![](/screenshots/4516d011-4811-4808-93c8-e3d48bb6fc62.png)
forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQ...
Submission: On September 30 via manual from FR — Scanned from NL
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.29.203.194 192.29.203.194 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
2 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 2.21.74.41 2.21.74.41 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 52.109.68.85 52.109.68.85 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::60 2620:1ec:bdf::60 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.234.93.27 20.234.93.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 20.50.73.9 20.50.73.9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 13.89.179.9 13.89.179.9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
20 | 8 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-41.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8006 |
278 KB |
5 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 250 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 135 |
2 KB |
5 |
office.com
1 redirects
forms.office.com — Cisco Umbrella Rank: 4783 lists.office.com — Cisco Umbrella Rank: 12853 c.office.com — Cisco Umbrella Rank: 20643 |
1 MB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 224 |
665 B |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2192 |
61 KB |
1 |
oddo-bhf.com
1 redirects
app.oddo-bhf.com |
807 B |
20 | 6 |
Domain | Requested by | |
---|---|---|
10 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
4 | browser.events.data.microsoft.com |
js.monitor.azure.com
|
2 | c.office.com |
1 redirects
forms.office.com
|
2 | forms.office.com |
forms.office.com
|
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | js.monitor.azure.com |
cdn.forms.office.net
|
1 | lists.office.com |
forms.office.com
|
1 | app.oddo-bhf.com | 1 redirects |
20 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
lists.office.com Microsoft RSA TLS CA 02 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01 |
2022-09-24 - 2023-09-19 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2022-09-08 - 2023-09-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Frame ID: E574D40814DB5E6F3097031EE5B6169A
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/4516d011-4811-4808-93c8-e3d48bb6fc62.png)
Page Title
Challenge ELA - Walk Now!Page URL History Show full URLs
-
https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email...
HTTP 302
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwR... Page URL
Detected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Conditions d’utilisation
Search URL Search Domain Scan URL
Title: Accessibilité
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua&s=477300880&lid=3652&elqTrackId=2D01560EC059D5E83B04C588FFC96F5F&elq=f7699476a2b24dbf81c94ba850817081&elqaid=4692&elqat=1
HTTP 302
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&RedC=c.office.com&MXFR=1EADF43076ED675217BBE61F72ED6C28 HTTP 302
- https://c.office.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&MUID=1EADF43076ED675217BBE61F72ED6C28
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ Redirect Chain
|
51 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.nl.0a0f0888d.js
cdn.forms.office.net/forms/scripts/dists/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.c67f9e3.css
cdn.forms.office.net/forms/css/dist/ |
141 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.8abf4b3.js
cdn.forms.office.net/forms/scripts/dists/ |
287 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u')
forms.office.com/formapi/api/ca609612-2669-4884-a6bb-941f48aa5153/users/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/light/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.e7574ca.js
cdn.forms.office.net/forms/scripts/dists/ |
0 60 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.af665db.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.e7574ca.js
cdn.forms.office.net/forms/scripts/dists/ |
212 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.af665db.js
cdn.forms.office.net/forms/scripts/dists/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ |
945 B 831 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18f888de-75da-4ac8-9077-70fe1b53d500
lists.office.com/Images/ca609612-2669-4884-a6bb-941f48aa5153/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/TE80E8UM7A4FS7UPNLJBBG90ZX/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.1ds.2a84df3.js
cdn.forms.office.net/forms/scripts/dists/ |
80 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.fr.0a0f0888d.js
cdn.forms.office.net/forms/scripts/dists/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app.oddo-bhf.com/ | Name: ELOQUA Value: GUID=D8BD7BD2AEE44EE9B71A617257706AF7 |
|
.app.oddo-bhf.com/ | Name: ELQSTATUS Value: OK |
|
forms.office.com/ | Name: __RequestVerificationToken Value: 2PMB4XWZKEyWRv1xapXuQhNv3ysqTTD5RtFd25qTBK58UoONOnKmqq359dYSVFYcKtjJhEaMS7_RGCqV--lqU0tToMrS9UoQG_AJYN8UXEI1 |
|
.office.com/ | Name: MUID Value: 1EADF43076ED675217BBE61F72ED6C28 |
|
forms.office.com/ | Name: ai_session Value: Zt60wow0/v/F9PWGRW+tMy|1664530589403|1664530589403 |
|
.bing.com/ | Name: MUID Value: 1EADF43076ED675217BBE61F72ED6C28 |
|
.c.bing.com/ | Name: SRM_B Value: 1EADF43076ED675217BBE61F72ED6C28 |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
|
.microsoft.com/ | Name: MC1 Value: GUID=aff585fb97b3448f962546d070fe2931&HASH=aff5&LV=202209&V=4&LU=1664530590777 |
|
.microsoft.com/ | Name: MS0 Value: 5314d2d6d5cd4010891230381fdd1ee3 |
|
forms.office.com/ | Name: MSFPC Value: GUID=aff585fb97b3448f962546d070fe2931&HASH=aff5&LV=202209&V=4&LU=1664530590777 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.oddo-bhf.com
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
13.89.179.9
192.29.203.194
2.21.74.41
20.234.93.27
20.50.73.9
2620:1ec:a92::194
2620:1ec:bdf::60
2620:1ec:c11::200
52.109.68.85
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
236bdbcf00e972a39805c066a937abe3efd80bd8a5b6c96443b08d1e1c50f1ac
29261e718beef39adf1e6057e4387231e71df58c9ab64d994d3daa5741a1a82b
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
47bc816ef1a65322a6c4acef0c0423753f5e4eb00b6a64c1c9c77d399185af79
71bd860186d615c8e5a30566a2d69cee19ee33fdfa503baaf298904a471750d0
75bb9031a10ab391f8c6b52bf26ce7fc67172618a48a33dac62cac558e0e4606
92db9750961fd5f7d803cb44fb6bb6460f3ed0809bfd518ac82b15a3ef08629a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a10781e521fb5d90d6e7377738e95b9c5961ebc703a589e0386e25ded3c2bf2f
b3ba138c949337d8a9a4f8d6f6ca3e7e8e93aaf715efa72ba669eb392b06ed8d
b6ee2050bfd9ff3b94711528d1b9a2d0e443d3fc475174fe383167c04d8f28b4
d3fda649ae613c53e10c515e01a00f37101642b7eabbccad43fe5a7297f93b05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5386449ec28398ffa50493342b9fd351240dc3665943f32e449ee969ac066e
ff586efc3efe9ba516475db669ee3ce445766e67d9c0655cf73e578bfa959f50