forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU...
Submission: On September 25 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.34.10.94 52.34.10.94 | 16509 (AMAZON-02) (AMAZON-02) | |
1 4 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 104.83.4.106 104.83.4.106 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2620:1ec:46::44 2620:1ec:46::44 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.234.93.27 20.234.93.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 20.189.173.10 20.189.173.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-10-94.us-west-2.compute.amazonaws.com
email.cloud.secureclick.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-106.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8144 |
297 KB |
6 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 242 |
3 KB |
6 |
office.com
2 redirects
forms.office.com — Cisco Umbrella Rank: 5607 c.office.com — Cisco Umbrella Rank: 20372 |
25 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 220 |
661 B |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2377 |
61 KB |
1 |
secureclick.net
1 redirects
email.cloud.secureclick.net — Cisco Umbrella Rank: 86949 |
69 B |
21 | 6 |
Domain | Requested by | |
---|---|---|
10 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
6 | browser.events.data.microsoft.com |
js.monitor.azure.com
cdn.forms.office.net |
4 | forms.office.com |
1 redirects
forms.office.com
cdn.forms.office.net |
2 | c.office.com | 1 redirects |
1 | c.bing.com | 1 redirects |
1 | js.monitor.azure.com |
cdn.forms.office.net
|
1 | email.cloud.secureclick.net | 1 redirects |
21 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01 |
2022-09-24 - 2023-09-19 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2022-09-08 - 2023-09-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Frame ID: 3E228F722A8E8F4D895827F8C2AA4631
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Umfrage Motorrad-KursePage URL History Show full URLs
-
https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89
HTTP 302
https://forms.office.com/r/qNqFFGbrWg HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1M... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89
HTTP 302
https://forms.office.com/r/qNqFFGbrWg HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&RedC=c.office.com&MXFR=13772C8957FF6F371A0E3EA353FF643F HTTP 302
- https://c.office.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&MUID=13772C8957FF6F371A0E3EA353FF643F
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
responsepage.aspx
forms.office.com/pages/ Redirect Chain
|
48 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.de.9d44120bd.js
cdn.forms.office.net/forms/scripts/dists/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.fdb7008.css
cdn.forms.office.net/forms/css/dist/ |
141 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.2398e62.js
cdn.forms.office.net/forms/scripts/dists/ |
286 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u')
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/light/ |
54 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.e1bba4d.js
cdn.forms.office.net/forms/scripts/dists/ |
0 60 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.3c7ca50.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.e1bba4d.js
cdn.forms.office.net/forms/scripts/dists/ |
212 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.themes.807d665.js
cdn.forms.office.net/forms/scripts/dists/ |
301 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.3c7ca50.js
cdn.forms.office.net/forms/scripts/dists/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ |
945 B 831 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.778db79.js
cdn.forms.office.net/forms/scripts/dists/ |
80 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'de'
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/forms('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u'... |
2 B 292 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 592 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.office.com/ | Name: __RequestVerificationToken Value: MVRjR4sJo2wxH7TRA186bPNWbLUDs2YpqFNdQiEF7qrkBrIpTULnfhMJqOELyrN5gh_KXWbsXfW_R_QlNngFEdcadBj0F8nRBErn35YoAGQ1 |
|
forms.office.com/ | Name: ai_session Value: Al8H092+eg/55oNmLa0qJf|1664065093483|1664065093483 |
|
.office.com/ | Name: MUID Value: 13772C8957FF6F371A0E3EA353FF643F |
|
.bing.com/ | Name: MUID Value: 13772C8957FF6F371A0E3EA353FF643F |
|
.c.bing.com/ | Name: SRM_B Value: 13772C8957FF6F371A0E3EA353FF643F |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
|
forms.office.com/ | Name: MSFPC Value: GUID=1297314214e541c59ea2d6983e4a20c1&HASH=1297&LV=202209&V=4&LU=1664065095763 |
|
.microsoft.com/ | Name: MC1 Value: GUID=1fad8bfc6a1344fba09557b6ea34291d&HASH=1fad&LV=202209&V=4&LU=1664065095936 |
|
.microsoft.com/ | Name: MS0 Value: a424fd80a41245f4b3014bbc49f88b20 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
email.cloud.secureclick.net
forms.office.com
js.monitor.azure.com
104.83.4.106
20.189.173.10
20.234.93.27
2620:1ec:46::44
2620:1ec:a92::194
2620:1ec:c11::200
52.34.10.94
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
17cce1313d7b003d874d882928d058173ca50853f93c5f0a72a577e725f7915d
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
22cb1f633450c94b5e90713f10a2e0f917c7748fbaef98e3800cf9e10e3d85db
34225266c209980b75738f3b8c3be0a1e39e25c9db6de77f036a03d192981842
354736173a9cd911617e23ad791d85cb452c0baa38f75f0fa039c1dfde7ecb91
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
3c0a54ca71e02f1dbe65fc29b3a68d092d85c7ef59ffd1aebaa1aa99a3aabdf1
3f719772a4d68e6260937cc2ac1d6833a4dd83743665596f7b2ec6c7c32f514c
4e06f2764b62d0c34b33de4827588f4dc0127c683af2dd6f240c3cceae85494b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6cdc0c3afaebf365220d09507b29f6270f10900515b5ef043333a507735284c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eecb632f95651fdf0862665dc3de6d252de1a19ddfac6e4f20a0c15a7705fdf
a108bd0d5af16d3f0a47d1eeda8f1d2e753e751b4885acc6a2bd5bf04be5d414
b49b5b9816decb62fbed2c03eef18edb7733ea40cec05478ffc10f6120fb0a82
e21f0f3402917d7e2c102db5bcdc8325f424ed2055f573b4c6d7793944a736e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855