forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ...
Submission: On January 14 via api from US
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 23.211.149.25 23.211.149.25 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2.16.177.89 2.16.177.89 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
2 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 51.140.157.153 51.140.157.153 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 7 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-211-149-25.deploy.static.akamaitechnologies.com
aka.ms |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-177-89.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
office.net
cdn.forms.office.net |
98 KB |
3 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com |
1 KB |
3 |
office.com
1 redirects
forms.office.com c.office.com |
95 KB |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
1 |
bing.com
1 redirects
c.bing.com |
513 B |
1 |
aka.ms
1 redirects
aka.ms |
566 B |
13 | 6 |
Domain | Requested by | |
---|---|---|
7 | cdn.forms.office.net |
forms.office.com
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
2 | c.office.com |
1 redirects
forms.office.com
|
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | az725175.vo.msecnd.net |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | forms.office.com | |
1 | aka.ms | 1 redirects |
13 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com GlobalSign Organization Validation CA - SHA256 - G3 |
2020-02-19 - 2022-02-19 |
2 years | crt.sh |
cdn.forms.office.net Microsoft IT TLS CA 1 |
2019-07-29 - 2021-07-29 |
2 years | crt.sh |
c.msn.com Microsoft RSA TLS CA 01 |
2020-10-07 - 2021-10-07 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02 |
2020-10-05 - 2021-10-05 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2020-09-14 - 2021-09-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Frame ID: D7E6B9A5004B350B7DE07E1FF6A47493
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://aka.ms/flow-mail
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5Q... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy and cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aka.ms/flow-mail
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&RedC=c.office.com&MXFR=04315A59829F6AC206A555E6869F616A HTTP 302
- https://c.office.com/c.gif?CtsSyncId=CEB5D57E439B449AAB299ECE9B3DDB5D&MUID=04315A59829F6AC206A555E6869F616A
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ Redirect Chain
|
348 KB 94 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page-core.chunk.vendors.940a732.js
cdn.forms.office.net/forms/scripts/dists/ |
133 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page-core.chunk.ext.4113adb.js
cdn.forms.office.net/forms/scripts/dists/ |
155 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page-core.chunk.post.boot.2235845.js
cdn.forms.office.net/forms/scripts/dists/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page-core.chunk.post.boot.2235845.js
cdn.forms.office.net/forms/scripts/dists/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ir_white.svg
cdn.forms.office.net/forms/images/ |
877 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
immersive-reader-icon.svg
cdn.forms.office.net/forms/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page-core.chunk.sw.4e4fe75.js
cdn.forms.office.net/forms/scripts/dists/ |
746 B 768 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 225 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
55 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| webpackJsonp function| setPublicPath function| replaceChunkSrc object| lrpIoC object| formFeatureReadyFlags object| awa string| behaviorKey5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.office.com/ | Name: MUID Value: 04315A59829F6AC206A555E6869F616A |
|
.forms.office.com/ | Name: AADNonce.forms Value: dcfde657-b87e-4d72-87d2-2daf1bba3662.637461838324448005 |
|
forms.office.com/ | Name: MSFPC Value: GUID=d196c86c4eaa4de19b0ca0b1ec055c55&HASH=d196&LV=202101&V=4&LU=1610587033348 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: MnWqKrJsK3J2DyE5t4ORTDr157J2fld4AqPRK6d27elQQsuc78zFXy_Q-ODzq0oP32dLDgR8CoQIehofR9RlN7fb9T8Qq9GO-o0QEaHXPic1 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aka.ms
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
web.vortex.data.microsoft.com
152.199.19.160
2.16.177.89
23.211.149.25
2620:1ec:a92::194
2620:1ec:c11::200
40.77.226.250
51.140.157.153
52.142.114.2
0aa3a3e25248abdfcc3ecd7a20a5f3df661ebf00088d81efb6f3f0192c3fbc1c
196d3e71a396f75f52b94bf617e5f4474b85ca2f358f32cc81d3521731fde20c
1e9d6d60d9a09afb039ddaa5bd654a80214298c5ad7e93be4ee59025604cb4f0
370b218c01e76ac9b23f6dd4a95489803259321ef45ae44598838e5db90664be
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
6a5df184c54c583382fa8de31eb6846fe38b0f559d8ae46300f677965292e663
6ddb375b347ae88ac75633df5aa4edeb1bc054e452d94edf457899e7dc31f06b
7eb3d0b76313a552d4d0ef2877b72f0ea827765c8832d5d64ce15266e6a05a70
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
d0d23bfb03adc97b2f57b944b34f97a816b568e090fade88f04ccd94aaf8903c
d4d514cdbd650d3e6320dbd0d61edcf0cbbcdb5c415748549e7eb29c7570b865
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855