forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDR...
Submission: On June 21 via manual from MY
Summary
TLS certificate: Issued by DigiCert Cloud Services CA-1 on January 30th 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 5.180.186.28 5.180.186.28 | 203576 (INTERNETB...) (INTERNETBILISIM) | |
1 1 | 2606:4700:10:... 2606:4700:10::6814:8a41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2.16.107.112 2.16.107.112 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.109.88.24 52.109.88.24 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.114.158.91 52.114.158.91 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
21 | 9 |
ASN203576 (INTERNETBILISIM, TR)
PTR: server28.tr186.dhs.com.tr
482x.emprenye-basinclikaplar.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-112.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
office.net
cdn.forms.office.net |
266 KB |
6 |
office.com
1 redirects
forms.office.com lists.office.com c.office.com |
70 KB |
3 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com |
1 KB |
1 |
bing.com
1 redirects
c.bing.com |
533 B |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com |
835 B |
1 |
emprenye-basinclikaplar.com
482x.emprenye-basinclikaplar.com |
809 B |
21 | 7 |
Domain | Requested by | |
---|---|---|
11 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
2 | c.office.com |
1 redirects
forms.office.com
|
2 | lists.office.com |
forms.office.com
|
2 | forms.office.com |
482x.emprenye-basinclikaplar.com
forms.office.com |
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | az725175.vo.msecnd.net |
cdn.forms.office.net
|
1 | tinyurl.com | 1 redirects |
1 | 482x.emprenye-basinclikaplar.com | |
21 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com DigiCert Cloud Services CA-1 |
2021-01-30 - 2022-01-29 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2020-10-19 - 2021-10-19 |
a year | crt.sh |
lists.office.com Microsoft RSA TLS CA 01 |
2020-10-02 - 2021-10-02 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
c.msn.com Microsoft RSA TLS CA 02 |
2021-02-03 - 2022-02-03 |
a year | crt.sh |
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02 |
2020-10-05 - 2021-10-05 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2020-09-14 - 2021-09-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u
Frame ID: A0CF6CA1FACBA3C891D466044D5C9272
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://482x.emprenye-basinclikaplar.com/ Page URL
-
https://tinyurl.com/kze5nzzn
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3V... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://482x.emprenye-basinclikaplar.com/ Page URL
-
https://tinyurl.com/kze5nzzn
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&RedC=c.office.com&MXFR=175872C53EC669150F7E62983AC662F7 HTTP 302
- https://c.office.com/c.gif?CtsSyncId=317D58A297314B35826E399260631EC9&MUID=175872C53EC669150F7E62983AC662F7
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
482x.emprenye-basinclikaplar.com/ |
821 B 809 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ Redirect Chain
|
67 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('Kea-l75wNUqgpAYmnTAirdhW_PCfclBDjEkMoXE91wdUMjM3VEFQSFpQT1ZFSUFKNVlDRlQ3QlVMVS4u')
forms.office.com/formapi/api/97bee629-70be-4a35-a0a4-06269d3022ad/users/f0fc56d8-729f-4350-8c49-0ca1713dd707/light/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.efe0bae.css
cdn.forms.office.net/forms/css/dist/ |
124 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.9a30557.js
cdn.forms.office.net/forms/scripts/dists/ |
240 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.vendors.15a6dfc.js
cdn.forms.office.net/forms/scripts/dists/ |
0 43 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.ext.7dd21bb.js
cdn.forms.office.net/forms/scripts/dists/ |
0 40 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.post.boot.ec31a7d.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.vendors.15a6dfc.js
cdn.forms.office.net/forms/scripts/dists/ |
133 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.ext.7dd21bb.js
cdn.forms.office.net/forms/scripts/dists/ |
151 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.post.boot.ec31a7d.js
cdn.forms.office.net/forms/scripts/dists/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ir_white_title.svg
cdn.forms.office.net/forms/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
immersive-reader-icon_black.svg
cdn.forms.office.net/forms/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.135ded1.js
cdn.forms.office.net/forms/scripts/dists/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a8927d76-9187-4b4b-8079-2c0a7bae4437
lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
55 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a1cf0090-c040-4b40-a5cf-1a746915d549
lists.office.com/Images/97bee629-70be-4a35-a0a4-06269d3022ad/f0fc56d8-729f-4350-8c49-0ca1713dd707/T237TAPHZPOVEIAJ5YCFT7BULU/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 966 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache function| setPublicPath function| replaceChunkSrc object| webpackJsonp object| lrpIoC object| awa string| behaviorKey5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: AADNonce.forms Value: 355070c6-d06d-437f-b32a-46ea869934ed.637598431226136207 |
|
forms.office.com/ | Name: MSFPC Value: GUID=7fcba007dbd040c68bfe30ee5959150f&HASH=7fcb&LV=202106&V=4&LU=1624246323347 |
|
.office.com/ | Name: MUID Value: 175872C53EC669150F7E62983AC662F7 |
|
forms.office.com/ | Name: __RequestVerificationToken Value: suCU1IGT_2RSMag8CbAqeqjV9q_R6RvDBTnSPGrOzwgPCpxQChP8ZPrDTtHNU1xwqZTD9O5pcavZDRV0eVpviSFUIXa8vwc2ne7zkbc4e-01 |
|
forms.office.com/ | Name: DcLcid Value: ui=1033&data=1033 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
482x.emprenye-basinclikaplar.com
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
lists.office.com
tinyurl.com
web.vortex.data.microsoft.com
152.199.19.160
2.16.107.112
2606:4700:10::6814:8a41
2620:1ec:a92::194
2620:1ec:c11::200
40.77.226.250
5.180.186.28
52.109.88.24
52.114.158.91
52.142.114.2
059d0d1f1255019d0b89f73a489a07ed854fe069f0524167f732ad35ab3a7fde
17a4ff6bf946f45fc6813e0c8c9470474158949088ef1084638eba8f679c20d9
1cc177aedbb05065acc31eb2299891b885d38295ffabc56943531a2e087579cc
285199987402bc3c43c6261c9792086fc87456d73ab1e94593efbe725f4f27ab
3562c341f22d62f5803590e99f994ccfb8bd40f95d2b88d55231b7c5c37da11c
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
49f496922194e0a78bf7b1451bb6dc5ce45ca44e7d6503a3c0d2677ae0058f94
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
55d49eca48abcab572633841cb6b7b911fe8188f49a58fe87eba98676cbc4c3b
78409f5cc567b44282a92b098dbe688f1b759274e410222c1661db67289ff9f0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa9c749681919b08b6b7979f6f436c1e3f1fd3fcf9bb1a091ad659a8dec8e0c4
b9c7805ac4ff8e80bbb2d741c81b4cd9bf2c338a52659edcfbb5741805a897bf
c92f3d15a19c72c5894fa54fbec2e4a8add6329fadc50219e7f2e977282b0fda
d1cd378f909e2de97cceac320072150a423e57e03a12c20e64eccb4d27e35d9d
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855