forms.officeppe.com
Open in
urlscan Pro
52.229.173.246
Public Scan
Effective URL: https://forms.officeppe.com/
Submission: On May 16 via manual from US
Summary
TLS certificate: Issued by Microsoft IT TLS CA 1 on March 29th 2019. Valid for: 2 years.
This is the only time forms.officeppe.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 52.229.173.246 52.229.173.246 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2.19.34.64 2.19.34.64 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 40.126.1.160 40.126.1.160 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 2 | 20.36.240.114 20.36.240.114 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 13.107.5.86 13.107.5.86 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 | 52.114.158.52 52.114.158.52 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 1 | 2a01:111:2010... 2a01:111:2010:7::ff17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 52.109.76.19 52.109.76.19 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:286::2b57 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
21 | 10 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
forms.officeppe.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az725175.vo.msecnd.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-64.deploy.static.akamaitechnologies.com
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
web.vortex.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.windows-ppe.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.officeppe.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
c.bing-int.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
browser.pipe.aria.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.live.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
forms.office.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
officeppe.com
2 redirects
forms.officeppe.com c.officeppe.com |
219 KB |
5 |
microsoft.com
web.vortex.data.microsoft.com browser.pipe.aria.microsoft.com uhf.microsoft.com |
11 KB |
1 |
office.com
forms.office.com |
|
1 |
live.com
1 redirects
login.live.com |
666 B |
1 |
bing-int.com
1 redirects
c.bing-int.com |
630 B |
1 |
windows-ppe.net
login.windows-ppe.net |
|
1 |
sharepointonline.com
static2.sharepointonline.com |
36 KB |
1 |
msecnd.net
az725175.vo.msecnd.net |
18 KB |
21 | 8 |
Domain | Requested by | |
---|---|---|
11 | forms.officeppe.com |
1 redirects
forms.officeppe.com
|
2 | browser.pipe.aria.microsoft.com |
forms.officeppe.com
|
2 | c.officeppe.com |
1 redirects
forms.officeppe.com
|
2 | web.vortex.data.microsoft.com |
az725175.vo.msecnd.net
|
1 | uhf.microsoft.com |
forms.officeppe.com
|
1 | forms.office.com |
forms.officeppe.com
|
1 | login.live.com | 1 redirects |
1 | c.bing-int.com | 1 redirects |
1 | login.windows-ppe.net |
forms.officeppe.com
|
1 | static2.sharepointonline.com |
forms.officeppe.com
|
1 | az725175.vo.msecnd.net |
forms.officeppe.com
|
21 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.officeppe.com Microsoft IT TLS CA 1 |
2019-03-29 - 2021-03-29 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
*.sharepointonline.com Microsoft IT TLS CA 2 |
2017-11-03 - 2019-11-03 |
2 years | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 5 |
2018-01-30 - 2020-01-30 |
2 years | crt.sh |
graph.windows.net Microsoft IT TLS CA 2 |
2019-01-03 - 2021-01-03 |
2 years | crt.sh |
c.msn-int.com Microsoft IT TLS CA 5 |
2018-09-13 - 2020-09-13 |
2 years | crt.sh |
*.events.data.microsoft.com Microsoft IT TLS CA 2 |
2017-11-07 - 2019-11-07 |
2 years | crt.sh |
forms.office.com Microsoft IT TLS CA 4 |
2019-02-26 - 2021-02-26 |
2 years | crt.sh |
unistore.www.microsoft.com Microsoft IT TLS CA 5 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://forms.officeppe.com/
Frame ID: 45019B0E6C2DF4BD8963BF12BCDF0533
Requests: 19 HTTP requests in this frame
Frame:
https://login.windows-ppe.net/common/oauth2/authorize?response_mode=form_post&response_type=id_token+code&scope=openid&mkt=en-US&msafed=0&nonce=d3a45fc0-51ca-40bc-8a7e-949696e6675d.636936094014544229&state=https:%2f%2fforms.officeppe.com%2fPages%2fSilentSignInComplete.aspx&client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&redirect_uri=https:%2f%2fforms.officeppe.com%2fauth%2fsignin&prompt=none
Frame ID: 1D56E578E71D0085EB202FA67429B358
Requests: 1 HTTP requests in this frame
Frame:
https://forms.office.com/
Frame ID: 24AB1F2A6961754A01654AF02C6227AB
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://forms.officeppe.com/
HTTP 301
https://forms.officeppe.com/ Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
React (JavaScript Frameworks) Expand
Detected patterns
- env /^React$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://forms.officeppe.com/
HTTP 301
https://forms.officeppe.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://c.officeppe.com/c.gif HTTP 302
- https://c.bing-int.com/c.gif?&ctsa=mr&CtsSyncId=9FCD8181265B402F8EA47531EB872B69&RedC=c.officeppe.com&MXFR=2D49BAA5F59362312C80B7FBF1936B03 HTTP 302
- https://c.officeppe.com/c.gif?&ctsa=mr&CtsSyncId=9FCD8181265B402F8EA47531EB872B69&MUID=2D49BAA5F59362312C80B7FBF1936B03
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1558012601&rver=7.0.6731.0&wp=MBI_SSL_SHORT&wreply=https:%2F%2Fforms.officeppe.com%2Fauthredir%3Furl%3Dhttps%253a%252f%252fforms.officeppe.com%253a443%252fPages%252fSilentSignInComplete.aspx%26hurl%3DjKwFE4%252b4Fwc744ZuMf3nF1TIWLoTrLQlwGWnAdrVDGE%253d.ukytOTEK38cSN3wId1s8p6JmKEh78AsnYzkVq3f6I0Q%253d%26ipt%3D0%26si%3D1&lc=1033&id=295313 HTTP 302
- https://forms.office.com/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
forms.officeppe.com/ Redirect Chain
|
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-page.min.css
forms.officeppe.com/css/dist/ |
281 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aria-webjs-sdk-1.6.0.min.js
forms.officeppe.com/Scripts/Vendors/aria/ |
45 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.4.min.js
forms.officeppe.com/Scripts/Vendors/jQuery/ |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
underscore.min.js
forms.officeppe.com/Scripts/Vendors/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
odatajs-4.0.0.min.js
forms.officeppe.com/Scripts/Vendors/ |
67 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adal.min.js
forms.officeppe.com/Scripts/Vendors/adal/1.0.7/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react.min.js
forms.officeppe.com/Scripts/Vendors/react-16.8.6/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react-dom.min.js
forms.officeppe.com/Scripts/Vendors/react-16.8.6/ |
106 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsll-4.js
az725175.vo.msecnd.net/scripts/ |
54 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-page.min.js
forms.officeppe.com/Scripts/dists/ |
267 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
260 B 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
authorize
login.windows-ppe.net/common/oauth2/ Frame 1D56 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.officeppe.com/ Redirect Chain
|
42 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
260 B 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
forms.office.com/ Frame 24AB Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 398 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
GetResourceStrings
forms.officeppe.com/Default.aspx/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OfficeForms
uhf.microsoft.com/en-US/shell/xml/ |
51 KB 8 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- forms.officeppe.com
- URL
- https://forms.officeppe.com/Default.aspx/GetResourceStrings
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| OfficeFormServerInfo object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| $ function| jQuery function| _ function| init object| datas object| modules function| require object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore object| Logging function| AuthenticationContext object| React object| ReactDOM object| awa string| behaviorKey function| escapeRegExp function| formatNumber function| extractDigits function| removeQuatos function| parseStringToDateLabels function| getTime function| __extends function| __assign object| OfficeForm object| stringDelimiter object| dateLabelsRegExp object| Forms undefined| formsDetectUserLoggedInCallback4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.windows-ppe.net/ | Name: stsservicecookie Value: estsppe |
|
.login.windows-ppe.net/ | Name: esctx Value: AQABAAAAAAD7Y3bgsV5xQokrkXZTBe3TOyUhuvIyA5ffBC9hsjoJBCjaazxgFo1pJUox-0OPntgKraHU-omULPeyFdpk1zWm0cVoto4Wz8ts3TG0uJr6Z1s99wr8LiBwxMxX--eX7r17py1R_qSLmrISgosJgDKao_TMVQRKgdSL9uHqx6ncVx5yqIVaBAsyHkd-x2EAeeUgAA |
|
login.windows-ppe.net/ | Name: fpc Value: AjEOdOOBYWxHmEUwZcfNDjg3TWwKAQAAAMNZb9QOAAAA |
|
login.windows-ppe.net/ | Name: buid Value: AQABAAEAAAD7Y3bgsV5xQokrkXZTBe3TCAoZfrf4UnN4KosTOYMRS4SxRITcbhb6El9N0N88SeRVZDoHLEbYKyAmXsXiKe4I1ZDJwrUcQXjVJeq_VDI81AQplAP28t4-pE_T7c-j_fsgAA |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az725175.vo.msecnd.net
browser.pipe.aria.microsoft.com
c.bing-int.com
c.officeppe.com
forms.office.com
forms.officeppe.com
login.live.com
login.windows-ppe.net
static2.sharepointonline.com
uhf.microsoft.com
web.vortex.data.microsoft.com
forms.officeppe.com
13.107.5.86
152.199.19.160
2.19.34.64
20.36.240.114
2a01:111:2010:7::ff17
2a02:26f0:6c00:286::2b57
40.126.1.160
40.77.226.250
52.109.76.19
52.114.158.52
52.229.173.246
260a1e2cc492cba277470a05ad2570b0c8c5548a1f196a2c9a74e15d35918d1d
3030bf32bef3469e9ae32a37b3acc655653bfda156e3114f581387bcf7b1e2a4
557f59a9a4b8d93300764f80c6c5369e5013e4956192e5c623d0b456fe8dc15c
600924389e06154aef3c09041fe9f963ff54333435177f2218ca33bd4c2017dd
74660eb19364a3a32cf1c30c12b9a824b41991d62e9c0ba4eddd14ae383d6059
8606fbc63c308285e6ed7b12089f1e3eb48a9bd9d76090ea9abb99c2b607e6e9
9304a4a1fd87193bddd68da11cb24e4fb13f596862167d3098e70a56f9db7501
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d91ecd68cd95dd212cd25b8344f3e83aac549f3ebe4ce7bf01ff56ff8083b78
b29f279fd0328476a46b189bcea42c22cb85fdf350e940e1c0938c00444cb31b
c8318218f5498ab0fc8fe18d3a2fe2d4d41e363dadfd8ae11bfdd0f692b6f25f
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbfa4af18fb4f0e9c8a31d6654eac92d0f82dc895c6e5f49b54a8de51e5923
f7ebd2a9aae0dbd4a44593e01ea1a16a4e9f0270135377c43e4375630fa2db9b
f96f0244e3dc0af131f5aa755b90988d95de5f4a6a6a648c0f93df934b3f4ccc