forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDR...
Submission: On June 23 via manual from IN
Summary
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 30th 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 5.180.186.28 5.180.186.28 | 203576 (INTERNETB...) (INTERNETBILISIM) | |
1 1 | 2606:4700:10:... 2606:4700:10::6814:8b41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
8 | 2.20.142.209 2.20.142.209 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.114.88.28 52.114.88.28 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 6 |
ASN203576 (INTERNETBILISIM, TR)
PTR: server28.tr186.dhs.com.tr
700x.emprenye-basinclikaplar.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-142-209.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
office.net
cdn.forms.office.net |
210 KB |
4 |
office.com
1 redirects
forms.office.com c.office.com |
22 KB |
1 |
microsoft.com
browser.pipe.aria.microsoft.com |
397 B |
1 |
bing.com
1 redirects
c.bing.com |
536 B |
1 |
tinyurl.com
1 redirects
tinyurl.com |
837 B |
1 |
emprenye-basinclikaplar.com
700x.emprenye-basinclikaplar.com |
809 B |
13 | 6 |
Domain | Requested by | |
---|---|---|
8 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
2 | c.office.com | 1 redirects |
2 | forms.office.com |
700x.emprenye-basinclikaplar.com
forms.office.com |
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | tinyurl.com | 1 redirects |
1 | 700x.emprenye-basinclikaplar.com | |
13 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com DigiCert Cloud Services CA-1 |
2021-01-30 - 2022-01-29 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2020-10-19 - 2021-10-19 |
a year | crt.sh |
c.msn.com Microsoft RSA TLS CA 02 |
2021-02-03 - 2022-02-03 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2020-09-14 - 2021-09-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Frame ID: AC0E7B1FD30824EE0F831CE3A62BFA96
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://700x.emprenye-basinclikaplar.com/ Page URL
-
https://tinyurl.com/kze5nzzn
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3V... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy and cookies
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://700x.emprenye-basinclikaplar.com/ Page URL
-
https://tinyurl.com/kze5nzzn
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&RedC=c.office.com&MXFR=0EF1EFFB486C691D1063FFA44C6C624C HTTP 302
- https://c.office.com/c.gif?CtsSyncId=91D347CF1D754431B2D32A9AFEE87359&MUID=0EF1EFFB486C691D1063FFA44C6C624C
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
700x.emprenye-basinclikaplar.com/ |
821 B 809 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ Redirect Chain
|
66 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')
forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/ |
216 B 566 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.43f90d1.css
cdn.forms.office.net/forms/css/dist/ |
124 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.7067095.js
cdn.forms.office.net/forms/scripts/dists/ |
235 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.828.e0e72f6.js
cdn.forms.office.net/forms/scripts/dists/ |
0 9 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.ext.c6f7f9c.js
cdn.forms.office.net/forms/scripts/dists/ |
0 40 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.post.boot.9c823ec.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.828.e0e72f6.js
cdn.forms.office.net/forms/scripts/dists/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.ext.c6f7f9c.js
cdn.forms.office.net/forms/scripts/dists/ |
146 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bird.png
cdn.forms.office.net/forms/images/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache function| setPublicPath function| replaceChunkSrc object| webpackChunk object| lrpIoC3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: AADNonce.forms Value: 0ec0bab0-cf66-4bf7-a5c1-540154088e53.637600533044360177 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: fL8v_lJUIY42pzyMErnRhk2fswEfsLNrdybPpUQehJUuXxyJjFkVCUH9CKID6z3TIBHfIdq1u03oFupZUbHi6eYQXs5jPPwrRkAXZYZlvEQ1 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
700x.emprenye-basinclikaplar.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
tinyurl.com
2.20.142.209
2606:4700:10::6814:8b41
2620:1ec:a92::194
2620:1ec:c11::200
5.180.186.28
52.114.88.28
52.142.114.2
15143c9ed7df17e2c3858869c31f102081578ce9144062cd61876900624086db
2329f44ea0b613d0f610c81f99c69da940d44d531bc84509231c6cc2049ef400
286301adcd28265f7ce8a58113045c94447324fbaa98fb97abee351670b6391e
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
5f57ec013efe9b0e7001623e483d8df4a22555e9054d0e0123ef5e58e77b94fa
63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c6f68eb6b7f7267b2d44f5aafc28d090393ccd8fd7f462a1336e27e5a45a37fd
cba665d23141694ee58f36fc30e3a0b5bbe4a8d9bed80bc7f2026bb288d187c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855