forms.office.com
Open in
urlscan Pro
52.109.76.19
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=UzSk3GO58U-fTXXA3_2oOdAha2gqtApDsR0xN1VERdxURDJPWk1PRjg2UThLWlI2ODNKU...
Submission: On April 06 via manual from PH
Summary
TLS certificate: Issued by Microsoft IT TLS CA 4 on February 26th 2019. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 125.5.87.158 125.5.87.158 | 7629 (EPLDT-AS-...) (EPLDT-AS-AP 5F L.V. Locsin Bldg) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::200d | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.244.42.1 104.244.42.1 | 13414 (TWITTER) (TWITTER) | |
4 | 52.109.76.19 52.109.76.19 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 2.16.186.83 2.16.186.83 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 52.109.88.13 52.109.88.13 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.114.159.112 52.114.159.112 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
28 | 10 |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-83.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
office.net
cdn.forms.office.net |
275 KB |
9 |
office.com
1 redirects
forms.office.com c.office.com lists.office.com |
2 MB |
3 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com |
1 KB |
3 |
google.com
1 redirects
accounts.google.com plus.google.com |
1 KB |
1 |
bing.com
1 redirects
c.bing.com |
319 B |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
1 |
twitter.com
twitter.com |
|
28 | 7 |
Domain | Requested by | |
---|---|---|
9 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
4 | forms.office.com |
forms.office.com
cdn.forms.office.net |
3 | lists.office.com |
cdn.forms.office.net
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
2 | c.office.com |
1 redirects
forms.office.com
|
2 | accounts.google.com |
125.5.87.158
|
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | az725175.vo.msecnd.net |
forms.office.com
|
1 | twitter.com |
125.5.87.158
|
1 | plus.google.com | 1 redirects |
28 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
accounts.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
twitter.com DigiCert SHA2 High Assurance Server CA |
2019-04-26 - 2020-04-24 |
a year | crt.sh |
forms.office.com Microsoft IT TLS CA 4 |
2019-02-26 - 2021-02-26 |
2 years | crt.sh |
cdn.forms.office.net Microsoft IT TLS CA 1 |
2019-07-29 - 2021-07-29 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
c.msn.com Microsoft IT TLS CA 4 |
2020-02-10 - 2022-02-10 |
2 years | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 4 |
2020-01-21 - 2022-01-21 |
2 years | crt.sh |
lists.office.com Microsoft IT TLS CA 2 |
2019-09-24 - 2021-09-24 |
2 years | crt.sh |
*.events.data.microsoft.com Microsoft IT TLS CA 4 |
2019-10-10 - 2021-10-10 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=UzSk3GO58U-fTXXA3_2oOdAha2gqtApDsR0xN1VERdxURDJPWk1PRjg2UThLWlI2ODNKUkE3WlU3Ni4u
Frame ID: 959BF7389F8F11382612960593D3C89D
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://125.5.87.158/3gvh6vfmaojss2y9 Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=UzSk3GO58U-fTXXA3_2oOdAha2gqtApDsR0xN1VERdxURDJPW... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy and cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://125.5.87.158/3gvh6vfmaojss2y9 Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=UzSk3GO58U-fTXXA3_2oOdAha2gqtApDsR0xN1VERdxURDJPWk1PRjg2UThLWlI2ODNKUkE3WlU3Ni4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://plus.google.com/up/?continue=https://www.google.com/intl/en/images/logos/accounts_logo.png&type=st&gpsrc=ogpy0 HTTP 302
- https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0
- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?&CtsSyncId=4B2E9D58F1BA457AA81DDA726BCBFDAF&RedC=c.office.com&MXFR=2EE8CE7ADBC56EB938CAC0DEDFC565A7 HTTP 302
- https://c.office.com/c.gif?&CtsSyncId=4B2E9D58F1BA457AA81DDA726BCBFDAF&MUID=2AB6DB8F95D660FF2C00D52B94A7610A
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
3gvh6vfmaojss2y9
125.5.87.158/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analyse.js
125.5.87.158/js/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CheckCookie
accounts.google.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ServiceLogin
accounts.google.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
twitter.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
run-analyse
125.5.87.158/3gvh6vfmaojss2y9/ |
0 397 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
run-analyse
125.5.87.158/3gvh6vfmaojss2y9/ |
0 398 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ |
16 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response-page-customize-fabric-bootstrap.min.95bfe5f.css
cdn.forms.office.net/forms/css/dist/ |
155 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
basics_osi_v3.min.dcbe987.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ |
228 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aria_odata.min.831dd67.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ |
112 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response-page.cachegroup-nerve.min.e31e56a.js
cdn.forms.office.net/forms/scripts/dists/ |
58 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response-page.min.dbed900.js
cdn.forms.office.net/forms/scripts/dists/ |
485 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeForms('UzSk3GO58U-fTXXA3_2oOdAha2gqtApDsR0xN1VERdxURDJPWk1PRjg2UThLWlI2ODNKUkE3WlU3Ni4u')
forms.office.com/formapi/api/dca43453-b963-4ff1-9f4d-75c0dffda839/users/686b21d0-b42a-430a-b11d-3137554445dc/light/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetHashResourceStrings
forms.office.com/Pages/ResponsePage.aspx/ |
23 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response-page.chunk.postsubmit.9601e44.js
cdn.forms.office.net/forms/scripts/dists/ |
0 6 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response-page.chunk.quiz.62b31e6.js
cdn.forms.office.net/forms/scripts/dists/ |
0 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 304 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08a5dda6-5474-4d36-80e2-4313f0184019_mo
lists.office.com/Images/dca43453-b963-4ff1-9f4d-75c0dffda839/686b21d0-b42a-430a-b11d-3137554445dc/TD2OZMOF86Q8KZR683JRA7ZU76/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fabricmdl2icons-20191009.subset.woff2
cdn.forms.office.net/forms/fonts/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy
forms.office.com/formapi/api/ |
65 B 203 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
response_v2.min.e8aff49.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08a5dda6-5474-4d36-80e2-4313f0184019
lists.office.com/Images/dca43453-b963-4ff1-9f4d-75c0dffda839/686b21d0-b42a-430a-b11d-3137554445dc/TD2OZMOF86Q8KZR683JRA7ZU76/ |
1005 KB 1007 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
08a5dda6-5474-4d36-80e2-4313f0184019
lists.office.com/Images/dca43453-b963-4ff1-9f4d-75c0dffda839/686b21d0-b42a-430a-b11d-3137554445dc/TD2OZMOF86Q8KZR683JRA7ZU76/ |
1005 KB 1007 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache function| $ function| jQuery function| _ object| React object| ReactDOM function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore object| webpackJsonp function| setPublicPath function| replaceChunkSrc object| Forms object| FormsPro function| jsllloaded object| awa string| behaviorKey object| linkify function| Picker5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.office.com/ | Name: MUID Value: 2AB6DB8F95D660FF2C00D52B94A7610A |
|
.forms.office.com/ | Name: AADNonce.forms Value: cf4bdb64-ec52-4d85-9bdd-dc0ab21421f6.637217348005018976 |
|
forms.office.com/ | Name: MSFPC Value: GUID=ab258993d95c49c68dfab8cd91aaad34&HASH=ab25&LV=202004&V=4&LU=1586138001003 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: AE3Hx4CeoxIV8eJhdgtRTB_zRfLQ4Qkjs-hUkVMc2qhmNolF-NBN0LSGzmZKhvHvzDedXYqPnHuCLmthpU6_68Y416M1 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
lists.office.com
plus.google.com
twitter.com
web.vortex.data.microsoft.com
104.244.42.1
125.5.87.158
152.199.19.160
2.16.186.83
2620:1ec:c11::200
2a00:1450:4001:81d::200d
2a00:1450:4001:81f::200e
40.77.226.250
52.109.76.19
52.109.88.13
52.114.159.112
52.142.114.2
1368a44c8dfe7c63f4d76654e99ac726dc303e2b3b05920e0b5a57dc3c66c4b3
241cb87f5148fee15ef5f4020a0963b16e2e9f139aefcffaa2844cd80d5e3e00
32d23f94f3d92cb1820c08bfcbda62c0991723146dd154d08620f1071f60235d
462b7525ba7e4de0a044605a2b2545581e75efc2f7133f1ae9c99d4a7d6a4010
576b5fa7347e3f0454b5e83149ab29dc6acd50e5256187017d182ce5901f899d
5d2953be276d8be390a8c26c5f6fa94c8df0162e840883746d9c8fae0330a481
8259cd6a41ca977104db27df54a3e62a47024e1fcae8620fd3708e5de7164e07
87655f580cea3562915857bb4f63446c6fd6250d63bb92cb108649047ff5d32c
8d66b0de2024eafee1b164cd9acc1e3fded1dd360c90ac81006caeaefaac6911
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3ab1f8a9cad4b9ea2ae793a64441707d8e04accf15b460bf6fde0a3cea1932c
b30a186e6704bd5cc66482379fd306a3baa744308bf02a3897c4f8268386891a
be0abfb7a954ca8d467dd39637223ef79fec45493c6df56fb4c79cec3fcfaf90
dd4be27dfff5029283cebb42e7b694ca379824ebc55b7dd5be15ca49173a0233
dddf9426097777cfe52527045a7e91f33d37082c7f98d60be312024feaffedc6
df44e74c857de0cd2b94ae343fe1afced4203aacb6dce3a7107338b0c9a76593
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923
f6bb2c9510a847ee752e3ebb6efd4e5346cd09c080238b317312c4ce23f0f297