forms.office.com
Open in
urlscan Pro
52.109.76.79
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=CEPK0mYOGUOx-1EpwpetZJsSff6DbEhHiZRz5OrtmQxUQ1ZMTVIzWEFVM1BRTTdLSDFWN...
Submission: On June 13 via manual from US
Summary
TLS certificate: Issued by Microsoft IT TLS CA 4 on February 26th 2019. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 213.186.33.97 213.186.33.97 | 16276 (OVH) (OVH) | |
10 | 52.109.76.79 52.109.76.79 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
2 | 64.4.54.254 64.4.54.254 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 52.109.88.14 52.109.88.14 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 104.103.74.164 104.103.74.164 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 52.114.88.28 52.114.88.28 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
18 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
forms.office.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az725175.vo.msecnd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.office.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.bing.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
lists.office.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-74-164.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
office.com
1 redirects
forms.office.com c.office.com lists.office.com |
547 KB |
3 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com |
2 KB |
1 |
sharepointonline.com
static2.sharepointonline.com |
116 KB |
1 |
bing.com
1 redirects
c.bing.com |
555 B |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
1 |
bea-factory.com
bea-factory.com |
614 B |
18 | 6 |
Domain | Requested by | |
---|---|---|
10 | forms.office.com |
forms.office.com
|
2 | c.office.com |
1 redirects
forms.office.com
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
1 | browser.pipe.aria.microsoft.com |
forms.office.com
|
1 | static2.sharepointonline.com |
forms.office.com
|
1 | lists.office.com |
forms.office.com
|
1 | c.bing.com | 1 redirects |
1 | az725175.vo.msecnd.net |
forms.office.com
|
1 | bea-factory.com | |
18 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft IT TLS CA 4 |
2019-02-26 - 2021-02-26 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 5 |
2018-01-30 - 2020-01-30 |
2 years | crt.sh |
c.msn.com Microsoft IT TLS CA 1 |
2018-09-13 - 2020-09-13 |
2 years | crt.sh |
lists.office.com Microsoft IT TLS CA 4 |
2017-12-18 - 2019-12-18 |
2 years | crt.sh |
*.sharepointonline.com Microsoft IT TLS CA 2 |
2017-11-03 - 2019-11-03 |
2 years | crt.sh |
*.events.data.microsoft.com Microsoft IT TLS CA 2 |
2017-11-07 - 2019-11-07 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=CEPK0mYOGUOx-1EpwpetZJsSff6DbEhHiZRz5OrtmQxUQ1ZMTVIzWEFVM1BRTTdLSDFWNzJZTDZPSS4u=dave.ross@ros.com
Frame ID: 768357CCC7C67094D2E5967BE2D75BD4
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://bea-factory.com//modules/zcan.php?email=dave.ross@ros.com Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=CEPK0mYOGUOx-1EpwpetZJsSff6DbEhHiZRz5OrtmQxUQ1ZMT... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
React (JavaScript Frameworks) Expand
Detected patterns
- env /^React$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy and cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://bea-factory.com//modules/zcan.php?email=dave.ross@ros.com Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=CEPK0mYOGUOx-1EpwpetZJsSff6DbEhHiZRz5OrtmQxUQ1ZMTVIzWEFVM1BRTTdLSDFWNzJZTDZPSS4u=dave.ross@ros.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?&CtsSyncId=1BA80341EC084A7788137F970DB58CFC&RedC=c.office.com&MXFR=0E75E60DA19960171FB2EB77A5996B82 HTTP 302
- https://c.office.com/c.gif?&CtsSyncId=1BA80341EC084A7788137F970DB58CFC&MUID=0E75E60DA19960171FB2EB77A5996B82
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
zcan.php
bea-factory.com//modules/ |
191 B 614 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
ResponsePage.aspx
forms.office.com/Pages/ |
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
forms.office.com/css/vendors/bootstrap/3.3.5/ |
120 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-page.min.css
forms.office.com/css/dist/ |
364 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basics_8f1b3df.js
forms.office.com/Scripts/Vendors/combined/ |
351 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response-page.min.js
forms.office.com/Scripts/dists/ |
911 KB 197 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
260 B 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtimeForms('CEPK0mYOGUOx-1EpwpetZJsSff6DbEhHiZRz5OrtmQxUQ1ZMTVIzWEFVM1BRTTdLSDFWNzJZTDZPSS4u')
forms.office.com/formapi/api/d2ca4308-0e66-4319-b1fb-5129c297ad64/users/fe7d129b-6c83-4748-8994-73e4eaed990c/light/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
GetResourceStrings
forms.office.com/Pages/ResponsePage.aspx/ |
166 KB 47 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
response_2e6ed61.js
forms.office.com/Scripts/Vendors/combined/ |
92 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
privacy
forms.office.com/formapi/api/ |
65 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0f899226-fe2b-4b42-85c6-b54c389a3b54
lists.office.com/Images/d2ca4308-0e66-4319-b1fb-5129c297ad64/fe7d129b-6c83-4748-8994-73e4eaed990c/TCVLMR3XAU3PQM7KH1V72YL6OI/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
meeting.png
forms.office.com/Images/Theme/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fabricmdl2icons-2.68.woff2
static2.sharepointonline.com/files/fabric/assets/icons/ |
115 KB 116 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
260 B 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
70 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| OfficeFormServerInfo number| FormsPageStartTime function| init object| datas object| modules function| require object| Logging function| AuthenticationContext object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| $ function| jQuery object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| _ object| React object| ReactDOM object| awa string| behaviorKey function| escapeRegExp function| formatNumber function| extractDigits function| removeQuatos function| parseStringToDateLabels function| getTime function| makeDOMException function| getbyte64 function| decode function| getbyte function| encode function| __extends function| __assign object| NerveImplementation object| Nerve object| OfficeForm object| stringDelimiter object| dateLabelsRegExp undefined| PADCHAR_1 undefined| ALPHA_1 object| Forms object| linkify function| linkifyElement function| Picker0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az725175.vo.msecnd.net
bea-factory.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
forms.office.com
lists.office.com
static2.sharepointonline.com
web.vortex.data.microsoft.com
104.103.74.164
152.199.19.160
213.186.33.97
2620:1ec:c11::200
52.109.76.79
52.109.88.14
52.114.88.28
52.142.114.2
64.4.54.254
0838b23bea30a401ddf83c45ee61a83559f88cdf6e702fb9e88746309f2aa49d
177642b2dbe4e42aaec41937625066c2fe397ff24302f681939bcff57d614cd5
2ce1314e315d752162ae83d022a3d62f6f24223d92e0fa65d9214251f2ef8df7
32d23f94f3d92cb1820c08bfcbda62c0991723146dd154d08620f1071f60235d
56e059f70bc7fb4e13964ccbf546a940809c3218cdb0f0c5e15efc8481915528
596dcea5238fc58bdb77a261bd0e0f88dfa18133f14bf3aaef9b1171391070c1
6351e23fdddd9b4fbcec67e151730195813791320667b1d375112a03fb3527cc
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
7d79b38eaa8fd7eb632951541cb828e848026f8af1f93e2008f75d31df95ceb9
81bd9c6953694abf461e6f47173b09535424d58f3764515d2d1a9f409594559a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f61ec09347eb1f51ea619504740f084175e04fc64b0a3b719a2968299906edc
b07b1de3ec85115585bdef67c5026532cc97450ce843c68cd45519928ca7d8e8
d899f022aedbd23a58d9a9daaf3d1d6882f29a116ec64159c3bdcb86c011c55b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d