forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Submission: On February 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.127.244.58 52.127.244.58 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:48:1... 2620:1ec:48:1::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 40.79.141.152 40.79.141.152 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 4 |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
office.com
forms.office.com — Cisco Umbrella Rank: 5910 |
384 KB |
6 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 239 |
2 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1563 |
61 KB |
1 |
office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 117755 |
19 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
13 | forms.office.com |
forms.office.com
|
6 | browser.events.data.microsoft.com |
js.monitor.azure.com
forms.office.com |
1 | js.monitor.azure.com |
forms.office.com
|
1 | lists.gcc.osi.office365.us |
forms.office.com
|
21 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
lists.gcc.osi.office365.us DigiCert SHA2 Secure Server CA |
2022-12-14 - 2023-12-14 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05 |
2022-12-23 - 2023-12-18 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2022-12-07 - 2023-12-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u
Frame ID: AB2F4D93EB0825CE1DBC1F329DCD9731
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
PONYA System Access RequestDetected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ |
33 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.de.b178d9d29.js
forms.office.com/Scripts/dists/ |
32 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.css
forms.office.com/css/dist/ |
145 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.js
forms.office.com/Scripts/dists/ |
311 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u')
forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/light/ |
17 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.d76873b.js
forms.office.com/Scripts/dists/ |
0 71 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_cover.4878077.js
forms.office.com/Scripts/dists/ |
0 38 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.423ff39.js
forms.office.com/Scripts/dists/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.d76873b.js
forms.office.com/Scripts/dists/ |
200 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.423ff39.js
forms.office.com/Scripts/dists/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.0b67d9e.js
forms.office.com/Scripts/dists/ |
1 KB 876 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.4a73f96.js
forms.office.com/Scripts/dists/ |
92 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
83e90ef7-f27b-4c92-9dba-3f9b6a4b7990
lists.gcc.osi.office365.us/Images/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/b7079559-5f21-4191-885d-03d8cb68615e/T2QF4CUV908NS2FB5FKLRQ384L/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'de'
forms.office.com/formapi/api/c4484a25-d0d8-4ad0-916a-a889b6aa7a02/users/b7079559-5f21-4191-885d-03d8cb68615e/forms('JUpIxNjQ0EqRaqiJtqp6AlmVB7chX5FBiF0D2MtoYV5UMlFGNENVVjkwOE5TMkZCNUZLTFJRMzg0TC4u'... |
2 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __stylesheet__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: FormsWebSessionId Value: cabce431-3422-4eaa-a00a-4378912a7d21 |
|
.forms.office.com/ | Name: usenewauthrollout Value: True |
|
forms.office.com/ | Name: __RequestVerificationToken Value: rArtqO2nuEkP1SCTLadjzAT5eGQgVZej3XDbi9mZJ3FLrG3FXybhsA8aNfSs_fEGcje-DfJLjDQ7S0HPjPxv__VnHoNQwli_XWDUpR2a9Ac1 |
|
forms.office.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: b7b434c2-136c-414c-b0d6-ef3ddb06cb1c |
|
forms.office.com/ | Name: ai_session Value: 1X+tePLwcY8GQGRMQX7mPI|1677086319194|1677086319194 |
|
.microsoft.com/ | Name: MC1 Value: GUID=09304c97e8894a6e9b439670f6b78549&HASH=0930&LV=202302&V=4&LU=1677086320535 |
|
.microsoft.com/ | Name: MS0 Value: 3caced6e33d1429987fe0e9a1f8af938 |
|
forms.office.com/ | Name: MSFPC Value: GUID=09304c97e8894a6e9b439670f6b78549&HASH=0930&LV=202302&V=4&LU=1677086320535 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
2620:1ec:48:1::45
2620:1ec:a92::194
40.79.141.152
52.127.244.58
1878bc46126d8ab7fbf9f6c53383107f8c7b5f7d993145078d04b380cbe9bebd
1f48c26d931b404d5be5994c216b9f0ac719550affd97cdcc284b9cc7b21b481
21f025d790f3c8be38ea17b17e1c246ea4ad36fa1c880547733365648e076199
40ef3743c4062327945f3d4aedad42367d18d1860745ba48c9a7f33927bd15ee
46f55c1d415fb031e5b482986d6ad9e7dea4a5a1d4f9aaa9ad6514b44f026b88
476f90c57d064388e9b26a94922a71bf69e3f2d19823786add86ec45a641be72
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
8c08b0cd675de57d9ecfb8e2be8abbedea757f6588236160b33d471020f86760
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8
a595b14b0b5004ef1d9ff485af59a29926d7df81f7d5e819adac9511346f7d8d
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5
c04b93d9bdd4403b45c3aab1a0addc0358e12d148668d9068f147e7440ba2c73
d72e9e61923db0eef20104c39dbe8dfe19ef29831fae6858858c14d7252404a4
def1d159ed80fe627468f69a5db5b8a4c60c18e97d76bc95172b64536e7d4eb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749