![](/screenshots/b7485530-f2b9-4d12-846f-2c4cebf457f4.png)
forms.office.com
Open in
urlscan Pro
2620:1ec:a92::194
Public Scan
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWO...
Submission: On September 08 via manual from US — Scanned from NL
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 160.153.131.195 160.153.131.195 | 20773 (GODADDY) (GODADDY) | |
1 4 | 2620:1ec:a92:... 2620:1ec:a92::194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
8 | 104.83.4.106 104.83.4.106 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.109.68.85 52.109.68.85 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 20.234.93.27 20.234.93.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:46::45 2620:1ec:46::45 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 52.178.17.3 52.178.17.3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
20 | 7 |
ASN20773 (GODADDY, DE)
PTR: ip-160-153-131-195.ip.secureserver.net
ciclo-tech.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-106.deploy.static.akamaitechnologies.com
cdn.forms.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com | |
browser.pipe.aria.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 24530 |
237 KB |
8 |
office.com
2 redirects
forms.office.com — Cisco Umbrella Rank: 13165 lists.office.com — Cisco Umbrella Rank: 41946 c.office.com — Cisco Umbrella Rank: 52864 |
192 KB |
5 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 839 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 393 |
2 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 4587 |
61 KB |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 408 |
664 B |
1 |
ciclo-tech.com
1 redirects
ciclo-tech.com |
144 B |
20 | 6 |
Domain | Requested by | |
---|---|---|
8 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
4 | browser.events.data.microsoft.com |
js.monitor.azure.com
|
4 | forms.office.com |
1 redirects
forms.office.com
cdn.forms.office.net |
2 | c.office.com | 1 redirects |
2 | lists.office.com | |
1 | browser.pipe.aria.microsoft.com |
cdn.forms.office.net
|
1 | js.monitor.azure.com |
cdn.forms.office.net
|
1 | c.bing.com | 1 redirects |
1 | ciclo-tech.com | 1 redirects |
20 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
go.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
cdn.forms.office.net Microsoft RSA TLS CA 01 |
2021-10-12 - 2022-10-12 |
a year | crt.sh |
lists.office.com Microsoft RSA TLS CA 02 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06 |
2022-06-26 - 2023-06-21 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2022-05-21 - 2023-05-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email=
Frame ID: 0FD0A3E347FA1C1AE081FB59C20F5104
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/b7485530-f2b9-4d12-846f-2c4cebf457f4.png)
Page Title
.-Page URL History Show full URLs
-
https://ciclo-tech.com/
HTTP 302
https://forms.office.com/r/5f0Nfx5Kn4?email= HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LS... Page URL
Detected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Gebruiksvoorwaarden
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ciclo-tech.com/
HTTP 302
https://forms.office.com/r/5f0Nfx5Kn4?email= HTTP 301
https://forms.office.com/pages/responsepage.aspx?id=VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u&email= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://c.office.com/c.gif HTTP 302
- https://c.bing.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&RedC=c.office.com&MXFR=18B9EA32E9DB6FA73E22F82BEDDB6465 HTTP 302
- https://c.office.com/c.gif?CtsSyncId=525E28F9D9384F74ABB6033DE3A9B343&MUID=18B9EA32E9DB6FA73E22F82BEDDB6465
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
responsepage.aspx
forms.office.com/pages/ Redirect Chain
|
52 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.nl.b0bdc03d3.js
cdn.forms.office.net/forms/scripts/dists/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.f1a5b38.css
cdn.forms.office.net/forms/css/dist/ |
139 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.b3504e2.js
cdn.forms.office.net/forms/scripts/dists/ |
277 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtimeFormsWithResponses('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u')
forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/light/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.d949f62.js
cdn.forms.office.net/forms/scripts/dists/ |
0 58 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.0b0a22c.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.d949f62.js
cdn.forms.office.net/forms/scripts/dists/ |
205 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.0b0a22c.js
cdn.forms.office.net/forms/scripts/dists/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ |
945 B 831 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0830e354-c8b2-4544-99d5-24a6bd756c4a
lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/ |
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
36f26d28-dd07-4614-8d8e-a0fb4a9c2769
lists.office.com/Images/a10b5f55-1934-41b0-8357-bf249e55c0fe/b80143ab-7105-434d-b489-f4b11d4ba81e/T6MKHZNJZD7ED3JLSAV86VV4P5/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
'nl'
forms.office.com/formapi/api/a10b5f55-1934-41b0-8357-bf249e55c0fe/users/b80143ab-7105-434d-b489-f4b11d4ba81e/forms('VV8LoTQZsEGDV78knlXA_qtDAbgFcU1DtIn0sR1LqB5UNk1LSFpOSlpEN0VEM0pMU0FWODZWVjRQNS4u'... |
2 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office.com/ Redirect Chain
|
42 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
179 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.forms.office.com/ | Name: FormsWebSessionId Value: 3bccf210-8212-4b26-a215-affd6058214f |
|
.forms.office.com/ | Name: usenewauthrollout Value: True |
|
forms.office.com/ | Name: __RequestVerificationToken Value: Ylydx6xwu4dTn0SWukJvWUI1wQ2U_6SRZnQj9eEWPetTJb8x_nBfLxfIfeWn35H9maaLkN5tUpoOzfofPDH9hdekdJQW8FG1t4XzKTXOEW41 |
|
forms.office.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: d707d598-4d92-46c8-940d-29bc644f8637 |
|
forms.office.com/ | Name: ai_session Value: 1fujL0/c4QSXa5zHkK9iv3|1662642079527|1662642079527 |
|
.office.com/ | Name: MUID Value: 18B9EA32E9DB6FA73E22F82BEDDB6465 |
|
.bing.com/ | Name: MUID Value: 18B9EA32E9DB6FA73E22F82BEDDB6465 |
|
.c.bing.com/ | Name: SRM_B Value: 18B9EA32E9DB6FA73E22F82BEDDB6465 |
|
.c.office.com/ | Name: SM Value: C |
|
.c.office.com/ | Name: ANONCHK Value: 0 |
|
.microsoft.com/ | Name: MC1 Value: GUID=0df615b90c1c44ac962dd78eb82f838b&HASH=0df6&LV=202209&V=4&LU=1662642080720 |
|
.microsoft.com/ | Name: MS0 Value: 4b54849486c046d3a5e1ffe4e0a7e69d |
|
forms.office.com/ | Name: MSFPC Value: GUID=0df615b90c1c44ac962dd78eb82f838b&HASH=0df6&LV=202209&V=4&LU=1662642080720 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
ciclo-tech.com
forms.office.com
js.monitor.azure.com
lists.office.com
104.83.4.106
160.153.131.195
20.234.93.27
2620:1ec:46::45
2620:1ec:a92::194
2620:1ec:c11::200
52.109.68.85
52.178.17.3
0b7ec81d52448b87872e37a7a74c620f6a2e76e7a6cc9579bcf76f3258e4ab62
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
2288e753882cc2b06878a3da785b143f356b27959178b1b3ff290b33505b8562
2ff1ce4734fa21a142be01922ca88b76f0b1592d0237de74d8eb4727341f5965
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
534c30e7266ce636ee47821bb799be36ac8367e3d80f0215426f427548c9645d
67544599c05d4b417a48e75241739993c54b2a4cc49e2571bfe29fe50a646211
7cc7871d666c218e4e9c487255def4174e7ddae1a68586320d0e001896951cea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a46bfdb28eff58485e4c44059ad0fd3d42c05d4bb29994e437681af00e5d77ab
da7acc6b9d42ea5c03d6721f769bfb26a6ae43960c1d2191e265a5301a23bc3a
e2a91b9bae2fbff40f76fc53f4cbbd1bc10e1b20df54a8f4e0db8f307b36d617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda5cd8027ccfde284f47c10c79b4006c258fc48c9312fc7d0ed31f1189b2014
f36ef710a48ebc1fb8821de2d832d5a786c2023179c0c2834d25bedbfad763cc