urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.hkirc.hk/cssurveyuser/index.htm
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyO...
Submission: On November 02 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 6 domains to perform 11 HTTP transactions. The main IP is 13.107.6.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 19th 2020. Valid for: 2 years.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:dca:1000... 9735 (HKDNR-AS-...)
2 13.107.6.194 8068 (MICROSOFT...)
2 2.16.177.90 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
1 52.109.88.13 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 40.77.226.250 8075 (MICROSOFT...)
1 52.114.132.73 8075 (MICROSOFT...)
11 9
1    2001:dca:1000::cb77:570e (Hong Kong)

ASN9735 (HKDNR-AS-AP Hong Kong Domain Name Registration Co. Ltd, HK)
www.hkirc.hk
2    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
2    2.16.177.90 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-90.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az725175.vo.msecnd.net
1    52.109.88.13 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    52.114.132.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Domain Requested by
2 web.vortex.data.microsoft.com az725175.vo.msecnd.net
2 c.office.com 1 redirects forms.office.com
2 cdn.forms.office.net forms.office.com
2 forms.office.com www.hkirc.hk
cdn.forms.office.net
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 lists.office.com forms.office.com
1 az725175.vo.msecnd.net forms.office.com
1 www.hkirc.hk
11 9

This site contains links to these domains. Also see Links.

Domain
www.hkirc.hk
go.microsoft.com
Subject Issuer Validity Valid
www.hkirc.hk
GlobalSign RSA OV SSL CA 2018		 2020-08-20 -
2021-08-31		 a year crt.sh
forms.office.com
GlobalSign Organization Validation CA - SHA256 - G3		 2020-02-19 -
2022-02-19		 2 years crt.sh
cdn.forms.office.net
Microsoft IT TLS CA 1		 2019-07-29 -
2021-07-29		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
lists.office.com
Microsoft RSA TLS CA 01		 2020-10-02 -
2021-10-02		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 01		 2020-10-07 -
2021-10-07		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 02		 2020-10-05 -
2021-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2020-09-14 -
2021-09-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Frame ID: 2CD6A72A390B24238691E42D36D5DC55
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.hkirc.hk/cssurveyuser/index.htm Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

11
Requests

100 %
HTTPS

22 %
IPv6

6
Domains

9
Subdomains

9
IPs

5
Countries

263 kB
Transfer

825 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hkirc.hk/cssurveyuser/index.htm Page URL
  2. https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&RedC=c.office.com&MXFR=28C92E9CB33B63602DA321EAB73B680F HTTP 302
  • https://c.office.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&MUID=28C92E9CB33B63602DA321EAB73B680F

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.htm
www.hkirc.hk/cssurveyuser/ 		286 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hkirc.hk/cssurveyuser/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:dca:1000::cb77:570e , Hong Kong, ASN9735 (HKDNR-AS-AP Hong Kong Domain Name Registration Co. Ltd, HK),
Reverse DNS
Software
Apache /
Resource Hash
f2f633f620a305d1ae27267036dedf448a81b7f46a7259121b231b93f1192524
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
www.hkirc.hk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 09:07:24 GMT
Server
Apache
Last-Modified
Sun, 01 Nov 2020 02:53:19 GMT
ETag
"11e-5b302bb7430f5"
Accept-Ranges
bytes
Content-Length
286
X-Frame-Options
SAMEORIGIN
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=16070400; includeSubDomains
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		420 KB
118 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Requested by
Host: www.hkirc.hk
URL: https://www.hkirc.hk/cssurveyuser/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72bc9da11b82292fb3c658c8d1501e1d5182114769e48a0f4969ef3c1bb65ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.hkirc.hk/cssurveyuser/index.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.hkirc.hk/cssurveyuser/index.htm

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Tue, 02-Feb-2021 09:07:24 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=YQvkaS4rAVq86IKfEu7IDrJE4yLVxArf6EWyzcaV9Zlcqa0gGjcI9TCkRJFB97kuOfqexp4RmZ8KXBAi2NARZh-0us4W_OkJFlRQ_jtanT01; path=/; samesite=none; secure; HttpOnly AADNonce.forms=90d56ab2-f367-4257-9284-5510cf35c01a.637399048454513638; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-routingofficecluster
weu-000.forms.office.com
x-routingofficefe
FormsSingleBox_IN_15
x-routingofficeversion
16.0.13427.36678
x-routingsessionid
5fabf21b-f702-4733-b53a-2bee647f5f9b
x-routingcorrelationid
2dca4102-e865-4cc1-990b-c517bbd65692
x-correlationid
2dca4102-e865-4cc1-990b-c517bbd65692
x-usersessionid
5fabf21b-f702-4733-b53a-2bee647f5f9b
x-officefe
FormsSingleBox_IN_12
x-officeversion
16.0.13427.36678
x-officecluster
weu-000.forms.office.com
x-failurereason
MissingCookieOrToken
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-aspnet-version
x-powered-by
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-msedge-ref
Ref A: CFA52DB20DD94F33A124AA88114A98EF Ref B: HEL01EDGE1209 Ref C: 2020-11-02T09:07:24Z
date
Mon, 02 Nov 2020 09:07:25 GMT
light-response-page.chunk.vendors.08c888b.js
cdn.forms.office.net/forms/scripts/dists/ 		133 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.08c888b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-90.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08e736a167410f50f921bcedadd98b384ce0b70a8face51e1292d99db094af2f

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Nov 2020 09:07:25 GMT
content-encoding
br
content-md5
dp9Q9Lkpp/GrKCkPu8BBeA==
status
200
content-length
43201
x-ms-lease-status
unlocked
last-modified
Thu, 29 Oct 2020 03:18:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D87BB947C3E138
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8ebf7c5a-401e-009a-4cb9-add811000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Nov 2021 09:07:25 GMT
light-response-page.chunk.ext.9bed1f2.js
cdn.forms.office.net/forms/scripts/dists/ 		160 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.9bed1f2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.177.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-90.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7144f9ccbebb2387c06f80d6c2ddff99f4171358d3f5fdb35ef270880fc801ef

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Nov 2020 09:07:25 GMT
content-encoding
br
content-md5
ldg0YiYcBJ5ufasnPQhV5g==
status
200
content-length
42093
x-ms-lease-status
unlocked
last-modified
Thu, 29 Oct 2020 03:18:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D87BB9479267E5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73c5662f-c01e-012e-47b9-ad9246000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Nov 2021 09:07:25 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Origin
https://forms.office.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
jsll-4.js
az725175.vo.msecnd.net/scripts/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az725175.vo.msecnd.net/scripts/jsll-4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7AD) /
Resource Hash
0cd276ca60dcb0f9d19cdf696f5c75e68ba28ed9115b0171c6138cfdbad5c694

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Nov 2020 09:07:25 GMT
content-encoding
gzip
content-md5
6MuJ0polBYxf+MsUfabf2Q==
age
646
x-cache
HIT
status
200
content-length
18365
x-ms-lease-status
unlocked
last-modified
Wed, 07 Oct 2020 19:06:44 GMT
server
ECAcc (ska/F7AD)
etag
0x8D86AF42210ED79
vary
Accept-Encoding
content-type
text/javascript; charset="utf-8"
x-ms-request-id
aaf33ad1-d01e-002c-69f6-b04d16000000
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
c27e5d0f-eafc-4452-942e-6e924e7f6ab0
lists.office.com/Images/bb428b72-187d-401f-ac24-2896c0654647/0c86178c-b8d4-4bf8-a468-1f3af864887e/T4LTU1XAG64Q91YRN02974BYCD/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/bb428b72-187d-401f-ac24-2896c0654647/0c86178c-b8d4-4bf8-a468-1f3af864887e/T4LTU1XAG64Q91YRN02974BYCD/c27e5d0f-eafc-4452-942e-6e924e7f6ab0
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.13 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a05e3a08e116e8bfb596e3923b14919f9036084bd8e944d45027313bc7c43199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-routingofficeversion
16.0.13426.36256
x-aspnet-version
x-powered-by
content-type
image/png
status
200
cache-control
no-cache
date
Mon, 02 Nov 2020 09:07:27 GMT
x-routingsessionid
f55ffa2f-a0e7-4398-82af-f36bdfd2ed23
x-routingcorrelationid
f59a0c96-5d3b-4cf4-a8e5-73d0f6f20ee1
x-hivering
3
x-routingofficecluster
weu-000.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_4
expires
-1
GetHashResourceStrings
forms.office.com/Pages/ResponsePage.aspx/ 		26 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx/GetHashResourceStrings?lang=en-gb
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.9bed1f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d74fb4fb56160358b8d53267ff156bdd64b4110392dcace1fe6bd6bef266e349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
515062f9-990d-4ed6-9f81-3102be2e40e7
x-usersessionid
5fabf21b-f702-4733-b53a-2bee647f5f9b
x-ms-form-request-ring
business
authorization
content-type
application/json
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
odata-maxverion
4.0
__requestverificationtoken
Gzj3mQijrLUsxVCFe0isk3tk_r2V08kc4H75NH-ntVEp_WrZc-oJmhtTuHe1vFTm36UD84siO1mwZyVaT5wHSqjbxGqxC9Wvw3cCWFs4pow1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
shareinvitationkey
undefined
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.13427.36678
x-officefe
FormsSingleBox_IN_4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
9674
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.13427.36678
x-correlationid
515062f9-990d-4ed6-9f81-3102be2e40e7
x-officecluster
weu-001.forms.office.com
x-usersessionid
5fabf21b-f702-4733-b53a-2bee647f5f9b
x-powered-by
date
Mon, 02 Nov 2020 09:07:25 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
515062f9-990d-4ed6-9f81-3102be2e40e7
cache-control
private, max-age=0
x-failurereason
MissingCookieOrToken
x-routingsessionid
5fabf21b-f702-4733-b53a-2bee647f5f9b
x-msedge-ref
Ref A: 71099D4740DD48B48D20FA340DA61082 Ref B: HEL01EDGE1209 Ref C: 2020-11-02T09:07:25Z
x-routingofficecluster
weu-001.forms.office.com
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&RedC=c.office.com&MXFR=28C92E9CB33B63602DA321EAB73B680F
  • https://c.office.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&MUID=28C92E9CB33B63602DA321EAB73B680F
42 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&MUID=28C92E9CB33B63602DA321EAB73B680F
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 09:07:26 GMT
etag
"4ac1f9bd94acd61:0"
last-modified
Tue, 27 Oct 2020 19:09:49 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status
200
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 09:07:25 GMT
x-msedge-ref
Ref A: C8DCADEA92E040A8B656F40FF20B0B07 Ref B: FRAEDGE1206 Ref C: 2020-11-02T09:07:26Z
x-powered-by
ASP.NET
status
302
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?&CtsSyncId=D722210205F343B4A72CA4734DD6AAB4&MUID=28C92E9CB33B63602DA321EAB73B680F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272020-11-02T09%3A07%3A25.837Z%27&os=%27MacOS%27&appId=%27JS%3Aforms.office.com%27&-ver=%271.0%27&-impressionGuid=%277e1bb6ba-e5f7-4063-93e5-08cbfb63d4f7%27&-pageName=%27ResponsePage.aspx%27&-uri=%27https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DcotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u%27&-referrerUri=%27https%3A%2F%2Fwww.hkirc.hk%2Fcssurveyuser%2Findex.htm%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27HK%20Internet%20Reg.%20Corp.%20Ltd.%20(HKIRC)%20Customer%20Satisfaction%20Survey%20(Users)%27&*isLoggedIn=false&*flashInstalled=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.3%27&ext-javascript-domain=%27forms.office.com%27&ext-javascript-userConsent=false&$mscomCookies=false
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
362b9453af75bd99e45a34133bb2711c6bda2c305f4c722ede7dceaa84a51931
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 09:07:25 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
FJK49EfdpE+7PIZhdTMX0A.0
Content-Type
application/javascript
Content-Length
281
Expires
0
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Dd6d299d63592459dbca80bb2f30a3cb4%26HASH%3Dd6d2%26LV%3D202011%26V%3D4%26LU%3D1604308046015%27
Requested by
Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1604308048122&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.9bed1f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.114.132.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=cotCu30YH0CsJCiWwGVGR4wXhgzUuPhLpGgfOvhkiH5UNExUVTFYQUc2NFE5MVlSTjAyOTc0QllDRC4u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 09:07:27 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
446
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| perf__ function| setPublicPath function| replaceChunkSrc object| webpackJsonp object| lrpIoC object| awa string| behaviorKey

5 Cookies

Domain/Path Name / Value
.office.com/ Name: MUID
Value: 28C92E9CB33B63602DA321EAB73B680F
.forms.office.com/ Name: AADNonce.forms
Value: 90d56ab2-f367-4257-9284-5510cf35c01a.637399048454513638
forms.office.com/ Name: MSFPC
Value: GUID=d6d299d63592459dbca80bb2f30a3cb4&HASH=d6d2&LV=202011&V=4&LU=1604308046015
forms.office.com/ Name: __RequestVerificationToken
Value: YQvkaS4rAVq86IKfEu7IDrJE4yLVxArf6EWyzcaV9Zlcqa0gGjcI9TCkRJFB97kuOfqexp4RmZ8KXBAi2NARZh-0us4W_OkJFlRQ_jtanT01
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options SAMEORIGIN