urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwV...
Submission: On March 17 via manual from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5772.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:1ec:a92:... 8068 (MICROSOFT...)
8 2600:1413:1::... 20940 (AKAMAI-ASN1)
10 3
Apex Domain
Subdomains		 Transfer
8 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8147
230 KB
1 office.com
forms.office.com — Cisco Umbrella Rank: 5772
17 KB
10 2
Domain Requested by
8 cdn.forms.office.net forms.office.com
cdn.forms.office.net
1 forms.office.com forms.office.com
10 2

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u
Frame ID: 4E58463C8FEB2E39B2CB3801E0D022F5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

10
Requests

90 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

247 kB
Transfer

542 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85c1f7558fc5957994f5a01d259acaa784f28fc4e6bcb449ea2e08a77b9c9a86
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 17 Mar 2023 15:54:28 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
66fa33ad-9577-474d-9576-3a358dc297c3
x-msedge-ref
Ref A: 21CF16D492BF46E2A37AF205C64B3619 Ref B: SG2EDGE2022 Ref C: 2023-03-17T15:54:27Z
x-officecluster
ncus-101.forms.office.com
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16313.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
66fa33ad-9577-474d-9576-3a358dc297c3
x-routingofficecluster
sea-103.forms.office.com
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.16313.42051
x-routingsessionid
8a801b68-2cce-4e82-95d7-e3f55d223afe
x-usersessionid
8a801b68-2cce-4e82-95d7-e3f55d223afe
ls-response.default.a6db7f7f6.js
cdn.forms.office.net/forms/scripts/dists/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.default.a6db7f7f6.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b2d3c808bc371e3ee61bb6db8703c41c1e77c92bb0f1361912b0abad81c21897

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
NpAhgrJEGclb/KGF+OMOew==
content-length
8282
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25159D727A49
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
281bf851-101e-0012-050d-579de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.min.1f878ff.css
cdn.forms.office.net/forms/css/dist/ 		102 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.1f878ff.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
02d9b47f4e9b22c42c5a472008f57ee9d84e15411b81f38931f5e8f94fb458bd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
ccjDt/kjaYCcDGEJSXa3cQ==
content-length
18360
x-ms-lease-status
unlocked
last-modified
Mon, 13 Mar 2023 06:56:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2390014755DD
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d47557ad-701e-004d-6580-556f1b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.min.6e2f4df.js
cdn.forms.office.net/forms/scripts/dists/ 		358 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cd52f07e33002e7713402132dc04a08487c79f9d5e0c04466de77dda2f9376f9

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
v4ZzGMHFL3TPoaApYQ51MQ==
content-length
101987
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599EB3EF1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f0891ec0-201e-0077-700b-572cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u')
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0006-00001f50e719/light/ 		0
0
light-response-page.chunk.lrp_ext.3f8e6c3.js
cdn.forms.office.net/forms/scripts/dists/ 		0
63 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3f8e6c3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
JHZGiDXbEr8DVz4J8wrdGQ==
content-length
63991
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599D1C76B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c8f4f387-c01e-0039-5d0b-57e95d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.chunk.lrp_cover.0cb5de4.js
cdn.forms.office.net/forms/scripts/dists/ 		0
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.0cb5de4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
1YMAJJFaqbuOvxy5hBkbOA==
content-length
30219
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599D019FD
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
782a03d7-401e-0001-7e0b-57a804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.chunk.lrp_saveresponse.5dbbd6a.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.5dbbd6a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
GCrh1zmKdQB4Xj9Dtynjrg==
content-length
2794
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599CEBAA5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0fee80d9-f01e-0057-160b-574074000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.chunk.lrp_trial.cff38b6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.cff38b6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
yCigRIpC2jyMmoT+0HjYcg==
content-length
1737
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599CEE1AA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f0893652-201e-0077-670b-572cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT
light-response-page.chunk.lrp_post.boot.2bf98e2.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.2bf98e2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.6e2f4df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1::1734:ab98 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Mar 2023 15:54:28 GMT
content-encoding
br
content-md5
20YrY3+LMQpTikxYycmmpA==
content-length
4341
x-ms-lease-status
unlocked
last-modified
Wed, 15 Mar 2023 05:24:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB251599CEBAA5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
45e30d95-f01e-0031-140b-57f22e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:54:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.office.com
URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0006-00001f50e719/light/runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAYAAB9Q5xlUM0xaVVdRNTZPVVNWSjZRVFMwVEtYTlVUVy4u')?$expand=questions($expand=choices)

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap

3 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: 5eda69e8-e761-48ab-9250-5a00958cc309
.forms.office.com/ Name: RpsAuthNonce
Value: 5eda69e8-e761-48ab-9250-5a00958cc309
forms.office.com/ Name: __RequestVerificationToken
Value: _GAAvI_BW3_FHRof9yDYEAK5o1ecDFdtUgWGnhiWbGoc8uv2Ps_J9_7BGS2qJj2dFmAsJswJi6UaryyvnPWTQseWW5QOxk-GkvPrZTe6g801

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains