forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlER...
Submission: On March 20 via manual from PH — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.43.106.36 52.43.106.36 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 2a02:26f0:470... 2a02:26f0:4700::210:2c0 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 68.219.88.97 68.219.88.97 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 20.42.73.27 20.42.73.27 | () () | |
17 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-106-36.us-west-2.compute.amazonaws.com
s2.bl-1.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8147 |
346 KB |
5 |
office.com
2 redirects
forms.office.com — Cisco Umbrella Rank: 5772 c.office.com — Cisco Umbrella Rank: 22718 |
20 KB |
2 |
microsoft.com
browser.events.data.microsoft.com |
1 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 240 |
735 B |
1 |
bl-1.com
1 redirects
s2.bl-1.com — Cisco Umbrella Rank: 20512 |
962 B |
17 | 5 |
Domain | Requested by | |
---|---|---|
12 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
3 | forms.office.com |
1 redirects
forms.office.com
|
2 | browser.events.data.microsoft.com |
cdn.forms.office.net
|
2 | c.office.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | s2.bl-1.com | 1 redirects |
17 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
cdn.forms.office.net Microsoft Azure TLS Issuing CA 06 |
2022-09-28 - 2023-09-23 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Frame ID: BBDC8B8E9EF8B8A64F3585A7BDA6AF7A
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Microsoft FormsPage URL History Show full URLs
-
https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy
HTTP 302
https://forms.office.com/r/CwUtaRLRXy HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1T... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy
HTTP 302
https://forms.office.com/r/CwUtaRLRXy HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&RedC=c.office.com&MXFR=20202478172B650127EC36A2132B6E53 HTTP 302
- https://c.office.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&MUID=20202478172B650127EC36A2132B6E53
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
responsepage.aspx
forms.office.com/pages/ Redirect Chain
|
58 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.de.816165522.js
cdn.forms.office.net/forms/scripts/dists/ |
33 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ |
100 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.4cd6e39.js
cdn.forms.office.net/forms/scripts/dists/ |
360 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u')
forms.office.com/formapi/api/ce56fae6-055d-4c9f-b6c9-9d341506a491/users/7d7a2f21-c5de-4408-bbd8-17e97ee16596/light/ |
97 B 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.9a53ffa.js
cdn.forms.office.net/forms/scripts/dists/ |
0 64 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_cover.cd948b0.js
cdn.forms.office.net/forms/scripts/dists/ |
0 30 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_saveresponse.ec14b64.js
cdn.forms.office.net/forms/scripts/dists/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_trial.0b8fe6e.js
cdn.forms.office.net/forms/scripts/dists/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.951792d.js
cdn.forms.office.net/forms/scripts/dists/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.9a53ffa.js
cdn.forms.office.net/forms/scripts/dists/ |
208 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_template.24ec091.js
cdn.forms.office.net/forms/scripts/dists/ |
0 16 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.try_dv.20b557b.js
cdn.forms.office.net/forms/scripts/dists/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.32bf351.js
cdn.forms.office.net/forms/scripts/dists/ |
92 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 333 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s2.bl-1.com/ | Name: f7bd4d4b8c98a805fa4ea6f99c7461f2 Value: 4756b310-c6e8-11ed-86f4-4f4450b53188 |
|
forms.office.com/ | Name: RpsAuthNonce Value: 58e2c5f7-a166-4c79-a067-dea90a986eda |
|
.forms.office.com/ | Name: RpsAuthNonce Value: 58e2c5f7-a166-4c79-a067-dea90a986eda |
|
forms.office.com/ | Name: __RequestVerificationToken Value: raOsU6Qa-sSshEcRtoXy1AQE14--mIryehafYHbGc1jqHk-jTdRby4d0WAQAZwwP2tNNgxclAM28AnPh4Js5vwFLTa-VXIqJMLA0_jS8vIM1 |
|
.office.com/ | Name: MUID Value: 20202478172B650127EC36A2132B6E53 |
|
.bing.com/ | Name: MUID Value: 20202478172B650127EC36A2132B6E53 |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 20202478172B650127EC36A2132B6E53 |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: MR Value: 0 |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
s2.bl-1.com
20.42.73.27
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:4700::210:2c0
52.43.106.36
68.219.88.97
3404b88362934f8c5c8d0aae0661f9c2ef03312e3c0554513ddbf1339b4edb86
355a8c437865b674a029cc9ea9f7e743daab42ce1103f3c1775bcd2022ee994b
4d5e41442cde484e1e86b3d2ed42336e78b4bce352a25c4eead3e3e17f487312
4e12170373129f30ad1a9fe96a0b7c90d924a11e41b3aa590fa508bbb2488d5f
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b71770268f8876ff3a648dcd1ff4daabb8999876f4769a86fd8daf4ae857c596
b7e3068f82665a9520d2b2fdfbe753686e1aaeb13cbdcce3634ca360d0226333
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855