forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Submission: On May 25 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.127.240.1 52.127.240.1 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:46::40 2620:1ec:46::40 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 13.69.109.131 13.69.109.131 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 40.79.189.59 40.79.189.59 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 5 |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.gcc.osi.office365.us |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
office.com
forms.office.com — Cisco Umbrella Rank: 5602 |
333 KB |
5 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 239 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131 |
2 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3302 |
58 KB |
1 |
office365.us
lists.gcc.osi.office365.us — Cisco Umbrella Rank: 149016 |
125 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
14 | forms.office.com |
forms.office.com
|
4 | browser.events.data.microsoft.com |
js.monitor.azure.com
|
1 | browser.pipe.aria.microsoft.com |
forms.office.com
|
1 | js.monitor.azure.com |
forms.office.com
|
1 | lists.gcc.osi.office365.us | |
21 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com DigiCert Cloud Services CA-1 |
2021-09-02 - 2022-09-01 |
a year | crt.sh |
lists.gcc.osi.office365.us DigiCert SHA2 Secure Server CA |
2022-02-17 - 2023-02-17 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 02 |
2022-03-27 - 2023-03-22 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2022-03-02 - 2023-02-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u
Frame ID: D38CD6A8D35CF4931AD4C71FA58BA1D7
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Vulnerability Management; Changes in Security Program ManagementDetected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ |
28 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.default.012786fa9.js
forms.office.com/Scripts/dists/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.css
forms.office.com/css/dist/ |
130 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.js
forms.office.com/Scripts/dists/ |
261 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u')
forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/light/ |
15 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.a08f40e.js
forms.office.com/Scripts/dists/ |
0 58 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.4d0e6e4.js
forms.office.com/Scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.a08f40e.js
forms.office.com/Scripts/dists/ |
184 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.4d0e6e4.js
forms.office.com/Scripts/dists/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.eb6086d.js
forms.office.com/Scripts/dists/ |
1012 B 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.css
forms.office.com/css/dist/ |
130 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetThemes
forms.office.com/Pages/ResponsePage.aspx/ |
240 B 406 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3796dccf-6992-4756-8e88-9625765a169b
lists.gcc.osi.office365.us/Images/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/58778177-b81b-4406-bdd9-53504b229206/T917OQ3VLZC3BJ0YCR594T17RP/ |
124 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'en-ca'
forms.office.com/formapi/api/a1d183f2-6c7b-4d9a-b994-5f2f31b3f780/users/58778177-b81b-4406-bdd9-53504b229206/forms('8oPRoXtsmk25lF8vMbP3gHeBd1gbuAZEvdlTUEsikgZUOTE3T1EzVkxaQzNCSjBZQ1I1OTRUMTdSUC4u'... |
2 B 680 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
176 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meeting.png
forms.office.com/Images/Theme/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1009 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 547 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| formsInitialVisibility object| NavKeyPoints object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
|
.forms.office.com/ | Name: FormsWebSessionId Value: 1f89d64b-d537-4d2d-a73a-fda6156e745e |
|
.forms.office.com/ | Name: usenewauthrollout Value: True |
|
forms.office.com/ | Name: __RequestVerificationToken Value: _bNuGphm_5-M2Av6y3vI3uToruQ5mlR2cTIebIs4vWnpHpGOSNraIdp2gLp5F0GcaKN7XOOrtVaWoZyCXyUpWQPw2tCcwkfF-h8J1Amgn3k1 |
|
forms.office.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: ce38ce81-ef99-4989-8adb-aa33296db141 |
|
forms.office.com/ | Name: ai_session Value: Y6FOyB4EhwwFVCY+NMlZJr|1653511523966|1653511523966 |
|
.microsoft.com/ | Name: MC1 Value: GUID=a559a574d6b340949aa39d8eb480268f&HASH=a559&LV=202205&V=4&LU=1653511525767 |
|
.microsoft.com/ | Name: MS0 Value: 52b22b5f049945f08b149b904189477f |
|
forms.office.com/ | Name: MSFPC Value: GUID=a559a574d6b340949aa39d8eb480268f&HASH=a559&LV=202205&V=4&LU=1653511525767 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
forms.office.com
js.monitor.azure.com
lists.gcc.osi.office365.us
13.69.109.131
2620:1ec:46::40
2620:1ec:a92::194
40.79.189.59
52.127.240.1
18932df4d82c463caa66d25bf307b275352da2b8dcb0b84bdea58fb8ad87f023
385270a44d8ee9464adabec3be29e3a1441f689fbc12f604c2945613b08f92b6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5a01de80850fe0fbfbcfa24b515bd8f187e1e4988e0c0b86a27a908a6670528d
5a2bf5aeb6f28fb7851f9c35b49d588ee72e3be019474be8597f400d6ab30d83
622822052989522c5aabb684d98d0ef1aa1f7a8af23fb92d95929c35860218d8
63c6a7ec945d7a47a80257ef78cd612d4323d69f23d74642f5eef33856c9998a
7bc000dc645e1b95c06283eb5713555fb88e591eef8d3ed71e78e910bf788eb2
8b21bda744f7a01b25f1dd5c10edcd46737c9932d90534d1e9566295368e929f
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c
a252607eb797318a9bf4ae7ac822be60eb049c201747791e1ca28dd0b5e99e7d
c19c47d6d93e939abeadf2ed03f18cd6243ee01a955908e43914500bbf346c38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5a5020e3ddf5fba503e8fcd4b5c3f0cc0259ec5ac4e1f3c9dbbb2e8c3802b97
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d
fc33d91c9616fa5c3a957b189cf1cc944801edeaf74cf81f97caa41bc4824f9c