atpscan.global.hornetsecurity.com Open in urlscan Pro
94.100.136.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://atpscan.global.hornetsecurity.com/index.php?atp_str=pCADENaLTuIjlP58jBEQ3Umd7Ld1W-byaeOTf_HW3w3MObpIaWnbDOUokX-d0Kospn-geBxeOAcs-R...
Effective URL:
https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUg...
Submission: On October 08 via manual (October 8th 2020, 1:33:57 pm UTC) from US

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 28 HTTP transactions. The main IP is 94.100.136.44, located in Germany and belongs to SSERV-AS, DE. The main domain is atpscan.global.hornetsecurity.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 15th 2019. Valid for: 2 years.

This is the only time atpscan.global.hornetsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	94.100.136.44 94.100.136.44	24679 (SSERV-AS) (SSERV-AS)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2a02:26f0:f1:... 2a02:26f0:f1:28a::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:f1:... 2a02:26f0:f1:28c::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.114.132.22 52.114.132.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
28	7

15 94.100.136.44 (Germany) 1 redirects

ASN24679 (SSERV-AS, DE)

atpscan.global.hornetsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:f1:28a::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:28c::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onenote.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.25 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.114.132.22 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hornetsecurity.com 1 redirects atpscan.global.hornetsecurity.com	56 KB
7	office.net c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net	224 KB
2	akamaihd.net spoprod-a.akamaihd.net	201 KB
2	live.com onenote.officeapps.live.com
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	microsoft.com browser.pipe.aria.microsoft.com	397 B
28	6

	Domain	Requested by
15	atpscan.global.hornetsecurity.com	1 redirects atpscan.global.hornetsecurity.com
6	c1-onenote-15.cdn.office.net	atpscan.global.hornetsecurity.com
2	spoprod-a.akamaihd.net	atpscan.global.hornetsecurity.com
2	onenote.officeapps.live.com	atpscan.global.hornetsecurity.com
2	maxcdn.bootstrapcdn.com	atpscan.global.hornetsecurity.com maxcdn.bootstrapcdn.com
1	browser.pipe.aria.microsoft.com	spoprod-a.akamaihd.net
1	c1-officeapps-15.cdn.office.net	atpscan.global.hornetsecurity.com
28	7

This site contains links to these domains. Also see Links.

Domain
www.hornetsecurity.com

Subject Issuer	Validity	Valid
*.global.hornetsecurity.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-15` - `2022-02-16`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2020-04-15` - `2022-04-15`	2 years	crt.sh
officeapps.live.com Microsoft IT TLS CA 1	`2020-02-18` - `2022-02-18`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
Frame ID: BB68C728D68C177B16B840282F1F696B
Requests: 27 HTTP requests in this frame

Frame: https://onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fbeelinelogisticsinc-my.sharepoint.com%2Fpersonal%2Faduffy_beelinelogistics_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Fbd594ee4b087408ab259a3086e07a53b&wdenableroaming=1&mscc=0&wdodb=1&hid=78A9819F-F0E3-0000-4B05-1BA58D992EE3&wdorigin=Sharing&jsapi=1&jsapiver=v1&newsession=1&corrid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&usid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot&rct=Medium&ctp=LeastProtected
Frame ID: D5A044446CC718EAC198529B6A2463DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://atpscan.global.hornetsecurity.com/index.php?atp_str=pCADENaLTuIjlP58jBEQ3Umd7Ld1W-byaeOTf_HW3w3MObpIaWnbDOUokX... HTTP 302
https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUn... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

562 kB
Transfer

2037 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hornetsecurity.com/en/atp-information
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://atpscan.global.hornetsecurity.com/index.php?atp_str=pCADENaLTuIjlP58jBEQ3Umd7Ld1W-byaeOTf_HW3w3MObpIaWnbDOUokX-d0Kospn-geBxeOAcs-RyiNm6xh158in1k4dYY-bNVaWDSPIvy6sJAMpPySTQ-H6ng46yQE4O0r2_egYcgxNt9LrsFxAYVmnryzMlBk1ry2CppsFj_4I98MHB91iNRWY1er_cZPqSr9gv8lLBsJhTrbe69JZLLhPSLY9b9BQivkTekjl_Umd3Py3as0_gXAy4FNqCnbYKhk8CWABXrfgYYL253VBmuMCjdgelH8qA4I8POO87yyqxd0FIfLf6bT_fQLTgjIvwO6Sw3WdRMGxRnQ2eZQn7VgDHImPvzJn9Od3javsVg1sxflGqQeV4thaFjU--i5jFzI2-bqs2aCL_FObtqGzOmVEoYMUxp4D-B0K9OIe65a7aCL0hLxgbQ8PutVjFgJNN3pMm2nO2BxVUjKwxsoVSDsp2JIzo6I2-Meymy3VYXbJ7kxSM6OiM8_Owws9Om0sfJCdlPGBEp&e=B95yZA HTTP 302
https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
atpscan.global.hornetsecurity.com/
Redirect Chain

https://atpscan.global.hornetsecurity.com/index.php?atp_str=pCADENaLTuIjlP58jBEQ3Umd7Ld1W-byaeOTf_HW3w3MObpIaWnbDOUokX-d0Kospn-geBxeOAcs-RyiNm6xh158in1k4dYY-bNVaWDSPIvy6sJAMpPySTQ-H6ng46yQE4O0r2_eg...
https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2Dw...

33 KB
13 KB

8662ms
8661ms

Document
text/html

94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 83372e00c2c84a3c1547c85eae2ef5c5d39cebbe16f934c13c4f81432c997bb4

Request headers

:method: GET
:authority: atpscan.global.hornetsecurity.com
:scheme: https
:path: /index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ATPSESSID=50dc2ffd24d2a51fcb2a1dacd258be8e; FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjgsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZjc2ZmFmMjRhMWE1YTUzM2IxZDkwYTA2MDZkMTQyYjRmNmEwZWM0M2IxNWZhMjBjZDJhMzZkY2FjN2Y2ZTkyMiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNmNzZmYWYyNGExYTVhNTMzYjFkOTBhMDYwNmQxNDJiNGY2YTBlYzQzYjE1ZmEyMGNkMmEzNmRjYWM3ZjZlOTIyLDEzMjQ2NjM3OTEwMDAwMDAwMCwwLDEzMjQ2NzI0MDEwMzM5MzY3MCwwLjAuMC4wLDI1OCxkYzIxYThkMC1jZjM4LTQ3MmMtODFjZi0wNDEzMmJiODAxMWMsLCw3OGE5ODE5Zi1mMDQ1LTAwMDAtNjk5ZS05NTI3NzMzMjVkZTAsNzhhOTgxOWYtZjA0NS0wMDAwLTY5OWUtOTUyNzczMzI1ZGUwLHdSSEU3YTVNYmthMGh1eGZYL0U5L3csMCwwLDAsLCwsMjY1MDQ2Nzc0Mzk5OTk5OTk5OSwwLCxYbHVEd2FjNVRUZ0xuWVBIeWw4S1B6OVVmaS8vMStQclpwRjVTWWM4Yk1URGhOaklYZFVKaUxVQjlNenIzd05XYlV2bXdIaWY2QjNKcWRWcEpRMFVBRDBWQm04WUJEbUE0RFlJYndsWHNxb0tBK3IrZDJJUjZwOElSbFE1YnFta2EwTklRcVlYUXVmRDMxT2FLcEdHKzYzeDN5RnY1RjdpZDdUT2x0WElrN05ZNC9SQXhselJTUUFEa0I1ZGJTaEVhVEhEOElqTnJNVERpSFUyM1pjaXZiTjV3Y1dGRUs2WXNnUEp5WEVwZXBycElTQXBZaG14cE9RdWJwNzBvZ1Z6MUIxdlJ0NlJWcVd4akhONWNJbU5UTXh4K0Y3REJSZzY4bEVmdkJueHc4YktzdzRncWFmQi9OaHRuMnM1K2M5R0h2czlxUWJaNmhJYXkwbVd4aFA5YlE9PTwvU1A+
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Thu, 08 Oct 2020 13:33:40 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-disposition: filename="Doc.aspx"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjgsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZjc2ZmFmMjRhMWE1YTUzM2IxZDkwYTA2MDZkMTQyYjRmNmEwZWM0M2IxNWZhMjBjZDJhMzZkY2FjN2Y2ZTkyMiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNmNzZmYWYyNGExYTVhNTMzYjFkOTBhMDYwNmQxNDJiNGY2YTBlYzQzYjE1ZmEyMGNkMmEzNmRjYWM3ZjZlOTIyLDEzMjQ2NjM3OTEwMDAwMDAwMCwwLDEzMjQ2NzI0MDEwMzM5MzY3MCwwLjAuMC4wLDI1OCxkYzIxYThkMC1jZjM4LTQ3MmMtODFjZi0wNDEzMmJiODAxMWMsLCw3OGE5ODE5Zi1mMDQ1LTAwMDAtNjk5ZS05NTI3NzMzMjVkZTAsNzhhOTgxOWYtZjA0NS0wMDAwLTY5OWUtOTUyNzczMzI1ZGUwLHdSSEU3YTVNYmthMGh1eGZYL0U5L3csMCwwLDAsLCwsMjY1MDQ2Nzc0Mzk5OTk5OTk5OSwwLCxYbHVEd2FjNVRUZ0xuWVBIeWw4S1B6OVVmaS8vMStQclpwRjVTWWM4Yk1URGhOaklYZFVKaUxVQjlNenIzd05XYlV2bXdIaWY2QjNKcWRWcEpRMFVBRDBWQm04WUJEbUE0RFlJYndsWHNxb0tBK3IrZDJJUjZwOElSbFE1YnFta2EwTklRcVlYUXVmRDMxT2FLcEdHKzYzeDN5RnY1RjdpZDdUT2x0WElrN05ZNC9SQXhselJTUUFEa0I1ZGJTaEVhVEhEOElqTnJNVERpSFUyM1pjaXZiTjV3Y1dGRUs2WXNnUEp5WEVwZXBycElTQXBZaG14cE9RdWJwNzBvZ1Z6MUIxdlJ0NlJWcVd4akhONWNJbU5UTXh4K0Y3REJSZzY4bEVmdkJueHc4YktzdzRncWFmQi9OaHRuMnM1K2M5R0h2czlxUWJaNmhJYXkwbVd4aFA5YlE9PTwvU1A+
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 08 Oct 2020 13:33:30 GMT
content-type: text/html;charset=UTF-8
location: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
set-cookie: ATPSESSID=50dc2ffd24d2a51fcb2a1dacd258be8e; path=/ FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjgsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZjc2ZmFmMjRhMWE1YTUzM2IxZDkwYTA2MDZkMTQyYjRmNmEwZWM0M2IxNWZhMjBjZDJhMzZkY2FjN2Y2ZTkyMiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNmNzZmYWYyNGExYTVhNTMzYjFkOTBhMDYwNmQxNDJiNGY2YTBlYzQzYjE1ZmEyMGNkMmEzNmRjYWM3ZjZlOTIyLDEzMjQ2NjM3OTEwMDAwMDAwMCwwLDEzMjQ2NzI0MDEwMzM5MzY3MCwwLjAuMC4wLDI1OCxkYzIxYThkMC1jZjM4LTQ3MmMtODFjZi0wNDEzMmJiODAxMWMsLCw3OGE5ODE5Zi1mMDQ1LTAwMDAtNjk5ZS05NTI3NzMzMjVkZTAsNzhhOTgxOWYtZjA0NS0wMDAwLTY5OWUtOTUyNzczMzI1ZGUwLHdSSEU3YTVNYmthMGh1eGZYL0U5L3csMCwwLDAsLCwsMjY1MDQ2Nzc0Mzk5OTk5OTk5OSwwLCxYbHVEd2FjNVRUZ0xuWVBIeWw4S1B6OVVmaS8vMStQclpwRjVTWWM4Yk1URGhOaklYZFVKaUxVQjlNenIzd05XYlV2bXdIaWY2QjNKcWRWcEpRMFVBRDBWQm04WUJEbUE0RFlJYndsWHNxb0tBK3IrZDJJUjZwOElSbFE1YnFta2EwTklRcVlYUXVmRDMxT2FLcEdHKzYzeDN5RnY1RjdpZDdUT2x0WElrN05ZNC9SQXhselJTUUFEa0I1ZGJTaEVhVEhEOElqTnJNVERpSFUyM1pjaXZiTjV3Y1dGRUs2WXNnUEp5WEVwZXBycElTQXBZaG14cE9RdWJwNzBvZ1Z6MUIxdlJ0NlJWcVd4akhONWNJbU5UTXh4K0Y3REJSZzY4bEVmdkJueHc4YktzdzRncWFmQi9OaHRuMnM1K2M5R0h2czlxUWJaNmhJYXkwbVd4aFA5YlE9PTwvU1A+
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-disposition: filename="EuROWb2HsIpAslmjCG4HpTsBYmkHdR-UnWI0iBs2qO-rDw"

GET
H2 200 main.min.js Show response
atpscan.global.hornetsecurity.com/ 19 KB
7 KB 62ms
61ms Script
application/javascript 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/main.min.js
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6d632a4347780acbc4c3b0b0b5f802a39742ca6db30b538f41b5157a1102cc0

Request headers

Referer: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:33:40 GMT
content-encoding: gzip
last-modified: Tue, 15 May 2018 06:27:09 GMT
server: nginx
etag: W/"5afa7dbd-4d4b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=31536000
expires: Fri, 08 Oct 2021 13:33:40 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 23ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 index.php Show response
atpscan.global.hornetsecurity.com/ 67 KB
21 KB 501ms
500ms Script
application/javascript 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=7aPgDGrYgVXOlZweSZmXQyJfNEwBeLxlacRyvliqu1StLkNVA5h3UWL8Uw_gVF2S1lnu--8fUQpQBWhUwfZLXihhJF94afaqYw-C1zP4Izo6I5o41kdtaPKZNnrRkiM6OiMwuMjAuoYQA1BWifRdirZ6
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 94c270cf662ff6d08d6728a68e925354a05d6eea14c38ba43991f6153d9e5dd4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:33:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
content-disposition: filename="onenote-boot.min.js"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 index.php Show response
atpscan.global.hornetsecurity.com/ 30 KB
11 KB 563ms
563ms Script
application/javascript 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=q0klim6JTc31dxgsz9S-4qLwyoMRPuY4ZSJTgzBBnqh8MriL8VaDuFpMLXECYc0-JD9ipe2Tim9N2MtUs1ogc7GSCKHchEW-7gq6YJpTN1aSRiJiEFcOlP7OpEzJUFSoHyzpEBgdMWcjOjoj4MFSSVESrwUBLBfbIzo6I4DB5L1TzzaiyeIXHwIMZzY
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_VHgtfozc0XDraC-PO3Fs_4pdjDHutf6TJ5FV0Gvq9hT63iStCAFl9ORwKxw5lZ_s_Lbf7jIJNXRtY6332PHIWYkcfHrkkdqgC1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 25f8dfa57fd07c0e70fce0cde8064cc37a8027dfd3a754dc74f45cc959a23881

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
content-disposition: filename="require.js"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
12ms Font
font/woff2 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 162 B
313 B 189ms
188ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c5135c5bc6d1e5dad5619779721a3d90fe3709b39a4682df933bb6d9eb7d8b52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/ 385 KB
96 KB 56ms
15ms Script
application/javascript 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/common.min.js

Requested by

Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=7aPgDGrYgVXOlZweSZmXQyJfNEwBeLxlacRyvliqu1StLkNVA5h3UWL8Uw_gVF2S1lnu--8fUQpQBWhUwfZLXihhJF94afaqYw-C1zP4Izo6I5o41kdtaPKZNnrRkiM6OiMwuMjAuoYQA1BWifRdirZ6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

795f5e62f7d0b5605b6abf2b63cf944a76ab8d12f5a7a4cb6559b4625e60627e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"294c9225dc98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcy=afd_excelslice_control,1pnr=afd_wordcapacity_2
Content-Length: 97752
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_excelslice_control,afd_wordcapacity_2
Last-Modified: Fri, 02 Oct 2020 16:50:34 GMT
X-OFFICEFD: AM4PEPF00007454
X-MSEdge-Ref: Ref A: 09932A3CBD3A4B19899A3F02A123CB17 Ref B: AMS04EDGE0814 Ref C: 2020-10-02T16:50:34Z
X-UserSessionId: b79beb6d-dbf6-4f15-a90b-195a48934ef7
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b79beb6d-dbf6-4f15-a90b-195a48934ef7
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 163 B
313 B 179ms
177ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 21e5e54b4994b645734764744c167323a3e3ce1e5b0f8029c9781d5151fbdf02

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK wacBoot.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/ 48 KB
12 KB 50ms
14ms Script
application/javascript 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/wacBoot.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

924cd43a2ad9457fe1451eb75d93ff62fc343d8ffba91eb3051c965e4d728fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"58ad2f26dc98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1fxu=afd_waccluster
Content-Length: 11466
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster
Last-Modified: Fri, 02 Oct 2020 16:50:35 GMT
X-OFFICEFD: AM4PEPF000068B9
X-MSEdge-Ref: Ref A: 75D24AD50D6D49FD8517040C85CBEFCE Ref B: AMS04EDGE0914 Ref C: 2020-10-02T16:50:35Z
X-UserSessionId: 8cec80d4-5157-4bf7-90bf-2aea2a478143
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8cec80d4-5157-4bf7-90bf-2aea2a478143
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 168 B
315 B 182ms
179ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 381786219797e38107ee735793d356a6ba38742e3c60a8db5c4cc6ac52fee648

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK onenoteSync.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/ 120 KB
31 KB 51ms
15ms Script
application/javascript 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/onenoteSync.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a2e9bdceab877f375915263b60aa391fb110004f1ad8cd1ba52818908a7de429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"29aea83edc98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 30439
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Fri, 02 Oct 2020 16:51:16 GMT
X-OFFICEFD: AM4PEPF000068A6
X-MSEdge-Ref: Ref A: 78E678A87ACC45C685CD1E3ED6035D60 Ref B: AM3EDGE0715 Ref C: 2020-10-02T16:51:16Z
X-UserSessionId: a00f4364-99b6-471d-a2ed-5d041dc257b5
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a00f4364-99b6-471d-a2ed-5d041dc257b5
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 158 B
308 B 199ms
196ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4c7c68b8330662f58933a10cae40c1964a0aa6a3f003f2425d31dc77452a4746

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK jSanity.js Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/ 11 KB
4 KB 51ms
16ms Script
application/javascript 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_App_Scripts/jSanity.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8892f129dc98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015
Content-Length: 3414
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest
Last-Modified: Fri, 02 Oct 2020 16:50:41 GMT
X-OFFICEFD: AM4PEPF0000689D
X-MSEdge-Ref: Ref A: 2FFF070140A046EE9E8C990E1C2AC33C Ref B: AMS04EDGE0607 Ref C: 2020-10-02T16:50:41Z
X-UserSessionId: 059b2ba5-0bc8-4e76-84d8-1bd12638a0e1
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 059b2ba5-0bc8-4e76-84d8-1bd12638a0e1
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 168 B
316 B 182ms
180ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e8a2e323911277b65ad7ce8328ab46f4f190af9264a8fdd6eb4e34473f62016b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK EditSurface.css Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_resources/1033/ 26 KB
5 KB 48ms
13ms Script
text/css 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_resources/1033/EditSurface.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e0a8ceaf0977b8f8f6d0e9723c4e30a4146a4e018cb798f0a59658762b1836ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "65289eb7db98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13330.41001
X-OfficeFE: AM4PEPF00006020
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 4537
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Fri, 02 Oct 2020 16:47:29 GMT
X-OFFICEFD: AM4PEPF000068BA
X-MSEdge-Ref: Ref A: FAE312C308FD4BC5965C8448649B51F1 Ref B: AMS04EDGE1016 Ref C: 2020-10-02T16:50:33Z
X-UserSessionId: c146e2ec-47c7-400a-8d3d-b9f688ed0a1d
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: c146e2ec-47c7-400a-8d3d-b9f688ed0a1d
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 163 B
314 B 212ms
210ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4d340aa20d8a8519820e8aa3f99bff91866af156a9126ceed4f2b5f91892ea18

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK OneNote.css Show response
c1-onenote-15.cdn.office.net/o/s/161333041001_resources/1033/ 409 KB
52 KB 51ms
17ms Script
text/css 2a02:26f0:f1:28a::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161333041001_resources/1033/OneNote.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28a::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fe1bb38c6393f4eaf851ad97f97ad580efa53b630c736aae6008624ff8375734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"5757f724dc98d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1pnr=afd_wordcapacity_2_control
Content-Length: 51899
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_2_control
Last-Modified: Fri, 02 Oct 2020 16:50:33 GMT
X-OFFICEFD: AM4PEPF000068AF
X-MSEdge-Ref: Ref A: 5E81CA61067346E8AF196B91665C77C8 Ref B: AMS04EDGE0707 Ref C: 2020-10-02T16:50:33Z
X-UserSessionId: 94876c8f-a90d-4365-80f4-483eb1314fc8
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 94876c8f-a90d-4365-80f4-483eb1314fc8
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 170 B
319 B 218ms
217ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: b63fd37c62e8f99b4c53db3e6372e2000be65ce3b3a55377f1cd3a6337498a54

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/o/s/161333041001_App_Scripts/ 106 KB
24 KB 50ms
16ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161333041001_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ec3e0fecd8521498aca392912219497d50c10ee21fcd8e670f04b86bd7d7b225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"23ba3d11dc98d61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13324.41004
X-OfficeFE: DB5PEPF000040EA
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control
Content-Length: 23639
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Fri, 02 Oct 2020 16:50:00 GMT
X-OFFICEFD: DB5PEPF00004098
X-MSEdge-Ref: Ref A: C57E97D80E5C4FD9ADD175ACF176B833 Ref B: AM3EDGE1019 Ref C: 2020-10-02T16:50:41Z
X-UserSessionId: 6bf2c693-3fc4-455d-8b22-2c0a0de5c226
Date: Thu, 08 Oct 2020 13:33:41 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 6bf2c693-3fc4-455d-8b22-2c0a0de5c226
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 onenoteframe.aspx
onenote.officeapps.live.com/o/ Frame D5A0 0
0 85ms
34ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fbeelinelogisticsinc-my.sharepoint.com%2Fpersonal%2Faduffy_beelinelogistics_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Fbd594ee4b087408ab259a3086e07a53b&wdenableroaming=1&mscc=0&wdodb=1&hid=78A9819F-F0E3-0000-4B05-1BA58D992EE3&wdorigin=Sharing&jsapi=1&jsapiver=v1&newsession=1&corrid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&usid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot&rct=Medium&ctp=LeastProtected

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: onenote.officeapps.live.com
:scheme: https
:path: /o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fbeelinelogisticsinc-my.sharepoint.com%2Fpersonal%2Faduffy_beelinelogistics_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Fbd594ee4b087408ab259a3086e07a53b&wdenableroaming=1&mscc=0&wdodb=1&hid=78A9819F-F0E3-0000-4B05-1BA58D992EE3&wdorigin=Sharing&jsapi=1&jsapiver=v1&newsession=1&corrid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&usid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot&rct=Medium&ctp=LeastProtected
content-length: 4884
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: null
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Fri, 08-Jan-2021 14:33:41 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure PNL1-ARRAffinity=f4a5e8098831c99bb63f196a497f14734cf50520d6013b4ab06817f47536aefd;Path=/;Domain=onenote.officeapps.live.com; samesite=none; secure
x-correlationid: 0ed5aafa-e027-4ffe-be2c-df9a52bdf24f
x-usersessionid: 0ed5aafa-e027-4ffe-be2c-df9a52bdf24f
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: AtvIdUYrQADnFZVjFMSUC3v5IMITBR1h75MFUfVeL0CYUfR2I/PhZaxFC5UtS7qtFpmqP7GMiZ+Quzoq0VeiJg0AAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTYwODEzNDQwNCwiaXNTdWJkb21haW4iOnRydWV9
x-officefe: AM4PEPF00006961
x-officeversion: 16.0.13330.41001
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.blob.core.windows.net content.lifecycle.office.net www.microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src * https:; worker-src 'none'; img-src * data: blob: https:; report-uri /o/reportcsp.ashx
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: D0E037D017094CE1B06C92456A3F4279 Ref B: AM3EDGE0621 Ref C: 2020-10-08T13:33:41Z
x-msedge-flight: 1jcy=afd_excelslice_control
x-msedge-features: typeheadertest,afd_excelslice_control
date: Thu, 08 Oct 2020 13:33:40 GMT

POST
H2 200 RemoteUls.ashx
onenote.officeapps.live.com/o/ 0
0 155ms
102ms Other
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=0ed5aafa-e027-4ffe-be2c-df9a52bdf24f
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=7aPgDGrYgVXOlZweSZmXQyJfNEwBeLxlacRyvliqu1StLkNVA5h3UWL8Uw_gVF2S1lnu--8fUQpQBWhUwfZLXihhJF94afaqYw-C1zP4Izo6I5o41kdtaPKZNnrRkiM6OiMwuMjAuoYQA1BWifRdirZ6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://atpscan.global.hornetsecurity.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 230 B
366 B 180ms
179ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8e1ee34d0dfca1194011b81487601151c74bc2a13b342745fa638ae96d69be0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 plt.resx-plt.chunk.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/en-us/ 558 B
827 B 113ms
33ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/en-us/plt.resx-plt.chunk.js
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=q0klim6JTc31dxgsz9S-4qLwyoMRPuY4ZSJTgzBBnqh8MriL8VaDuFpMLXECYc0-JD9ipe2Tim9N2MtUs1ogc7GSCKHchEW-7gq6YJpTN1aSRiJiEFcOlP7OpEzJUFSoHyzpEBgdMWcjOjoj4MFSSVESrwUBLBfbIzo6I4DB5L1TzzaiyeIXHwIMZzY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 04eb3694c23d2e763f1d5162ac1f1ea4267c90e62b5d2a512d17ad047fa69131

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
content-md5: kolWyx05+AKLIyLKNaQxnQ==
status: 200
content-length: 305
x-ms-lease-status: unlocked
last-modified: Tue, 29 Sep 2020 03:29:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D86427E9AF51F8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 12c09575-801e-0023-4c84-967219000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30771678
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 216 B
356 B 187ms
186ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: aa80dcbdc5f0000d254efc323419378621390ce750e54e4e359fc8923f0f2777

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
x-microcachable: 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 wachostwebpack.js Show response
spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/ 676 KB
200 KB 112ms
33ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/wachostwebpack.js
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/index.php?atp_str=q0klim6JTc31dxgsz9S-4qLwyoMRPuY4ZSJTgzBBnqh8MriL8VaDuFpMLXECYc0-JD9ipe2Tim9N2MtUs1ogc7GSCKHchEW-7gq6YJpTN1aSRiJiEFcOlP7OpEzJUFSoHyzpEBgdMWcjOjoj4MFSSVESrwUBLBfbIzo6I4DB5L1TzzaiyeIXHwIMZzY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cedf114bc27e56209c317481a0c511f5c8e2a3abd86189ecbb66aa1d5a279c44

Request headers

Origin: https://atpscan.global.hornetsecurity.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
content-md5: CaqRT3twloBDLai93P21Bg==
status: 200
content-length: 203828
x-ms-lease-status: unlocked
last-modified: Tue, 29 Sep 2020 03:29:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D86427E96E93E5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2c218854-c01e-00ca-3184-968e1f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30771650
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 get_cipher.php Show response
atpscan.global.hornetsecurity.com/ 140 B
248 B 125ms
124ms XHR
text/html 94.100.136.44
SSERV-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atpscan.global.hornetsecurity.com/get_cipher.php
Requested by: Host: atpscan.global.hornetsecurity.com
URL: https://atpscan.global.hornetsecurity.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.100.136.44 , Germany, ASN24679 (SSERV-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d3d4c7b50ed7a925ada18dc29074df40159b4501efd7a9f6eb545f211384e55e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:33:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 535ms
183ms XHR
application/json 52.114.132.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=a9e9a63d9df4411ebbf89297947d7666-b5f0498b-a808-4b74-bb7b-2b33f7971660-7417
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/wachostwebpack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.132.22 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:33:41 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 475
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
atpscan.global.hornetsecurity.com/	1969-12-31 23:59:59	Name: FedAuth Value: 77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjgsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZjc2ZmFmMjRhMWE1YTUzM2IxZDkwYTA2MDZkMTQyYjRmNmEwZWM0M2IxNWZhMjBjZDJhMzZkY2FjN2Y2ZTkyMiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNmNzZmYWYyNGExYTVhNTMzYjFkOTBhMDYwNmQxNDJiNGY2YTBlYzQzYjE1ZmEyMGNkMmEzNmRjYWM3ZjZlOTIyLDEzMjQ2NjM3OTEwMDAwMDAwMCwwLDEzMjQ2NzI0MDEwMzM5MzY3MCwwLjAuMC4wLDI1OCxkYzIxYThkMC1jZjM4LTQ3MmMtODFjZi0wNDEzMmJiODAxMWMsLCw3OGE5ODE5Zi1mMDQ1LTAwMDAtNjk5ZS05NTI3NzMzMjVkZTAsNzhhOTgxOWYtZjA0NS0wMDAwLTY5OWUtOTUyNzczMzI1ZGUwLHdSSEU3YTVNYmthMGh1eGZYL0U5L3csMCwwLDAsLCwsMjY1MDQ2Nzc0Mzk5OTk5OTk5OSwwLCxYbHVEd2FjNVRUZ0xuWVBIeWw4S1B6OVVmaS8vMStQclpwRjVTWWM4Yk1URGhOaklYZFVKaUxVQjlNenIzd05XYlV2bXdIaWY2QjNKcWRWcEpRMFVBRDBWQm04WUJEbUE0RFlJYndsWHNxb0tBK3IrZDJJUjZwOElSbFE1YnFta2EwTklRcVlYUXVmRDMxT2FLcEdHKzYzeDN5RnY1RjdpZDdUT2x0WElrN05ZNC9SQXhselJTUUFEa0I1ZGJTaEVhVEhEOElqTnJNVERpSFUyM1pjaXZiTjV3Y1dGRUs2WXNnUEp5WEVwZXBycElTQXBZaG14cE9RdWJwNzBvZ1Z6MUIxdlJ0NlJWcVd4akhONWNJbU5UTXh4K0Y3REJSZzY4bEVmdkJueHc4YktzdzRncWFmQi9OaHRuMnM1K2M5R0h2czlxUWJaNmhJYXkwbVd4aFA5YlE9PTwvU1A+
onenote.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
atpscan.global.hornetsecurity.com/	1970-01-19 13:02:44	Name: _mcnc Value: 1
.onenote.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 31af4fdcce82ec4001925143c9dc998f361f774e934f2deb9f69fd36827bcca2
onenote.officeapps.live.com/	1970-01-19 15:15:16	Name: DcLcid Value: ui=1033&data=1033
atpscan.global.hornetsecurity.com/	1969-12-31 23:59:59	Name: ATPSESSID Value: f32b2bbe5afecf1e285256e06aa01d5e

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://atpscan.global.hornetsecurity.com/main.min.js(Line 103) Message: error WATCHED: TypeError: location.watch is not a function
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-webpack_2020-09-25-sts_20200928.001/wachostwebpack/wachostwebpack.js(Line 2) Message: Failed to reset Url. Error: SecurityError: Failed to execute 'replaceState' on 'History': A history state object with URL 'https://beelinelogisticsinc-my.sharepoint.com/:o:/g/personal/aduffy_beelinelogistics_com/EuROWb2HsIpAslmjCG4HpTsBYmkHdR-UnWI0iBs2qO-rDw?rtime=Xgvjvo5r2Eg' cannot be created in a document with origin 'https://atpscan.global.hornetsecurity.com' and URL 'https://atpscan.global.hornetsecurity.com/index.php?atp_str=0yDBRXPX28uT0tJLUbbOhmlDqWpyG0f2IdWue6DJey4O2_RbYZqjAk3PUnGJAubS9R9SlxDiygpVUgPah617I4WXWkgtPB79A26zxgN5-uob2bxDw9xTYb3-8-AU4uj7QDC8Ag2DwDtWlWItLWdrOdcEpEgVWYQd2EXKrnZ5gCQWSzymZ6w0nVvM6AJq8Qa9shjAkST8Rd2z5l-KCKKHh6IuLWoI54mJja3kHQUOEJXL5T3Opr5hixtF0pEUs3C4xGB7-1lDRLmv70nxx7BijH8Ticmr3qp4aei66r9omvjNMM_KAFDT62Cvvv71nCmYQOMMDFzSG5eGUuBOAVaHV7gXOuPWaLPOsoqL657treOvHPOPRzSHol70EzSxHJvD3YjBVX5bRu--uH8bKOIZklHN0Aq1oiSLsjzAa7f9prcrfXIes7aGVKfpYPjOztBAT1_...C1FxNTTp5wF_vw6KUDJ1UdT9VIONys1TRMcPeY_zvMwb7zq7gEjOixDw0_1m6tirmrl3jhJ1cAxBaX6a-evys7f7S1gYjOjojqcnARuNzO1c-iY0rIzo6I00rpb8uZo_fxuihFSFjbYo&sourcedoc=%7Bbd594ee4-b087-408a-b259-a3086e07a53b%7D&action=default&slrid=78a9819f-f045-0000-699e-952773325de0&originalPath=aHR0cHM6Ly9iZWVsaW5lbG9naXN0aWNzaW5jLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2FkdWZmeV9iZWVsaW5lbG9naXN0aWNzX2NvbS9FdVJPV2IySHNJcEFzbG1qQ0c0SHBUc0JZbWtIZFItVW5XSTBpQnMycU8tckR3P3J0aW1lPVhndmp2bzVyMkVn&cid=c981f461-9115-4b6f-bbbe-7bbf6dc0d18d'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atpscan.global.hornetsecurity.com
browser.pipe.aria.microsoft.com
c1-officeapps-15.cdn.office.net
c1-onenote-15.cdn.office.net
maxcdn.bootstrapcdn.com
onenote.officeapps.live.com
spoprod-a.akamaihd.net
2.16.186.25
2001:4de0:ac19::1:b:3a
2620:1ec:a92::171
2a02:26f0:f1:28a::4b36
2a02:26f0:f1:28c::4b36
52.114.132.22
94.100.136.44
04eb3694c23d2e763f1d5162ac1f1ea4267c90e62b5d2a512d17ad047fa69131
21e5e54b4994b645734764744c167323a3e3ce1e5b0f8029c9781d5151fbdf02
25f8dfa57fd07c0e70fce0cde8064cc37a8027dfd3a754dc74f45cc959a23881
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
381786219797e38107ee735793d356a6ba38742e3c60a8db5c4cc6ac52fee648
4c7c68b8330662f58933a10cae40c1964a0aa6a3f003f2425d31dc77452a4746
4d340aa20d8a8519820e8aa3f99bff91866af156a9126ceed4f2b5f91892ea18
795f5e62f7d0b5605b6abf2b63cf944a76ab8d12f5a7a4cb6559b4625e60627e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83372e00c2c84a3c1547c85eae2ef5c5d39cebbe16f934c13c4f81432c997bb4
8e1ee34d0dfca1194011b81487601151c74bc2a13b342745fa638ae96d69be0b
924cd43a2ad9457fe1451eb75d93ff62fc343d8ffba91eb3051c965e4d728fdf
94c270cf662ff6d08d6728a68e925354a05d6eea14c38ba43991f6153d9e5dd4
a2e9bdceab877f375915263b60aa391fb110004f1ad8cd1ba52818908a7de429
aa80dcbdc5f0000d254efc323419378621390ce750e54e4e359fc8923f0f2777
b63fd37c62e8f99b4c53db3e6372e2000be65ce3b3a55377f1cd3a6337498a54
c5135c5bc6d1e5dad5619779721a3d90fe3709b39a4682df933bb6d9eb7d8b52
cedf114bc27e56209c317481a0c511f5c8e2a3abd86189ecbb66aa1d5a279c44
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
d3d4c7b50ed7a925ada18dc29074df40159b4501efd7a9f6eb545f211384e55e
d6d632a4347780acbc4c3b0b0b5f802a39742ca6db30b538f41b5157a1102cc0
e0a8ceaf0977b8f8f6d0e9723c4e30a4146a4e018cb798f0a59658762b1836ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a2e323911277b65ad7ce8328ab46f4f190af9264a8fdd6eb4e34473f62016b
ec3e0fecd8521498aca392912219497d50c10ee21fcd8e670f04b86bd7d7b225
fe1bb38c6393f4eaf851ad97f97ad580efa53b630c736aae6008624ff8375734

atpscan.global.hornetsecurity.com Open in urlscan Pro 94.100.136.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

562 kBTransfer

2037 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

atpscan.global.hornetsecurity.com Open in urlscan Pro
94.100.136.44 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

562 kB
Transfer

2037 kB
Size

6
Cookies

28 HTTP transactions
0 data transactions