11-01T12:30:47Z
x-routingofficecluster: neu-100.forms.office.com

GET 'de-de'
forms.office.com/formapi/api/96347132-55fc-4a29-aee6-fdf510c7d88d/users/50f15771-452a-4bda-9898-8f1a063e8740/forms('MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u'... 0
0

GET
H2

200

c.gif
c.office.com/
Redirect Chain

https://c.office.com/c.gif
https://c.bing.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&RedC=c.office.com&MXFR=1BE35F00046565E204184FE200656ECA
https://c.office.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&MUID=1BE35F00046565E204184FE200656ECA

42 B
258 B

30ms
30ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.office.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&MUID=1BE35F00046565E204184FE200656ECA
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 12:30:47 GMT
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "af5a8b34ac1d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 12:30:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 516107686CAC4830A53BDA15545806C1 Ref B: FRA31EDGE0218 Ref C: 2021-11-01T12:30:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.office.com/c.gif?CtsSyncId=AA15CB9119FF4F948C91E4E224A0AF63&MUID=1BE35F00046565E204184FE200656ECA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 meeting.png
forms.office.com/Images/Theme/ 57 KB
57 KB 59ms
59ms Image
image/png 13.107.9.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.office.com/Images/Theme/meeting.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.9.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.office.com/pages/responsepage.aspx?id=MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
content-length: 58177
etag: "056e08098ccd71:0"
x-routingofficefe: FormsSingleBox_IN_17
x-routingofficeversion: 16.0.14629.34201
last-modified: Fri, 29 Oct 2021 07:42:20 GMT
x-msedge-ref: Ref A: 255FE18266A846C5BF7726CEDCFEB83B Ref B: VIEEDGE2509 Ref C: 2021-11-01T12:30:47Z
date: Mon, 01 Nov 2021 12:30:47 GMT
content-type: image/png
x-routingcorrelationid: 0405241d-6280-45c6-9b2d-f7e8a1c1ede0
cache-control: max-age=63072000
x-routingsessionid: 5d13b3db-2a29-480f-8bfa-afa7f9edef3d
accept-ranges: bytes
x-routingofficecluster: neu-100.forms.office.com

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/9216d1f7/ Frame 37DC 334 KB
46 KB 30ms
29ms Stylesheet
text/css 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46958
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Oct 2022 16:48:24 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/ Frame 37DC 208 KB
68 KB 14ms
14ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 21:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69750
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 31 Oct 2022 21:52:12 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 37DC 2 MB
513 KB 39ms
39ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 525254
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Oct 2022 16:48:18 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/ Frame 37DC 8 KB
3 KB 20ms
19ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 14:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 30 Oct 2022 14:27:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 37DC 15 KB
16 KB 61ms
16ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 366533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 06:41:55 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 37DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

56ms
34ms

XHR
application/json

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

96941c1263bfff6a4dba5201903951903a874327e02d7472d135146c1b5aff04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 Nov 2021 12:30:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 37DC 29 B
588 B 48ms
13ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:28:00 GMT
x-content-type-options: nosniff
age: 168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 12:43:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 37DC 93 KB
29 KB 14ms
14ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29616
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Oct 2022 16:48:43 GMT

GET
H2 200 qglMsrsaCVyKZxs-E5DuNrALnUAd1r2wQr0cuaiA3Pw.js Show response
www.google.com/js/th/ Frame 37DC 35 KB
14 KB 52ms
16ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/qglMsrsaCVyKZxs-E5DuNrALnUAd1r2wQr0cuaiA3Pw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

aa094cb2bb1a095c8a671b3e1390ee36b00b9d401dd6bdb042bd1cb9a880dcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13274
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 15:53:04 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 37DC 24 KB
7 KB 14ms
14ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7348
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 00:15:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Oct 2022 16:48:20 GMT

GET
DATA 200
OK truncated
/ Frame 37DC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSPtmGZEjfmtVjDPg-9-yPtCKmd4U70ytcMihei=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 37DC 5 KB
5 KB 102ms
66ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSPtmGZEjfmtVjDPg-9-yPtCKmd4U70ytcMihei=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

c822b3495e89d7d37c9437b7035b683ac911b861e0eecce6bca290e3116b0c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5212
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Nov 2021 19:52:05 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/BM6boTfroP4/ Frame 37DC 20 KB
20 KB 90ms
52ms Image
image/webp 142.250.185.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/BM6boTfroP4/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f22.1e100.net

Software

sffe /

Resource Hash

8e01a61a8b8648d932498c3219524e1f5d586178020c6a8b259a03550ed310c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:48 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20338
x-xss-protection: 0
server: sffe
etag: "1603439029"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 01 Nov 2021 14:30:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 37DC 12 KB
12 KB 38ms
14ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:00:42 GMT
x-content-type-options: nosniff
age: 585006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:00:42 GMT

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 37DC 0
0

GET
H3 204 generate_204
www.youtube.com/ Frame 37DC 0
9 B 14ms
13ms Image
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oeAlfA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BM6boTfroP4?feature=oembed&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:30:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
1009 B 62ms
15ms XHR
application/json 13.69.109.130

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.7&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1635769849125&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.69.109.130 -, , ASN (),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 10dce0643e967792ff1f839f464750e9b844d04be6febcbf9685a13a39640fb1

Request headers

cache-control: no-cache, no-store
Referer: https://forms.office.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/x-json-stream

Response headers

Date: Mon, 01 Nov 2021 12:30:48 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 194
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 144ms
14ms Preflight 13.69.109.130

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.7&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1635769849125&time-delta-to-apply-millis=use-collector-delta&w=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.69.109.130 -, , ASN (),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Origin: https://forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,Content-Encoding,Content-Type,Cache-Control
Access-Control-Allow-Origin: https://forms.office.com
Date: Mon, 01 Nov 2021 12:30:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: forms.office.com
URL: https://forms.office.com/formapi/api/96347132-55fc-4a29-aee6-fdf510c7d88d/users/50f15771-452a-4bda-9898-8f1a063e8740/forms('MnE0lvxVKUqu5v31EMfYjXFX8VAqRdpLmJiPGgY-h0BURFFKVFU3UEdQNkZDNFU5TEsxMEhUQVE2NS4u')/localeResource/'de-de'

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forms.office.com/	1970-01-20 00:35:18	Name: DcLcid Value: ui=1031&data=1031
.forms.office.com/	1970-01-19 23:06:01	Name: FormsWebSessionId Value: fa2d84b8-e11f-4c70-9e4a-120b7584f181
.forms.office.com/	1970-01-19 23:06:01	Name: usenewauthrollout Value: True
.forms.office.com/	1970-01-19 23:06:01	Name: usenewrpsauthrollout Value: True
forms.office.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: AJwF98fQ9gaqPrsOGO8ei05oVEV8VJuFVHNoCdVFfyw_fnQ0n97EcJfliAwL2No2w6porlBK8x91_j8EaU0rcCSDv748LahM3uj3rLj7zD41
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7SD6efCbgXw
.youtube.com/	1970-01-20 02:42:01	Name: VISITOR_INFO1_LIVE Value: -ueqetd3YX0
.office.com/	1970-01-20 07:44:25	Name: MUID Value: 1BE35F00046565E204184FE200656ECA
.forms.office.com/	1970-01-19 23:06:01	Name: RpsAuthNonce Value: 81f124b9-3a75-4614-9364-848a0faccc5f
.bing.com/	1970-01-20 07:44:25	Name: MUID Value: 1BE35F00046565E204184FE200656ECA
.c.bing.com/	1970-01-20 07:44:25	Name: SRM_B Value: 1BE35F00046565E204184FE200656ECA
forms.office.com/	1970-01-20 07:08:25	Name: MicrosoftApplicationsTelemetryDeviceId Value: 0ff18103-da78-44da-9541-8895a028bf2e
forms.office.com/	1970-01-19 22:22:51	Name: ai_session Value: +B8MY60Lh8gjXOEJWhSUlL\|1635769848122\|1635769848122
.c.office.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.office.com/	1970-01-19 22:22:50	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-20 07:44:25	Name: IDE Value: AHWqTUn-9PvxBOjBcoJsDauD4aT8CUD_zWeuWm4KQbm4Hkiu_5LTmOfg2KprczOu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.d7cda4056.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
fonts.gstatic.com
forms.office.com
googleads.g.doubleclick.net
i.ytimg.com
js.monitor.azure.com
ozdemirhukuk.morsbilisim.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
forms.office.com
www.gstatic.com
13.107.21.200
13.107.246.44
13.107.9.194
13.69.109.130
142.250.185.110
142.250.185.150
142.250.185.228
142.250.186.102
142.250.186.129
142.250.186.162
142.250.186.35
185.162.146.6
52.142.114.2
92.123.225.33
06eb2015bd23b3ede931b76e5c1c5a7a71751889701eb73deef476392d6bbd83
090e5011d241691e143df4781f798caa635b93e4afe694d71ea281e7211d0244
0b91331579cc0d39a9b7b995749001733fe8ef84e36c932fd99640e4a41dd461
10dce0643e967792ff1f839f464750e9b844d04be6febcbf9685a13a39640fb1
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
4f7b8af79cab1133e45727040700e43a4b213554fc84a34d512cfb317a0d3361
63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7a05a878ebad7153b928d6a0e9f5b5e78fb356ffbe6c2f311adf46452ec5a7ea
7db78ec52dc9e601440ef6834e744b65d652b70ad367d6e12d835818757230e4
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
8e01a61a8b8648d932498c3219524e1f5d586178020c6a8b259a03550ed310c1
951d6eed488b3ba98191c22c373102c022109fbeccdd80602bbf95fc8cf7533e
96028f6c09492d7bbec61fe6ba31921981ee9987881940c905af0f6453a6182b
96941c1263bfff6a4dba5201903951903a874327e02d7472d135146c1b5aff04
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa094cb2bb1a095c8a671b3e1390ee36b00b9d401dd6bdb042bd1cb9a880dcfc
c822b3495e89d7d37c9437b7035b683ac911b861e0eecce6bca290e3116b0c74
d254cff3ed4762052667b2ca02eba3b1b0d7b3a51e7c3250cc3f718cbbc4efd6
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d
fc33d91c9616fa5c3a957b189cf1cc944801edeaf74cf81f97caa41bc4824f9c
fde55e57aa677b8b95528cb09e7244366e441bf4350ecab20c0435e1521c88ee
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a

forms.office.com Open in urlscan Pro 13.107.9.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

39 Requests

90 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

1139 kBTransfer

3581 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forms.office.com Open in urlscan Pro
13.107.9.194 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

90 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

1139 kB
Transfer

3581 kB
Size

16
Cookies

39 HTTP transactions
2 data transactions