forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDSU4xNFpZNlVUSjlZNjNOU...
Submission: On April 04 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on April 1st 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 191.252.4.45 191.252.4.45 | 27715 (Locaweb S...) (Locaweb Servicos de Internet SA) | |
3 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
18 | 2a02:26f0:e30... 2a02:26f0:e300::211:9340 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 68.219.88.97 68.219.88.97 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::237 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 13.69.239.74 13.69.239.74 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
29 | 6 |
ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: orion09.locaweb.com.br
www.vitek.com.br |
ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7945 |
577 KB |
5 |
office.com
1 redirects
forms.office.com — Cisco Umbrella Rank: 2397 c.office.com — Cisco Umbrella Rank: 19980 |
23 KB |
4 |
microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 1322 |
868 B |
2 |
vitek.com.br
www.vitek.com.br |
6 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 234 |
761 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
18 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
4 | eu-mobile.events.data.microsoft.com |
cdn.forms.office.net
|
3 | forms.office.com |
forms.office.com
cdn.forms.office.net |
2 | c.office.com | 1 redirects |
2 | www.vitek.com.br | |
1 | c.bing.com | 1 redirects |
29 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.vitek.com.br GlobalSign GCC R6 AlphaSSL CA 2023 |
2024-02-02 - 2025-03-05 |
a year | crt.sh |
forms.cloud.microsoft Microsoft Azure RSA TLS Issuing CA 04 |
2024-04-01 - 2025-03-27 |
a year | crt.sh |
cdn.forms.office.net Microsoft Azure ECC TLS Issuing CA 06 |
2023-07-12 - 2024-06-27 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 03 |
2023-12-31 - 2024-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDSU4xNFpZNlVUSjlZNjNOUlZCVEJNUC4u
Frame ID: 0FC5FD68971454CA49A8F6BC48C521D8
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Esquenta EncontroPage URL History Show full URLs
-
http://www.vitek.com.br/esquenta
HTTP 307
https://www.vitek.com.br/esquenta Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDS... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.vitek.com.br/esquenta
HTTP 307
https://www.vitek.com.br/esquenta Page URL
- https://forms.office.com/Pages/ResponsePage.aspx?id=BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDSU4xNFpZNlVUSjlZNjNOUlZCVEJNUC4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.vitek.com.br/esquenta HTTP 307
- https://www.vitek.com.br/esquenta
- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2AD2F0B105C5452E87FE28B8E00D8F51&RedC=c.office.com&MXFR=02A8198EB33768F910060DD9B737632F HTTP 302
- https://c.office.com/c.gif?ctsa=mr&CtsSyncId=2AD2F0B105C5452E87FE28B8E00D8F51&MUID=02A8198EB33768F910060DD9B737632F
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
esquenta
www.vitek.com.br/ Redirect Chain
|
303 B 843 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.vitek.com.br/ |
5 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ |
63 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.de.f75b833e1.js
cdn.forms.office.net/forms/scripts/dists/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.c8eaf21.js
cdn.forms.office.net/forms/scripts/dists/ |
468 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDSU4xNFpZNlVUSjlZNjNOUlZCVEJNUC4u')
forms.office.com/formapi/api/fddf3406-4892-458e-a920-d4117b3cfc38/users/4a07199a-8b33-4b6f-a3ae-83677290d93b/light/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.315e3ca.js
cdn.forms.office.net/forms/scripts/dists/ |
0 107 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_saveresponse.dd5aea1.js
cdn.forms.office.net/forms/scripts/dists/ |
0 10 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_groupnote.52fa4d9.js
cdn.forms.office.net/forms/scripts/dists/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_cover.feeae58.js
cdn.forms.office.net/forms/scripts/dists/ |
0 17 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.8ec08fa.js
cdn.forms.office.net/forms/scripts/dists/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
cdn.forms.office.net/forms/images/ |
8 KB 8 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.315e3ca.js
cdn.forms.office.net/forms/scripts/dists/ |
386 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_saveresponse.dd5aea1.js
cdn.forms.office.net/forms/scripts/dists/ |
32 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.8ec08fa.js
cdn.forms.office.net/forms/scripts/dists/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ |
1 KB 1001 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.officebrowserfeedback.3b74b9f.js
cdn.forms.office.net/forms/scripts/dists/ |
0 105 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ |
108 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.utel.5fd3a80.js
cdn.forms.office.net/forms/scripts/dists/ |
31 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 332 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'de'
forms.office.com/formapi/api/fddf3406-4892-458e-a920-d4117b3cfc38/users/4a07199a-8b33-4b6f-a3ae-83677290d93b/forms('BjTf_ZJIjkWpINQRezz8OJoZB0ozi29Lo66DZ3KQ2TtUMllDSU4xNFpZNlVUSjlZNjNOUlZCVEJNUC4u'... |
2 B 411 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.utel_1ds.c419280.js
cdn.forms.office.net/forms/scripts/dists/ |
99 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
24 B 291 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
153 B 577 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.office.com/ | Name: FormsWebSessionId Value: b2150a39-4465-4fed-95dd-ef76cbb8adae |
|
forms.office.com/ | Name: __RequestVerificationToken Value: CRheWmYxTuNkPm463m3dOY5ywqma9SoxSv9c-vsficPOB7K3TXJy1X6zdsKNI6HehViYQOna2plx_d8fB5BvC3SizOkvIUkyOqtgAzxUIiw1 |
|
.office.com/ | Name: MUID Value: 02A8198EB33768F910060DD9B737632F |
|
.bing.com/ | Name: MUID Value: 02A8198EB33768F910060DD9B737632F |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 02A8198EB33768F910060DD9B737632F |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: MR Value: 0 |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.bing.com
c.office.com
cdn.forms.office.net
eu-mobile.events.data.microsoft.com
forms.office.com
www.vitek.com.br
13.69.239.74
191.252.4.45
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:e300::211:9340
68.219.88.97
1d86fceea0c0925b8ab1cb061beb63cd60aa7acbf0b948f6828e6590dae12c4e
3bcd109d2a60c149f042e757a5cea5bdd9e5cc6eeabdcc5d1392b4f7568bff1b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5731240e35b77a0215f0e080e5569e2114695006918cd642b9b462518c78c2e6
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5d7bf60eb04f9c808ffffdd257860252746851e3f2ead7a30e55ad4f2ab55acd
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
8b6c4d956a928fc5c7578af2f9ad321ad5488c66e57ebaf3daacb6f10d215d94
900fc8853701eebea926e8349911f0104decd685050eb27e97c517fd4cf7798a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c7ce041db9d04e27906d38765bdad13de75c93460ecc6d228012d230c484356
a12daf9519b269d91e9249d661ea8450134882949803fe0202531ba28f92a3dc
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
c32bc544ef04d84759921baf2479ecf211fd222d65a15543cc58226fac59b1f1
c7ec46fd21de3f6adedc4665282bda0720a3763dafd81720176471983b37e819
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43bd4dc9b8ee4e6e9c66e8204ca26eb67dc26852ff471a299c02709530fdb06
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f9dcc1a976b366afc5a7ad505f21f000427f72b9c300e7b28079c38d02291510
feec3269001a82dd131d49fe8536753a81bd0e7e4049aebbeff7ec0a29e341e7