forms.office.com
Open in
urlscan Pro
52.109.76.19
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaT...
Submission: On September 27 via manual from US
Summary
TLS certificate: Issued by Microsoft IT TLS CA 1 on December 19th 2017. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 173.208.194.194 173.208.194.194 | 32097 (WII-KC) (WII-KC - WholeSale Internet) | |
9 | 52.109.76.19 52.109.76.19 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
2 | 64.4.54.254 64.4.54.254 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 52.114.76.34 52.114.76.34 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 2.18.232.116 2.18.232.116 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
16 | 6 |
ASN32097 (WII-KC - WholeSale Internet, Inc., US)
PTR: sln.crystalregistry.com
iltil.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
forms.office.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az725175.vo.msecnd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-116.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
office.com
forms.office.com |
425 KB |
4 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com |
2 KB |
1 |
sharepointonline.com
static2.sharepointonline.com |
116 KB |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
1 |
iltil.com
iltil.com |
275 B |
16 | 5 |
Domain | Requested by | |
---|---|---|
9 | forms.office.com |
forms.office.com
|
2 | browser.pipe.aria.microsoft.com |
forms.office.com
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
1 | static2.sharepointonline.com | |
1 | az725175.vo.msecnd.net |
forms.office.com
|
1 | iltil.com | |
16 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
iltil.com Let's Encrypt Authority X3 |
2018-08-22 - 2018-11-20 |
3 months | crt.sh |
forms.office.com Microsoft IT TLS CA 1 |
2017-12-19 - 2019-12-19 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 5 |
2018-01-30 - 2020-01-30 |
2 years | crt.sh |
*.pipe.aria.microsoft.com Microsoft IT TLS CA 1 |
2017-09-06 - 2019-09-06 |
2 years | crt.sh |
*.sharepointonline.com Microsoft IT TLS CA 2 |
2017-11-03 - 2019-11-03 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u
Frame ID: 10DA6502B278F6EB4A57A2EA17FFFCB5
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://iltil.com/offc.htm Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFM... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
- env /^React$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy and Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://iltil.com/offc.htm Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
offc.htm
iltil.com/ |
177 B 275 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
ResponsePage.aspx
forms.office.com/Pages/ |
10 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
forms.office.com/css/vendors/bootstrap/3.3.5/ |
120 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-page.min.css
forms.office.com/css/dist/ |
331 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basics_99f4a98.js
forms.office.com/Scripts/Vendors/combined/ |
367 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
53 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-page.min.js
forms.office.com/Scripts/dists/ |
772 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
260 B 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtimeForms('wAIEFRMhdkm2QqbfVDwrVks1d_c3pMZBr5Jfd4nGWrRUM1VFMDdKQkJORlRIRTRJNDNaTlc2SEFTQy4u')
forms.office.com/formapi/api/150402c0-2113-4976-b642-a6df543c2b56/users/f777354b-a437-41c6-af92-5f7789c65ab4/light/ |
49 B 977 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
GetResourceStrings
forms.office.com/Pages/ResponsePage.aspx/ |
102 KB 29 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response_26071dc.js
forms.office.com/Scripts/Vendors/combined/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
57 B 663 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
register-bg.png
forms.office.com/Images/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fabricmdl2icons-2.68.woff2
static2.sharepointonline.com/files/fabric/assets/icons/ |
115 KB 116 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 395 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| OfficeFormServerInfo number| FormsPageStartTime function| init object| datas object| modules function| require object| Logging function| AuthenticationContext object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| $ function| jQuery object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| _ object| React object| ReactDOM object| awa string| behaviorKey function| escapeRegExp function| formatNumber function| extractDigits function| removeQuatos function| parseStringToDateLabels function| getTime function| makeDOMException function| getbyte64 function| decode function| getbyte function| encode function| __extends function| __assign object| NerveImplementation object| Nerve object| OfficeForm object| stringDelimiter object| dateLabelsRegExp undefined| PADCHAR_1 undefined| ALPHA_1 object| Forms object| FormsPro object| linkify function| linkifyElement function| Picker4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: AADNonce.forms Value: c1eb0bf9-d592-49b4-98f7-02ef52ab20f4.636736086370219364 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: l8mIGnvnJa5ssqKA0-9btq8ngMmk3we5_p3mABLGxByy7cOuCuD-KfrJto28pQb-WASH8QIPtHyj1Ehvxxjutc-9jwQ1 |
|
forms.office.com/ | Name: MSFPC Value: GUID=7d53e266806c478e820df691a282394f&HASH=7d53&LV=201809&V=4&LU=1538011838176 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
forms.office.com
iltil.com
static2.sharepointonline.com
web.vortex.data.microsoft.com
152.199.19.160
173.208.194.194
2.18.232.116
52.109.76.19
52.114.76.34
64.4.54.254
2de10087a5600df93eb567fd1eb86f223bfc6016d9d857a7464b0cec09d148cb
2ffc559486b04db6816aa60130dccb48c3085fa65c892724608d486a7ba5f284
7b5ac208c58ef1bbac1415ebfde89d41abaa2a752f09450b4b06c0a67941fec8
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
81bd9c6953694abf461e6f47173b09535424d58f3764515d2d1a9f409594559a
858cbcf332cd044bb9af4d53ae37fcc5f44d3dcc22148a1b34daed60e0f335a0
8d316e9191d40a4b9cc775c0adce0a999873c1935781d1312a5b12ee717c53d4
a236eeca8a7bc8662e5651139213e22e347306d7ddf2891230fd90da75212c53
d0378cae08b13606e0398c8875b1d778b748bdf279e8f8bfba0ef58acb0d8475
d64c936302de6f7f101ae1484214647a22681da06176db6b39bc1f76ff49744e
e1b5947f967335e6bf36b3fb3af3c1105dbcf289adaab09cfa7be2e6d7cbb3c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e921482cc0c23ee8c5a11da7ee085170f3567edfb5709f938e338a1a5d402f7e
f75abfc2829e6c6103f63868067e4a08884a354217ea58262777553ee5a6b32a