forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DO...
Submission: On June 22 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.208.106.2 52.208.106.2 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 5 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
8 | 23.48.23.38 23.48.23.38 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 52.109.88.76 52.109.88.76 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.234.93.27 20.234.93.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:49::45 2620:1ec:49::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 51.116.246.105 51.116.246.105 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
20 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-106-2.eu-west-1.compute.amazonaws.com
8gd8j5d4.r.eu-west-1.awstrack.me |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-38.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com | |
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9489 |
222 KB |
8 |
office.com
2 redirects
forms.office.com — Cisco Umbrella Rank: 5882 lists.office.com — Cisco Umbrella Rank: 14732 c.office.com — Cisco Umbrella Rank: 23988 |
37 KB |
5 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 226 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 109 |
2 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2972 |
58 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 182 |
665 B |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 4421 |
290 B |
1 |
awstrack.me
1 redirects
8gd8j5d4.r.eu-west-1.awstrack.me |
136 B |
20 | 7 |
Domain | Requested by | |
---|---|---|
8 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
5 | forms.office.com |
1 redirects
forms.office.com
cdn.forms.office.net |
4 | browser.events.data.microsoft.com |
js.monitor.azure.com
|
2 | c.office.com | 1 redirects |
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | js.monitor.azure.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | lists.office.com | |
1 | bit.ly | 1 redirects |
1 | 8gd8j5d4.r.eu-west-1.awstrack.me | 1 redirects |
20 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com DigiCert Cloud Services CA-1 |
2021-09-02 - 2022-09-01 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
lists.office.com Microsoft RSA TLS CA 02 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 02 |
2022-03-27 - 2023-03-22 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2022-04-08 - 2023-04-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u
Frame ID: 31DF9E0E42A8F6314923A26FA1E3377A
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
QUESTIONARIO DI GRADIMENTO DEI SERVIZIPage URL History Show full URLs
-
https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1...
HTTP 302
https://bit.ly/3KMr8OG HTTP 301
https://forms.office.com/r/G2P7uv4mB2 HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMW... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Condizioni per l'utilizzo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://8gd8j5d4.r.eu-west-1.awstrack.me/L0/https:%2F%2Fbit.ly%2F3KMr8OG/1/0102018181a27f35-760c3441-0567-4cd7-862a-1c4a91fa04af-000000/pNRkEJORpTh8OpYdNjjm8o8U6IE=274
HTTP 302
https://bit.ly/3KMr8OG HTTP 301
https://forms.office.com/r/G2P7uv4mB2 HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&RedC=c.office.com&MXFR=27F5F3446E2D6709139DE28F6A2D6CEC HTTP 302
- https://c.office.com/c.gif?CtsSyncId=33E0ECD4B4984D58AD0F43667EDFF18E&MUID=27F5F3446E2D6709139DE28F6A2D6CEC
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
responsepage.aspx
forms.office.com/pages/ Redirect Chain
|
46 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.it.a30d4c81e.js
cdn.forms.office.net/forms/scripts/dists/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.54facba.css
cdn.forms.office.net/forms/css/dist/ |
134 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.83ec491.js
cdn.forms.office.net/forms/scripts/dists/ |
263 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u')
forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/light/ |
29 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.1fcee69.js
cdn.forms.office.net/forms/scripts/dists/ |
0 53 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.4c6c090.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.1fcee69.js
cdn.forms.office.net/forms/scripts/dists/ |
186 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.4c6c090.js
cdn.forms.office.net/forms/scripts/dists/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.eb6086d.js
cdn.forms.office.net/forms/scripts/dists/ |
1012 B 839 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GetThemes
forms.office.com/pages/responsepage.aspx/ |
226 B 453 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e3b7dc54-6674-4d66-b391-3db71ececb6b
lists.office.com/Images/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/1133862c-80bd-45ca-9780-7a8832c611e0/T62LXGDDT4954N4JZNC9YETHR5/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'it'
forms.office.com/formapi/api/61cea4b1-8a5a-402a-a97b-23d6b1de63fc/users/1133862c-80bd-45ca-9780-7a8832c611e0/forms('saTOYVqKKkCpeyPWsd5j_CyGMxG9gMpFl4B6iDLGEeBUNjJMWEdERFQ0OTU0TjRKWk5DOVlFVEhSNS4u'... |
2 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: m5mdOJ-1f9b0d8fbe2a90a134-00W |
|
forms.office.com/ | Name: DcLcid Value: ui=1040&data=1040 |
|
.forms.office.com/ | Name: FormsWebSessionId Value: 36fa6787-3ed7-4379-9e2e-9f28ade1ab14 |
|
.forms.office.com/ | Name: usenewauthrollout Value: True |
|
forms.office.com/ | Name: __RequestVerificationToken Value: RxPM9oMgqg5eaRq2KnwwF0ZM6KTCW_El3-N1Y1qupQWixVIFCtx9_Gz6qakkrQ74chl_LtfyglBiVRKSa1Nvbmwt0a7qs7kmv5F8Eux3b4E1 |
|
.office.com/ | Name: MUID Value: 27F5F3446E2D6709139DE28F6A2D6CEC |
|
forms.office.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 9f9ae4d8-d369-4d42-98a6-e042d03e00e1 |
|
forms.office.com/ | Name: ai_session Value: ES4kf0o1ju+VcVsiQFl6dZ|1655905847078|1655905847078 |
|
.bing.com/ | Name: MUID Value: 27F5F3446E2D6709139DE28F6A2D6CEC |
|
.c.bing.com/ | Name: SRM_B Value: 27F5F3446E2D6709139DE28F6A2D6CEC |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
|
.microsoft.com/ | Name: MC1 Value: GUID=d9f1075d65c04c0cbf40d5d0c2e0968d&HASH=d9f1&LV=202206&V=4&LU=1655905848461 |
|
.microsoft.com/ | Name: MS0 Value: 86d7209de6594b5faaa000f23ee19561 |
|
forms.office.com/ | Name: MSFPC Value: GUID=d9f1075d65c04c0cbf40d5d0c2e0968d&HASH=d9f1&LV=202206&V=4&LU=1655905848461 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8gd8j5d4.r.eu-west-1.awstrack.me
bit.ly
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
20.234.93.27
23.48.23.38
2620:1ec:49::45
2620:1ec:a92::194
2620:1ec:c11::200
51.116.246.105
52.109.88.76
52.208.106.2
67.199.248.11
19742c25d78e65c41c63fbf5ba097a9875c68af1a111ea1d9772f63ad2f25863
1e471b14b6fa44dcf994c7e9f4ef447e4f7eaa5ad492ad19b55d5c49be4c8872
22ef920eefb34b747f040a39a5437b6bb725a751eec77bfd6da6b39ac7f645b9
26e3b520da7d0674974df0aa9c8eb8d53ee9433622f8f8a7cd7738ead09490f6
3070799d1a61e36670b52220922620aed44f3ccc610f31320d024ed8ad8a8797
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505d3664b4318563b0e7e5096e930a98debdad10c637be2df5fea2f005e8ca10
726bf9bac601aa85c3418949343bdb181818f46a833f2680e2172589f8054166
79dfcd530f9506a716f1d3b252fb403a72ae447b8f1d4f5b3f7dcd6b1a6ff39e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a168e695c6b9a0e5efcd4a6abbdbf03241ab6c39e417f86fa1b5c8b89d8f6a3c
ad6973ea52e0cc95205cbf49364dbe927f210c3ae7b35381d38d83ab3eea82b6
c507c336515da6bf4f7659618ca654ef41399ca24c9d8484a3eb94a741a04ec1
d3a94e3b1871a1a451598084b27ce9d8cafbcae782e2e32418cd29afebc64481
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee821dce5f00399b2c202c65e1531158387458aef52289b8c5d640231ebcf838