onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hyperurl.co/40naoj
Effective URL:
https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b...
Submission: On July 28 via manual (July 28th 2020, 10:32:12 am UTC) from US

Summary HTTP 103 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 12 domains to perform 103 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.222.255.180 3.222.255.180	14618 (AMAZON-AES) (AMAZON-AES)
5	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.95.147.73 13.95.147.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:10c... 2a02:26f0:10c:38e::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
38	2a02:26f0:10c... 2a02:26f0:10c:386::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a02:26f0:10c... 2a02:26f0:10c:39e::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.37.58.89 23.37.58.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.109.32.27 52.109.32.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.210.248.85 23.210.248.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.109.52.36 52.109.52.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.104.158.177 13.104.158.177	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.114.77.34 52.114.77.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	104.111.233.232 104.111.233.232	16625 (AKAMAI-AS) (AKAMAI-AS)
103	18

1 3.222.255.180 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

hyperurl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.95.147.73 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onenote.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:38e::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a02:26f0:10c:386::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:10c:39e::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.58.89 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-58-89.deploy.static.akamaitechnologies.com

site-cdn.onenote.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.109.32.27 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

officeclient.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.85 (Netherlands)

ASN16625 (AKAMAI-AS, US)

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.109.52.36 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.104.158.177 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.114.77.34 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.232 (Netherlands)

ASN16625 (AKAMAI-AS, US)

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	office.net c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net	3 MB
29	live.com 1 redirects onedrive.live.com onenote.officeapps.live.com skyapi.onedrive.live.com c.live.com	147 KB
11	akamaihd.net spoprod-a.akamaihd.net	438 KB
7	microsoft.com www.microsoft.com officeclient.microsoft.com fs.microsoft.com browser.pipe.aria.microsoft.com	664 KB
3	sfx.ms p.sfx.ms	12 KB
2	s-microsoft.com c.s-microsoft.com	3 KB
1	live.net js.live.net	16 KB
1	aspnetcdn.com ajax.aspnetcdn.com	33 KB
1	bing.com 1 redirects c.bing.com	771 B
1	office.com messaging.office.com	462 B
1	onenote.net site-cdn.onenote.net	2 KB
1	hyperurl.co 1 redirects hyperurl.co	905 B
103	12

	Domain	Requested by
38	c1-onenote-15.cdn.office.net	onenote.officeapps.live.com c1-onenote-15.cdn.office.net
21	onenote.officeapps.live.com	onedrive.live.com onenote.officeapps.live.com c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net
11	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
10	c1-officeapps-15.cdn.office.net	onenote.officeapps.live.com c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net
5	onedrive.live.com	onedrive.live.com
3	browser.pipe.aria.microsoft.com	p.sfx.ms c1-onenote-15.cdn.office.net
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
2	c.live.com	1 redirects
2	fs.microsoft.com	c1-onenote-15.cdn.office.net
2	c.s-microsoft.com	onenote.officeapps.live.com
1	js.live.net	c1-onenote-15.cdn.office.net
1	ajax.aspnetcdn.com	skyapi.onedrive.live.com
1	c.bing.com	1 redirects
1	skyapi.onedrive.live.com	spoprod-a.akamaihd.net
1	messaging.office.com	c1-officeapps-15.cdn.office.net
1	officeclient.microsoft.com	c1-onenote-15.cdn.office.net
1	site-cdn.onenote.net	c1-onenote-15.cdn.office.net
1	www.microsoft.com	c1-onenote-15.cdn.office.net
1	hyperurl.co	1 redirects
103	19

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
officeapps.live.com Microsoft IT TLS CA 1	`2020-02-18` - `2022-02-18`	2 years	crt.sh
www.microsoft.com Microsoft IT TLS CA 5	`2019-10-21` - `2021-10-21`	2 years	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2020-04-15` - `2022-04-15`	2 years	crt.sh
site-cdn.onenote.net Microsoft IT TLS CA 4	`2020-03-09` - `2022-03-09`	2 years	crt.sh
config.officeapps.live.com Microsoft IT TLS CA 4	`2019-09-24` - `2021-09-24`	2 years	crt.sh
officecdn.microsoft.com Microsoft IT TLS CA 4	`2020-02-19` - `2022-02-19`	2 years	crt.sh
messaging.office.com Microsoft IT TLS CA 4	`2019-05-28` - `2021-05-28`	2 years	crt.sh
storage.live.com Microsoft IT TLS CA 1	`2020-07-13` - `2022-07-13`	2 years	crt.sh
c.msn.com Microsoft IT TLS CA 2	`2020-04-23` - `2022-04-23`	2 years	crt.sh
*.events.data.microsoft.com Microsoft IT TLS CA 1	`2020-05-07` - `2022-05-07`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
p.sfx.ms Microsoft IT TLS CA 2	`2020-02-04` - `2022-02-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Frame ID: E22734F6F92A0F0F4DC5D34FA6D3F037
Requests: 22 HTTP requests in this frame

Frame: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
Frame ID: B40AD122F858440584A9DE1D2FF79B77
Requests: 86 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/api/proxy?v=3
Frame ID: 804A4DA174DAC327CA5F7DEC71013F36
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hyperurl.co/40naoj HTTP 301
https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=t... Page URL
https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%... Page URL

Page Statistics

103
Requests

100 %
HTTPS

32 %
IPv6

12
Domains

19
Subdomains

18
IPs

6
Countries

4525 kB
Transfer

17183 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hyperurl.co/40naoj HTTP 301
https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29 Page URL
https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hyperurl.co/40naoj HTTP 301
https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29

Request Chain 99

https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D3913%26IR%3D1%26EX%3D0%26L.h%3D1084%26L.bc%3D1138%26L.ac%3D1148%26L.f%3D1154%26L.sjs%3D3835%26L.ttg%3D2941%26C.st%3D1595932314810%26N.jsPlt%3D1651%26N.domIn%3D1154%26N.req%3D965%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9434190761426395 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D3913%26IR%3D1%26EX%3D0%26L.h%3D1084%26L.bc%3D1138%26L.ac%3D1148%26L.f%3D1154%26L.sjs%3D3835%26L.ttg%3D2941%26C.st%3D1595932314810%26N.jsPlt%3D1651%26N.domIn%3D1154%26N.req%3D965%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9434190761426395&CtsSyncId=E2C466ABE5CD4B378BA66176E0FC8206&RedC=c.live.com&MXFR=2F97987C3DB668B938D4976939B66CCD HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D3913%26IR%3D1%26EX%3D0%26L.h%3D1084%26L.bc%3D1138%26L.ac%3D1148%26L.f%3D1154%26L.sjs%3D3835%26L.ttg%3D2941%26C.st%3D1595932314810%26N.jsPlt%3D1651%26N.domIn%3D1154%26N.req%3D965%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9434190761426395&CtsSyncId=E2C466ABE5CD4B378BA66176E0FC8206&MUID=23DF197AD1646E053025166FD00F6FDE

103 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redir Show response
onedrive.live.com/
Redirect Chain

https://hyperurl.co/40naoj
https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%2...

7 KB
3 KB

627ms
532ms

Document
text/html

13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ab1044d77c5dfdd833acb44fd1c17fda7979af17d39c26f39c62997e4c3d917d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:dpCGcuEy2Ig=:4o7ug2a//h6EB2FtBDdtxdxlS4lV6o95kll/mKoNbQ0=:F; domain=.live.com; path=/ xid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&&RD00155D5EA6D6&252; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 28-Jul-2020 08:51:54 GMT; path=/ wla42=; domain=live.com; expires=Tue, 04-Aug-2020 10:31:54 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D5EA6D6
x-odwebserver: canadaeast0-odwebpl
x-msedge-ref: Ref A: 590B2639D96740F69068AED09381FA13 Ref B: FRAEDGE1210 Ref C: 2020-07-28T10:31:54Z
date: Tue, 28 Jul 2020 10:31:54 GMT

Redirect headers

status: 301
date: Tue, 28 Jul 2020 10:31:54 GMT
location: https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29
set-cookie: AWSALB=txOk4kiSf5adPF2jWU3l4SvaqWOWtbSqLRe2HZr7INIZewqFxfNTNjpigi1SQEUpC7ZR4wYZ9sWKYzlojeuyGM6DklChSv4XQvN5jERteW7GkGoNMii3e6WKp9eL; Expires=Tue, 04 Aug 2020 10:31:54 GMT; Path=/ AWSALBCORS=txOk4kiSf5adPF2jWU3l4SvaqWOWtbSqLRe2HZr7INIZewqFxfNTNjpigi1SQEUpC7ZR4wYZ9sWKYzlojeuyGM6DklChSv4XQvN5jERteW7GkGoNMii3e6WKp9eL; Expires=Tue, 04 Aug 2020 10:31:54 GMT; Path=/; SameSite=None; Secure requester_id=1288059599247515651;Path=/;Expires=Fri, 26-Jul-2030 10:31:54 GMT;Max-Age=315360000 last_click_40naoj=1595932314107;Path=/;Expires=Thu, 30-Jul-2020 10:31:54 GMT;Max-Age=172800
server: nginx/1.14.2
x-application-context: application:default,prod:2243
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-node-id: 738
x-proxy-cache: MISS

GET
H2 200 Primary Request View.aspx Show response
onedrive.live.com/ 92 KB
30 KB 951ms
950ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c184bdc1e1d05a5ef49cad6104a741607c0945304cceef94b2e91eb459e9c060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=P:dpCGcuEy2Ig=:4o7ug2a//h6EB2FtBDdtxdxlS4lV6o95kll/mKoNbQ0=:F; xid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&&RD00155D5EA6D6&252; xidseq=1; wla42=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:1bPYcuEy2Ig=:aTzPF4qwijymvIrxHFj8gBula1DdtX1Mqy3ql0vPX5M=:F; domain=.live.com; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 28-Jul-2020 08:51:54 GMT; path=/ wla42=; domain=live.com; expires=Tue, 04-Aug-2020 10:31:55 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D5EC5CC
x-odwebserver: canadaeast0-odwebpl
x-msedge-ref: Ref A: 8EB9160F077D4D9184474C799D3480AA Ref B: FRAEDGE1210 Ref C: 2020-07-28T10:31:54Z
date: Tue, 28 Jul 2020 10:31:55 GMT

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 136 KB
26 KB 83ms
24ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:55 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
status: 200
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE70F79D465
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 44839bff-401e-0058-5aa0-3a19a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26660899
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 85 KB
16 KB 95ms
36ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:55 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
status: 200
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:00:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE708932781
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dcfa0cf6-301e-003a-1aa0-3a5e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26660979
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 169 KB
30 KB 99ms
41ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:55 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
status: 200
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:00:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE7096829B8
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e990c04f-901e-0111-23a0-3a6c9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661027
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 123 KB
93 KB 107ms
48ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//wlx_fonts-c7993ded.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:55 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE7181AB566
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f02e2ce6-601e-0000-15a0-3a1dd2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661096
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 91 KB
25 KB 157ms
156ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.419.0221.2001&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51afa1051af694f880d9a09fcae5007f09d52f15e6a5d4bd8fa953ecf44a5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 482285CB27044E2BAFF570A52B126439 Ref B: FRAEDGE1210 Ref C: 2020-07-28T10:31:55Z
x-odwebserver: canadaeast0-odwebpl
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
date: Tue, 28 Jul 2020 10:31:55 GMT
x-msnserver: RD00155D5ED754
expires: Wed, 28 Jul 2021 10:31:55 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 150ms
149ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.419.0221.2001&useRequiresJs=False

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

df720b331ca8d45d1de875a81ee0c9811ee1c8da3587fab08f6d46d6179897ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: ACA4F4E36E9D4C6D9A63930D2BBC41AC Ref B: FRAEDGE1210 Ref C: 2020-07-28T10:31:55Z
x-odwebserver: canadaeast0-odwebpl
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
date: Tue, 28 Jul 2020 10:31:55 GMT
x-msnserver: RD00155D5EA6D6
expires: Wed, 28 Jul 2021 10:31:55 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 151ms
32ms Script
application/javascript 13.95.147.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 10:31:55 GMT
content-encoding: gzip
last-modified: Tue, 14 Jul 2020 22:02:00 GMT
server: Microsoft-IIS/10.0
etag: "0bcf9652a5ad61:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public,max-age=86400
x-odwebserver: westeurope1-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF23C253
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
108 B 25ms
25ms Image
image/gif 13.95.147.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 10:31:55 GMT
x-msnserver: RD0003FF23C253
last-modified: Tue, 14 Jul 2020 22:02:00 GMT
server: Microsoft-IIS/10.0
etag: "29133c662a5ad61:0"
content-type: image/gif
status: 200
cache-control: public,max-age=86400
x-odwebserver: westeurope1-odwebp
accept-ranges: bytes
content-length: 43

POST
H2 200 onenoteframe.aspx Show response
onenote.officeapps.live.com/o/ Frame B40A 130 KB
39 KB 178ms
57ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d353824beb2c5593baf4f3c4a66c5642db1484650964b5fc6c9ae3c16548fd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: onenote.officeapps.live.com
:scheme: https
:path: /o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&&RD00155D5EA6D6&252; wla42=; mkt=en-US; xidseq=3; E=P:8vprc+Ey2Ig=:qxTEz3eTh66n+yJEsd+t0EfztJb4kFO7yCdc/07ejJ8=:F
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Wed, 28-Oct-2020 10:31:56 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: AoTHOv+cHi/y34eyB2/35xphaG6N96vWHsPsg6E+SP9G7F3NUM8Vh4zvgiOApd5vlWIbQzTfaBFhGWkg46ZqnwQAAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTYwMDc5Njk5NCwiaXNTdWJkb21haW4iOnRydWV9
x-ccr: true
x-officefe: AM4PEPF0000473C
x-officeversion: 16.0.13124.41001
x-officecluster: NL3
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.blob.core.windows.net content.lifecycle.office.net www.microsoft.com c.s-microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /o/reportcsp.ashx
x-officefd: AM4PEPF00004634
x-msedge-ref: Ref A: EE6659665C9A43CFA9B0BA8F7D7574A4 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
x-msedge-flight: 1i78=afd_wordcapacity
x-msedge-features: typeheadertest,afd_wordcapacity
date: Tue, 28 Jul 2020 10:31:55 GMT

GET
H2 200 mscc-0.4.2.min.css
c.s-microsoft.com/mscc/statics/ Frame B40A 1 KB
934 B 34ms
9ms Stylesheet
text/css 2a02:26f0:10c:38e::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:38e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Jan 2020 15:56:23 GMT
content-md5: QLyM0qNPDXd6ayzd1iIoLA==
status: 200
etag: 0x8D795E5A424E059
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c301cf46-701e-00d5-16fc-c75b45000000
x-ms-version: 2009-09-19
content-length: 626

GET
H/1.1 200
OK EditSurface.css
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 26 KB
5 KB 51ms
9ms Stylesheet
text/css 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/EditSurface.css

Requested by

Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cd9935b2a70b6c2b44296e02583436ccfbe03f2a4795aaffcd4656e4e4194d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"90ec5dea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000240E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 4500
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF00004630
X-MSEdge-Ref: Ref A: 4DC30153D8734845B6363382136FC671 Ref B: AMS04EDGE1009 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: d0cf9d9a-33c0-4e6d-a2c9-3afab78343d0
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: d0cf9d9a-33c0-4e6d-a2c9-3afab78343d0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.css
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 420 KB
52 KB 52ms
9ms Stylesheet
text/css 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/OneNote.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

168d484dedfd6fac926f82db28e9a0db8994d5dcd7b7a53575b27192ab155249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"825c7cea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 52488
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF00004626
X-MSEdge-Ref: Ref A: ED548BB9B3954CD8AEC34BE501215825 Ref B: AMS04EDGE0220 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: 3e9fb45e-2b63-4103-ac9a-2e279f1644ab
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 3e9fb45e-2b63-4103-ac9a-2e279f1644ab
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 mscc-0.4.2.min.js Show response
c.s-microsoft.com/mscc/statics/ Frame B40A 4 KB
2 KB 33ms
9ms Script
text/javascript 2a02:26f0:10c:38e::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:38e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Jan 2020 15:56:14 GMT
content-md5: AO6kLOW8s6NiicKEPl74tA==
status: 200
etag: 0x8D795E59EC908A0
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c301cbc5-701e-00d5-7dfc-c75b45000000
x-ms-version: 2009-09-19
content-length: 2017

GET
H/1.1 200
OK cookiecompliance.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 9 KB
3 KB 38ms
9ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/cookiecompliance.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "3b57f0f37662d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: DB5PEPF0000279E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1704
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:30:09 GMT
X-OFFICEFD: DB5PEPF000040A7
X-MSEdge-Ref: Ref A: EDF25410CAEF4C72AAFCA2B5E5829C8C Ref B: AMS04EDGE0412 Ref C: 2020-07-25T11:55:55Z
X-UserSessionId: cd8161b6-b84c-44b0-a67d-cf47d222fb58
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: cd8161b6-b84c-44b0-a67d-cf47d222fb58
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 378 KB
94 KB 52ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/common.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

0a286890a4389ca5ebfedbb7fec78d551ce23208a277f526ca14fb39d5055935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ab80e7b37662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004734
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 95866
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:21 GMT
X-OFFICEFD: AM4PEPF00004639
X-MSEdge-Ref: Ref A: 53431D643ABF4BBF92D8CDC1A251471C Ref B: AM3EDGE0212 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: 686e9af8-16e5-46d3-803b-1cff4ed3d0b6
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 686e9af8-16e5-46d3-803b-1cff4ed3d0b6
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacBoot.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 47 KB
11 KB 52ms
11ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/wacBoot.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f313680d73dc390d5943c1706dd955706b87cc4e22d7e68276cf66b3a87abada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "bca7c327662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF00004733
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10589
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:24:44 GMT
X-OFFICEFD: AM4PEPF00004633
X-MSEdge-Ref: Ref A: 311E1ED4D9FE4F3EB94F5B06BEAA498B Ref B: AM3EDGE0212 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: c9f467cd-b086-423a-a416-263e573d04ad
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c9f467cd-b086-423a-a416-263e573d04ad
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteSync.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 117 KB
30 KB 57ms
15ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/onenoteSync.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

fbb8a5d8b4c64ba04493ab619079265df5adb4b705f1375caea95a992b333cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "5348fcc5b62d61:0"
X-OfficeCluster: NL3S
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF000020E9
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control,1jcz=afd_onenoteslice
Content-Length: 30084
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control,afd_onenoteslice
Last-Modified: Sat, 25 Jul 2020 08:10:25 GMT
X-OFFICEFD: AM4PEPF00001FFB
X-MSEdge-Ref: Ref A: 28D4EC5CCE7E4BCE93310851A0850974 Ref B: AMS04EDGE1008 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: addb3aec-7f8c-4ceb-a9ec-42de4ae4541e
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: addb3aec-7f8c-4ceb-a9ec-42de4ae4541e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 105 KB
24 KB 35ms
9ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"78ff4b47662d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: DB5PEPF000040EB
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 23506
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:21 GMT
X-OFFICEFD: DB5PEPF000040B6
X-MSEdge-Ref: Ref A: 3A4B1DD6D15E48299A7363866CBC87BD Ref B: AMS04EDGE0813 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: f9c838e5-d980-4726-9361-5f5acfed99f5
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f9c838e5-d980-4726-9361-5f5acfed99f5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 83 KB
20 KB 35ms
10ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

f08ba68b4815053b4a6df6a1f7f5ca57b464a943a2c331ea46278df82fade02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ea8293ea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004736
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 20030
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF00004639
X-MSEdge-Ref: Ref A: 5F08ECFA9732471293E6706DE9127AB9 Ref B: AMS04EDGE0411 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: b9aac08d-4205-4906-afce-802c87f184d8
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b9aac08d-4205-4906-afce-802c87f184d8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 6 KB
2 KB 48ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "a970b4387662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004735
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Sat, 25 Jul 2020 11:24:55 GMT
X-OFFICEFD: AM4PEPF0000000C
X-MSEdge-Ref: Ref A: FCA992E724D0447CADDF4D32FD11153F Ref B: AMS04EDGE1008 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: 05ce60cb-dfdb-4e98-bb9e-dfcba2efe022
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 05ce60cb-dfdb-4e98-bb9e-dfcba2efe022
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Box4Intl.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 70 KB
12 KB 14ms
13ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/Box4Intl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ef89cf6124f4e731c64ef893b79226439d03784fe00163893cf4f360057d3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"5376d8ea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004736
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 11756
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF0000464A
X-MSEdge-Ref: Ref A: 5ED7F93DB21D4D5DA12EFEE40D904F6C Ref B: AM3EDGE0705 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: 66be0e07-bc90-453b-809f-ce997a984642
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 66be0e07-bc90-453b-809f-ce997a984642
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WoncaIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 28 KB
6 KB 12ms
11ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/WoncaIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a4bd3fd7c4adf16943873c9bb06534320bd8c4a16b905de8a457664e2312c6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"db1f97ea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 4854
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF0000462C
X-MSEdge-Ref: Ref A: 5CEB6D6784AF4A2A95AB1C635CFA1024 Ref B: AMS04EDGE0214 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: fefab170-d21a-49b3-afcb-1e86eb3bd967
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: fefab170-d21a-49b3-afcb-1e86eb3bd967
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 30 KB
6 KB 20ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/OneNoteIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6ca818218f8a115c3172f67c2f0a1606eb05e1f698ef9def63401ef8b3bdb431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"da8bfea7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5550
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:53 GMT
X-OFFICEFD: AM4PEPF00004626
X-MSEdge-Ref: Ref A: 5FFA73277CD146FE8FE5E6825CFD1559 Ref B: AMS04EDGE0807 Ref C: 2020-07-25T11:29:53Z
X-UserSessionId: 7e4d496b-ad55-4f74-92cd-cb01c012111f
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 7e4d496b-ad55-4f74-92cd-cb01c012111f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 3 MB
627 KB 19ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

c82fb0f88cbcd7c61e549082de6a00f7002d4d323f5823dc3f9f0ded07e8f4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "784a35647662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 640947
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Sat, 25 Jul 2020 11:26:08 GMT
X-OFFICEFD: AM4PEPF0000461C
X-MSEdge-Ref: Ref A: AFE82AF7C96C4BB685AFCB3FA9000712 Ref B: AMS04EDGE1008 Ref C: 2020-07-25T11:28:22Z
X-UserSessionId: d11d376c-fcf0-4418-8223-8d015c1de686
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d11d376c-fcf0-4418-8223-8d015c1de686
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jSanity.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 11 KB
4 KB 15ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/jSanity.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"61722b47662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3414
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:22 GMT
X-OFFICEFD: AM4PEPF00004634
X-MSEdge-Ref: Ref A: A412ED0E15B34765A355827BCAF4E62F Ref B: AM3EDGE1010 Ref C: 2020-07-25T11:28:22Z
X-UserSessionId: b8fa7c28-6b0c-426a-9ec9-91cc40d7c0c4
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b8fa7c28-6b0c-426a-9ec9-91cc40d7c0c4
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
347 B 21ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: c2ec4c01-e893-4ce6-aed3-becc8bab5c54
x-officefd: AM4PEPF0000000D
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 081B8F746D3E44FBB519EF951E639E13 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
217 B 21ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":32,"Value":"https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00002411
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1jd0=afd_visioslice_control
content-length: 0
x-msedge-features: typeheadertest,afd_visioslice_control
x-correlationid: 55ed5345-3d94-4a8f-9ba8-c95fc66efe74
x-officefd: AM4PEPF0000464A
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 33124FBE994B4C41B91229171BD2D44F Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

GET
H/1.1 200
OK segoeui-semilight-final.woff
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 25 KB
26 KB 10ms
9ms Font
font/x-woff 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/segoeui-semilight-final.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/OneNote.css
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "67dc9c387662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF00004733
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 25997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Sat, 25 Jul 2020 11:24:54 GMT
X-OFFICEFD: AM4PEPF00004656
X-MSEdge-Ref: Ref A: D949FD4EEA3D422DB21A1F75CC4121E4 Ref B: AMS04EDGE0322 Ref C: 2020-07-25T11:55:55Z
X-UserSessionId: e06fc2fe-bfb8-45f5-ad04-eb4e5ea9c1bf
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: e06fc2fe-bfb8-45f5-ad04-eb4e5ea9c1bf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui.woff
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 22 KB
23 KB 10ms
9ms Font
font/x-woff 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/segoeui.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/OneNote.css
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "53026d37762d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004738
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:36:23 GMT
X-OFFICEFD: AM4PEPF00004628
X-MSEdge-Ref: Ref A: F6F2E16A94F248529043D4C573BA8C12 Ref B: AMS04EDGE0307 Ref C: 2020-07-25T11:55:55Z
X-UserSessionId: 04d874fa-de66-49be-bbca-3d383bedbd95
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 04d874fa-de66-49be-bbca-3d383bedbd95
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
339 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":122,"Value":"Making GetCells Request","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00004737
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1g3n=afd_wordslice_control
content-length: 0
x-msedge-features: typeheadertest,afd_wordslice_control
x-correlationid: e948e6d1-243a-4d02-a36e-d774c8ecc10a
x-officefd: AM4PEPF00004645
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 1E72660D52D542F296F1C3342FFCFBF4 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 OneNote.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 137 KB
22 KB 1100ms
1100ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNote.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/wacBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83b6a7bb4eb51c68ce34d6ab87dabdb43f2648974c0ddfa1b52366a109468d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-AccessToken: 4wsQ7mX1r_PEYY9hP6ex6YQgO65qAdWp1i0Hppt_zWZSry-SniI7WqyyWhnWvEnfzvuBZvEH1H9wz4avUpl4LrcN39bPP8WREwqXREsVShXy8IgOFjzzHCL28bn6rFRH6MEu1UZu0YNrQft9SwZ2FXWQ
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-ServerSideRendering: RenderingNoImages
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-SessionStartDimensions: {"Application":"OneNote","Browser":"Chrome","BrowserMajorVersion":"83","BrowserVersion":"83.0.4103","Host":"OneDriveWOPI","IsSynthetic":"False","Os":"Mac OS X","Ring":"5","RoutedVia":"AzureFrontDoor","UserSessionApplicationMode":"View","WACDatacenter":"NL3"}
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1jcz=afd_onenoteslice_control
content-length: 22704
pragma: no-cache
x-msedge-features: typeheadertest,afd_onenoteslice_control
x-correlationid: 87d13617-e890-4675-8fc8-220c14c75a1c
x-officefd: AM4PEPF00004656
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: 5B935CB630B143BC8CAC82BF0C07C26F Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
256 B 23ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000462D
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00002411
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity_control,1jd0=afd_visioslice
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity_control,afd_visioslice
x-correlationid: e1a61650-97ff-4054-afa2-b3e8ff67bbe6
x-officecluster: NL3
x-ccr: true
x-usersessionid: e1a61650-97ff-4054-afa2-b3e8ff67bbe6
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 50CF0D0B61F447DB9EB2124584C541F0 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
165 B 22ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000000D
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity_control,1jcy=afd_excelslice_control
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity_control,afd_excelslice_control
x-correlationid: 4d010a4c-6f30-4e41-a5d5-ba4724e4d898
x-officecluster: NL3
x-ccr: true
x-usersessionid: 4d010a4c-6f30-4e41-a5d5-ba4724e4d898
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 2F44A046B61A4CB8A43DD3EAFB174441 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
307 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000463B
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: 688b5885-60bc-4e4a-a949-d7a5564b462c
x-officecluster: NL3
x-ccr: true
x-usersessionid: 688b5885-60bc-4e4a-a949-d7a5564b462c
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 7E7BDE56D4434977BDB56BE0FFAC9ABA Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
267 B 21ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000465A
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity_control,1jcy=afd_excelslice_control
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity_control,afd_excelslice_control
x-correlationid: 1fc0e073-05af-4a2f-a1ab-4aca951ff548
x-officecluster: NL3
x-ccr: true
x-usersessionid: 1fc0e073-05af-4a2f-a1ab-4aca951ff548
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 4CA1BA579E4948339D8D9136848C9AE9 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
377 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":371,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00002405
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: 22c9a556-93ab-4943-9235-1f4e59337856
x-officefd: AM4PEPF00004628
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 8702D3BA933F4BA1B20D7EE5BFA4F517 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 378 KB
94 KB 11ms
11ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/common.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

0a286890a4389ca5ebfedbb7fec78d551ce23208a277f526ca14fb39d5055935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ab80e7b37662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004734
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 95866
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:21 GMT
X-OFFICEFD: AM4PEPF00004639
X-MSEdge-Ref: Ref A: 53431D643ABF4BBF92D8CDC1A251471C Ref B: AM3EDGE0212 Ref C: 2020-07-25T11:28:21Z
X-UserSessionId: 686e9af8-16e5-46d3-803b-1cff4ed3d0b6
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 686e9af8-16e5-46d3-803b-1cff4ed3d0b6
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-ribbon-intl.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 161 KB
31 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/onenote-ribbon-intl.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6b4f4fc885781a94eaaa0dad73897457da51d6503b9040403339464973bf9b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"3bfaf8eb7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004734
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015
Content-Length: 30625
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:29:55 GMT
X-OFFICEFD: AM4PEPF0000462B
X-MSEdge-Ref: Ref A: C3E985B42ACB4676996B4EF0AA5186F5 Ref B: AM3EDGE0619 Ref C: 2020-07-25T11:29:55Z
X-UserSessionId: 5ec20d00-0c5f-4af3-8e99-3cee0dab5741
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5ec20d00-0c5f-4af3-8e99-3cee0dab5741
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChrome.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 510 KB
94 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appChrome.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4cbe492e48ac5e67cc4021bb64ac39d7b6586d3d67a76ed231c586cf761c15ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "ac43a9a77662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000240E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcx=afd_powerpointslice
Content-Length: 95729
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_powerpointslice
Last-Modified: Sat, 25 Jul 2020 11:28:01 GMT
X-OFFICEFD: AM4PEPF00004646
X-MSEdge-Ref: Ref A: E8454620986D403E9A5535AF91DD6CA2 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:41Z
X-UserSessionId: c9463fd7-f017-47ef-95e8-c995f81c4507
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c9463fd7-f017-47ef-95e8-c995f81c4507
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 40 KB
7 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "33101cf44d62d61:0"
X-OfficeCluster: NL3S
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF000020E6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1g3n=afd_wordslice,1i78=afd_wordcapacity_control
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordslice,afd_wordcapacity_control
Last-Modified: Sat, 25 Jul 2020 06:36:40 GMT
X-OFFICEFD: AM4PEPF00001FFC
X-MSEdge-Ref: Ref A: 0FD5EA337E404EE7B947FB73033FC2F5 Ref B: AMS04EDGE0813 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: fb477f1b-ffb0-45df-9c09-a8fcb285405d
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: fb477f1b-ffb0-45df-9c09-a8fcb285405d
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 OneNoteS2SHandler.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 189 B
600 B 224ms
224ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&access_token=4wsQ7mX1r%5FPEYY9hP6ex6YQgO65qAdWp1i0Hppt%5FzWZSry%2DSniI7WqyyWhnWvEnfzvuBZvEH1H9wz4avUpl4LrcN39bPP8WREwqXREsVShXy8IgOFjzzHCL28bn6rFRH6MEu1UZu0YNrQft9SwZ2FXWQ&access_token_ttl=1597746715644

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
pragma: no-cache
x-msedge-features: typeheadertest
x-correlationid: 3c0f5f5b-d35a-49a5-b234-bce23e9ddfaf
x-officefd: AM4PEPF00004634
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:56 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: BE8A5FA6ED654F57A9D80C99FB5566CA Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:56Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 6 KB
7 KB 35ms
9ms Image
image/png 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/wapsw.png?b=1601312441001

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"7c40bd397c62d61:0"
X-OFFICEFD: DB5PEPF00004073
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: DB5PEPF000040E6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 12:07:53 GMT
X-OfficeCluster: IE3
X-MSEdge-Ref: Ref A: FCA2BDBEC16645A094084B42137DD89E Ref B: AMS04EDGE0113 Ref C: 2020-07-25T12:07:53Z
X-UserSessionId: e7700252-e9df-4d4b-83ec-d4bd7e346873
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: e7700252-e9df-4d4b-83ec-d4bd7e346873
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 695 B
2 KB 35ms
9ms Image
image/gif 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "157454117662d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: DB5PEPF0000279A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:23:49 GMT
X-OFFICEFD: DB5PEPF000040A2
X-MSEdge-Ref: Ref A: BB1685CA0D514B1B9407013D0837F9F7 Ref B: AM3EDGE0315 Ref C: 2020-07-25T11:55:56Z
X-UserSessionId: e0bd2103-187a-47bf-994c-68e058badf83
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: e0bd2103-187a-47bf-994c-68e058badf83
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 11 KB
12 KB 12ms
11ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/box42.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

2653d32419de95c0f6dfde35c2a0153291075d3011177ebe848126a613c087f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "59869b647662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004735
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcy=afd_excelslice_control
Content-Length: 11558
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_excelslice_control
Last-Modified: Sat, 25 Jul 2020 11:26:08 GMT
X-OFFICEFD: AM4PEPF00004637
X-MSEdge-Ref: Ref A: A67C5245536F4778B269480A2E8A76F0 Ref B: AMS04EDGE0322 Ref C: 2020-07-25T11:55:56Z
X-UserSessionId: a66a7a08-2dec-404f-b0d0-71750d1d17ed
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a66a7a08-2dec-404f-b0d0-71750d1d17ed
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box43.png
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 3 KB
4 KB 12ms
12ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/box43.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d47887dbd63988ad37b916b9d175dd22d6afc7490966b1fa1b116f77f781721e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "35c331607762d61:0"
X-OFFICEFD: AM4PEPF00004639
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004736
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3124
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:33:10 GMT
X-OfficeCluster: NL3
X-MSEdge-Ref: Ref A: 501992622B6941A09C43BFC396F1999D Ref B: AMS04EDGE0522 Ref C: 2020-07-25T11:48:13Z
X-UserSessionId: 38b72381-3a13-42f5-8020-cdf4444fd050
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 38b72381-3a13-42f5-8020-cdf4444fd050
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OreoSlice1.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 836 KB
197 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

5b837360c102f1fe03b8b69eaa9b35217ca8c3b52ce116a0c102ee2fdf1ad450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "59efb73a7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004738
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 201212
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:24:58 GMT
X-OFFICEFD: AM4PEPF0000464C
X-MSEdge-Ref: Ref A: 99F57BF74838479783B757135FF459A7 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: b3b312db-5f67-4966-a71b-6a922d01fcbf
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b3b312db-5f67-4966-a71b-6a922d01fcbf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 latest.woff2
www.microsoft.com/fonts/segoe-ui/west-european/normal/ Frame B40A 33 KB
34 KB 65ms
45ms Font
font/woff2 2a02:26f0:6c00:183::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff2

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

date: Tue, 28 Jul 2020 10:31:57 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
x-rtag: RT
status: 200
etag: "588d483e9c7d51:0"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://onenote.officeapps.live.com
tls_version: tls1.2
cache-control: public, max-age=611740
accept-ranges: bytes
content-length: 34052

GET
H/1.1 200
OK oreonavpanelegacy.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 473 KB
87 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/oreonavpanelegacy.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

5db631b85295c7d810b7e6a16b1750abfaee1470bae78146ea0ec3369cbbf99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"49486bc07662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004739
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 88534
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:42 GMT
X-OFFICEFD: AM4PEPF00004657
X-MSEdge-Ref: Ref A: 91ADF34EDCB24AA0AEAB00D367D03B92 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: 1f66faaf-78b6-4dac-a041-1f68418ef59f
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1f66faaf-78b6-4dac-a041-1f68418ef59f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreolazylegacy.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 169 KB
38 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/oreolazylegacy.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

7e2d010f4920c269ca0c945a8681e5723efc5f2b68106c2a26f5c7d7dbcd345f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"22593da57662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015
Content-Length: 38238
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:27:57 GMT
X-OFFICEFD: AM4PEPF0000462B
X-MSEdge-Ref: Ref A: 39A0C2D732C24B699960B8FB020525A2 Ref B: AMS04EDGE0317 Ref C: 2020-07-25T11:27:57Z
X-UserSessionId: f108b622-8179-49c1-ad79-05d20677cf15
Date: Tue, 28 Jul 2020 10:31:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f108b622-8179-49c1-ad79-05d20677cf15
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteloadingspinnerlegacy.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 22 KB
3 KB 40ms
39ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/onenoteloadingspinnerlegacy.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

2c70d8be7fd2658bce30f195cecd962c8f29f15792170d93c9b008bcfb1629c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "78e0b9227662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004736
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1857
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:24:18 GMT
X-OFFICEFD: AM4PEPF00004652
X-MSEdge-Ref: Ref A: 2A3A5F6B7EF6415DA5C14EB8842C6CC1 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: f89bf055-17d1-461e-9aae-0f0097128157
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f89bf055-17d1-461e-9aae-0f0097128157
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreonotebookpanelegacy.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 91 KB
21 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/oreonotebookpanelegacy.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1310d17158e78f28675b29716359d115fcc7aa3afd99c9f3d62a98abf6860cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "744423387662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF00004733
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 20485
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:24:54 GMT
X-OFFICEFD: AM4PEPF0000463A
X-MSEdge-Ref: Ref A: 6CF5EDC3FF4B494FB6AE491C50E43403 Ref B: AM3EDGE0212 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: 19da117e-c66c-4240-9c04-c99e2ba6593b
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 19da117e-c66c-4240-9c04-c99e2ba6593b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreosearchpanelegacy.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 149 KB
34 KB 21ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/oreosearchpanelegacy.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

b5ddd459109494c957c6caeabbf31fe3c0b209d0dd597a5d71a4931b87e19a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a8a784c07662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 33867
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:42 GMT
X-OFFICEFD: AM4PEPF00004657
X-MSEdge-Ref: Ref A: 64C189BAD8E94038AB78D0D8EDF5D4E9 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:42Z
X-UserSessionId: dcb038b3-c2fb-4e28-8cb9-514f9f1c2d5a
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: dcb038b3-c2fb-4e28-8cb9-514f9f1c2d5a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK strings Show response
site-cdn.onenote.net/ Frame B40A 5 KB
2 KB 116ms
31ms Fetch
application/json 23.37.58.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://site-cdn.onenote.net/strings?ids=Oreo.Navpane.&locale=en-US

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OreoSlice1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-58-89.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b353428367e877e8cb12ef76c3e7440c992fc425d37f1008fcaf91af73087aa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .teams.microsoft.us teams.microsoft.us *.skype.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-OfficeCluster: weu-000.site.onenote.com
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-OfficeFE: SiteFrontEnd_IN_3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1400
X-XSS-Protection: 1; mode=block
X-AspNetMvc-Version: 5.2
X-CorrelationId: 5772b0c6-3d4d-46ef-a364-44b07f2ac90b
Server: Microsoft-IIS/10.0
X-UserSessionId: 5772b0c6-3d4d-46ef-a364-44b07f2ac90b
Date: Tue, 28 Jul 2020 10:31:57 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Cache-Control: private, max-age=72813
Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.skype.com
X-OfficeVersion: 16.0.13116.31557

GET
DATA 200
OK truncated
/ Frame B40A 562 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d7dd171a7aeffc1b8217accdb8b0744c41fd86cacbfd7485224f254e1e54f21

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
269 B 22ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1248,"Value":"Get cells response received:200","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: f315b13a-ba7d-4c83-ae6d-c07595d31106
x-officefd: AM4PEPF0000462B
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D7A096AE4EBF4AE0B672AB06711CE040 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 695 B
2 KB 9ms
9ms Image
image/gif 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_resources/1033/progress.gif

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "157454117662d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: DB5PEPF0000279A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:23:49 GMT
X-OFFICEFD: DB5PEPF000040A2
X-MSEdge-Ref: Ref A: BB1685CA0D514B1B9407013D0837F9F7 Ref B: AM3EDGE0315 Ref C: 2020-07-25T11:55:56Z
X-UserSessionId: e0bd2103-187a-47bf-994c-68e058badf83
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: e0bd2103-187a-47bf-994c-68e058badf83
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 GetImage.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 5 KB
4 KB 395ms
394ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF8A68C78B3C23B34%21112&access_token=4wwZcESLnO%2DYM%5FXWN7kVqGYwt6xs%2DHMfxBGBEk%2DUiIdEWPICcOsjhdvESCC0omDzQUAMBTKhX%5FE%2DBpHbgYhyqc%2DwW897jnyHCFeDPCkQyNkA%5Fb0Vt%5FHyHDaldePR9rEQedOyo%2Df%5FK08a%5FBbnl1jonhuw&access_token_ttl=1597746715644&ObjectDataBlobId=%7B347571f0-9a1f-4d26-bdf5-bbd35856a0c3%7D%7B1%7D&usid=0736b599-7807-4f5f-b737-9e03d89b6a5e&build=16.0.13124.41001&waccluster=NL3&wdwacuseragent=MSWACONSync&DataUrlEnabled=true

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a96c44f56b32b8a28308d63690f082929bc11213aaaef5233fe703eaad0045df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 3257
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF8A68C78B3C23B34%21112&access_token=4wwZcESLnO%2DYM%5FXWN7kVqGYwt6xs%2DHMfxBGBEk%2DUiIdEWPICcOsjhdvESCC0omDzQUAMBTKhX%5FE%2DBpHbgYhyqc%2DwW897jnyHCFeDPCkQyNkA%5Fb0Vt%5FHyHDaldePR9rEQedOyo%2Df%5FK08a%5FBbnl1jonhuw&access_token_ttl=1597746715644{347571f0-9a1f-4d26-bdf5-bbd35856a0c3}{1}"
x-msedge-features: typeheadertest
x-correlationid: 3c218579-2f09-46b4-9115-1c65b1398f66
x-officefd: AM4PEPF00004627
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 7E2DB0C1F06143BBB59223841087F1B1 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *
expires: Wed, 28 Jul 2021 10:31:57 GMT

GET
H2 200 GetImage.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 11 KB
9 KB 411ms
411ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF8A68C78B3C23B34%21112&access_token=4wwZcESLnO%2DYM%5FXWN7kVqGYwt6xs%2DHMfxBGBEk%2DUiIdEWPICcOsjhdvESCC0omDzQUAMBTKhX%5FE%2DBpHbgYhyqc%2DwW897jnyHCFeDPCkQyNkA%5Fb0Vt%5FHyHDaldePR9rEQedOyo%2Df%5FK08a%5FBbnl1jonhuw&access_token_ttl=1597746715644&ObjectDataBlobId=%7B8c94097c-6c5e-4ffd-b85b-965478d104c9%7D%7B1%7D&usid=0736b599-7807-4f5f-b737-9e03d89b6a5e&build=16.0.13124.41001&waccluster=NL3&wdwacuseragent=MSWACONSync&DataUrlEnabled=true

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fe989ecd16fb61ff92eb1cde2c20fd154d525667e51558ce4f98f63cc2a2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00004738
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 8775
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF8A68C78B3C23B34%21112&access_token=4wwZcESLnO%2DYM%5FXWN7kVqGYwt6xs%2DHMfxBGBEk%2DUiIdEWPICcOsjhdvESCC0omDzQUAMBTKhX%5FE%2DBpHbgYhyqc%2DwW897jnyHCFeDPCkQyNkA%5Fb0Vt%5FHyHDaldePR9rEQedOyo%2Df%5FK08a%5FBbnl1jonhuw&access_token_ttl=1597746715644{8c94097c-6c5e-4ffd-b85b-965478d104c9}{1}"
x-msedge-features: typeheadertest
x-correlationid: b81be9d9-bf16-4690-b005-a4d756193eb4
x-officefd: AM4PEPF00004622
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 2C37A91388714CCC82D5338074E0F3C9 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *
expires: Wed, 28 Jul 2021 10:31:57 GMT

GET
H2 200 config16 Show response
officeclient.microsoft.com/ Frame B40A 272 B
416 B 45ms
45ms XHR
application/xml 52.109.32.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.ResourceService4Next&services=ResourceServiceEndpoint2

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.32.27 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

372ce761ecdd7f7c981dbecde804428e20ce43a57cf85945afb68e7f92cb8fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/xml
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Jul 2020 10:31:57 GMT
x-content-type-options: nosniff
x-officecluster: ukw-config.officeapps.live.com
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.13126.30526
x-officefe: ConfigSvcFrontEnd_IN_25
status: 200
x-office-cachecleardate: 2009-01-01T00:00:00
content-length: 272
server: Microsoft-IIS/10.0
pragma: no-cache
x-correlationid: 89262a98-8910-4f33-b6f4-4df6352c7f52
x-office-cacheduration: 1440
x-powered-by: ASP.NET
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-CorrelationId,X-Ms-Diagnostics,X-OfficeCluster
cache-control: no-cache
timing-allow-origin: https://onenote.officeapps.live.com
access-control-allow-headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,odata-version,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext,X-Office-IncrementalSync,SOAPAction,SubstrateBearer
expires: -1

GET
DATA 200
OK truncated
/ Frame B40A 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f74ca5dcdb18cae54c41578e1a886b97fa32066ea19ecad244d7b153b768987

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B40A 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7523f1b15accd5aadc8fc9335a62008441693b044895f77a55cd716363b2c63

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 82 KB
83 KB 10ms
10ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/one.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3f51e202dd7ec9794105e0c3ed320bd8ecde1a864e385ae4751c7753f5a4518b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "5eda5dbc7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 83900
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:35 GMT
X-OFFICEFD: AM4PEPF00004644
X-MSEdge-Ref: Ref A: A265B8D670F747B1A82B10A05C98AEC4 Ref B: AMS04EDGE0514 Ref C: 2020-07-25T11:55:57Z
X-UserSessionId: 4b0c7bc8-526f-46df-b517-b724706500b5
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 4b0c7bc8-526f-46df-b517-b724706500b5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame B40A 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 224fee18af9335de54bccd25afe520252cc5c932ba1dd8a84e92ad6a686e9de7

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B40A 691 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d349beb8b108ff60c593482cc1883cfc9ffa8f00ed48885e7a8bcba69cc3b281

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
168 B 23ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":5,"MsSinceStart":1249,"Value":"Launching FastView from entry point WacBootGetCells","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00004736
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: aa3287f9-7e5a-4a67-a037-8a9cfc598a71
x-officefd: AM4PEPF0000464A
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DCEDC190CFBC480E888EADEA212D3455 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *

GET
H/1.1 200
OK listAll.json Show response
fs.microsoft.com/fs/4.9/ Frame B40A 195 KB
28 KB 88ms
26ms XHR
application/octet-stream 23.210.248.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.9/listAll.json
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.85 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4339ef6fc484d48533e9da01ab8016b060f3c378c63ed58ee5ffd869121fc362

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:23:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "958aa5a1d582d51:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=76261
Content-Length: 27772
Content-Disposition: attachment; filename=listAll.json
Connection: keep-alive
Accept-Ranges: bytes
X-CID: 2

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
140 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":6,"MsSinceStart":1577,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00002405
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: 21c920b6-45c3-4b84-8f36-acaa728eaed1
x-officefd: AM4PEPF0000462B
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 845F9C389D9B473CBB8AB0E4050797FC Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/ Frame B40A 397 KB
79 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ad2c438a3df47822819ba4bb6921891580bcbe543d65ad1393948ec87eefab0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"3afb2d7862d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 79509
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:38:56 GMT
X-OFFICEFD: AM4PEPF00004658
X-MSEdge-Ref: Ref A: FF52E2D0415749489FB13538F8993DC5 Ref B: AM3EDGE0814 Ref C: 2020-07-25T11:38:56Z
X-UserSessionId: 2205829e-2e0f-43f8-a463-0226e74c9976
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 2205829e-2e0f-43f8-a463-0226e74c9976
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
220 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":7,"MsSinceStart":1604,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000240E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity_control
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity_control
x-correlationid: 4c91fe2e-93ee-4b00-8609-5efe62a27824
x-officefd: AM4PEPF0000033F
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 22A26837050C4536BE0594CCD7A089BA Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *

GET
H/1.1 200
OK onenote-ribbon-sprite-lazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 137 KB
22 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

758aaae21039ead139911676ff91632bf7339512c3bfb7c41d52eb21397c0657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "855b367a7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 21564
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:26:45 GMT
X-OFFICEFD: AM4PEPF00004645
X-MSEdge-Ref: Ref A: FCB61A3AFB054A6C891397D0F5B8CE30 Ref B: AM3EDGE0619 Ref C: 2020-07-25T11:29:57Z
X-UserSessionId: a87e49ff-7815-455a-8dd3-2d0bef891226
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a87e49ff-7815-455a-8dd3-2d0bef891226
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common50.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 625 KB
132 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/common50.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e03e79dcdf0200c08b44871ed46f77c09cf23db69c1a9e6902cf0ef504698f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b478cbc27662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000240E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 134274
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Sat, 25 Jul 2020 11:28:46 GMT
X-OFFICEFD: AM4PEPF00004637
X-MSEdge-Ref: Ref A: 5B19EEBAAFCC4D028ACC96CE6E189410 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:46Z
X-UserSessionId: 75efc4cb-0a19-4a45-a2ac-38c39d70e482
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 75efc4cb-0a19-4a45-a2ac-38c39d70e482
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appIconsLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 279 KB
61 KB 15ms
15ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appIconsLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e8c3fd5fa6be196ca629bbe988eb479c6538b861118d03eb0cade672ab2cad26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"6f585c07662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004736
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015
Content-Length: 61266
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:42 GMT
X-OFFICEFD: AM4PEPF0000461D
X-MSEdge-Ref: Ref A: C668F4E57F544225A5A9CD36DC45868C Ref B: AM3EDGE1010 Ref C: 2020-07-25T11:28:46Z
X-UserSessionId: d7650a65-79f0-4346-96a1-27bf1a6a9d7e
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d7650a65-79f0-4346-96a1-27bf1a6a9d7e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChromeLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 483 KB
105 KB 15ms
15ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

063527abb8af04e5722831ea8677b1c2042e0959af0fdcb4d3ada41cfd4f04c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"716dcac27662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 106271
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:46 GMT
X-OFFICEFD: AM4PEPF0000461C
X-MSEdge-Ref: Ref A: 9806C76326554ADCBAF4C9F4FF2C7562 Ref B: AMS04EDGE1008 Ref C: 2020-07-25T11:28:46Z
X-UserSessionId: 99448f1f-ce45-4b73-b758-1caaad13a454
Date: Tue, 28 Jul 2020 10:31:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 99448f1f-ce45-4b73-b758-1caaad13a454
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
374 B 22ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wsQ7mX1r_PEYY9hP6ex6YQgO65qAdWp1i0Hppt_zWZSry-SniI7WqyyWhnWvEnfzvuBZvEH1H9wz4avUpl4LrcN39bPP8WREwqXREsVShXy8IgOFjzzHCL28bn6rFRH6MEu1UZu0YNrQft9SwZ2FXWQ
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1597746715644
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-buls-suppressionetag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: cf099d5c-fe47-4099-a1b1-84274b448197
x-officefd: AM4PEPF00004648
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:57 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5FA61C2389154E87A2558A5FC1D71A91 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:57Z
timing-allow-origin: *

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/ 92 KB
33 KB 24ms
23ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
status: 200
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE70E43B509
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e990cb57-901e-0111-35a0-3a6c9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26660956
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-6407c496.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/ 331 KB
102 KB 25ms
25ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac_s_office-6407c496.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 302bc96b46313eeff8c535c12cdd87fe4ad8d9a9ce23ec16ae477292e5c51f86

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: ZAfElg2SBIi5Ss/C7kFHlA==
status: 200
content-length: 103470
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE71611B704
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dcfa1a3a-301e-003a-4fa0-3a5e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661052
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK 36796050726
fs.microsoft.com/fs/4.9/rawguids/ Frame B40A 1 MB
601 KB 34ms
34ms Font
application/octet-stream 23.210.248.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.9/rawguids/36796050726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.85 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5802737795e427edef6224d56cf32f9641f938adf6c919dc829ce4f748d9afab

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9357a7dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=70899
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=36796050726
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK officebrowserfeedback.css
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/ Frame B40A 16 KB
3 KB 10ms
9ms Stylesheet
text/css 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

c526ea3061d6f3fad1072adf3983375f3a12c9dd507cb529b80fcb173550d8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "1b7f31e7662d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: DB5PEPF000040E8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 2382
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:23:43 GMT
X-OFFICEFD: DB5PEPF00000569
X-MSEdge-Ref: Ref A: 36FB9BAC2EA148028226F9CDAA0B736B Ref B: AMS04EDGE0221 Ref C: 2020-07-25T11:29:42Z
X-UserSessionId: 00790d31-c611-4f54-8350-6a01e4ac3da6
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 00790d31-c611-4f54-8350-6a01e4ac3da6
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/Intl/en/ Frame B40A 5 KB
2 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:39e::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39e::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a661d2f1ae03d18add307d370f7fc69814fbe2f2ea116b2bb2844c8d0345d9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "96af5baa7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF00004734
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1122
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:05 GMT
X-OFFICEFD: AM4PEPF00004644
X-MSEdge-Ref: Ref A: DB37BFFCDBB24A67A0910948A0BC7A75 Ref B: AM3EDGE0814 Ref C: 2020-07-25T11:38:56Z
X-UserSessionId: d0416be5-cc31-4cda-bbd2-ca7fc646661e
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d0416be5-cc31-4cda-bbd2-ca7fc646661e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.box4.dll1.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 2 MB
422 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.box4.dll1.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

90ec3501ab7e5c9e414bd596a50dac9c8246f350aa8bc1dc4b53093d32ffde03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7098e5c27662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity
Content-Length: 431502
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity
Last-Modified: Sat, 25 Jul 2020 11:28:46 GMT
X-OFFICEFD: AM4PEPF0000464C
X-MSEdge-Ref: Ref A: 2A7193E87C154CE5B0489DBBD29F4ADC Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:46Z
X-UserSessionId: 039953be-90df-467d-8ae3-1b44f56892e3
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 039953be-90df-467d-8ae3-1b44f56892e3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 wac2-34e3e925.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/ 311 KB
107 KB 24ms
23ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac2-34e3e925.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2351dd8bfcd6cdd2b5c106e48a086c19167ec3241222f3900a5bcd3d397b1c0b

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: NOPpJYwA9mxMNCQWKHx2tg==
status: 200
content-length: 109231
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE716751E79
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dcfa1b82-301e-003a-6ea0-3a5e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661028
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac0-82320d2a.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/ 15 KB
6 KB 30ms
29ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac0-82320d2a.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f63e4709cafc3d0cd899fa68337dd796247b2a43861c0763047c4b6e16961c44

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: gjINKvdBtSXfDHSY4MXuHA==
status: 200
content-length: 6066
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE715AACC7E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e990cc4f-901e-0111-0fa0-3a6c9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26660973
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/ 47 KB
14 KB 31ms
30ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/View.aspx?resid=F8A68C78B3C23B34!104&wd=target(WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae/Nancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f/)&wdo=2&authkey=!AHfiyn7U5BTIODU
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
status: 200
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:01:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE715C55E1E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4483a524-401e-0058-1da0-3a19a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26660831
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 CampaignMetadataAggregator Show response
messaging.office.com/lifecycle/ Frame B40A 159 B
462 B 320ms
320ms Fetch
application/json 52.109.52.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.13124.41001&campaignParams=hasStorage%3Dtrue%26pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26AppHostName%3DOneDriveWOPI%26AppMode%3DVIEW%26Datacenter%3DNL3%26UpsellMode%3DShowNothing%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%26&contentType=CampaignContent&puid=&OFC_FLIGHTS=

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.52.36 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

b46475614660782cbdd3ba6a3b3badfee0c8502b5779e33d51a1d21cc864683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onenote.officeapps.live.com/
x-correlationid: e83052d4-6e0e-48c6-b0a9-831c5157094a
x-usersessionid: 91073bad-8707-4485-072f-07539a81388f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: jpe-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-powered-by: ASP.NET
x-officefe: OmexMessagingStorefront_IN_10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
vary: Accept-Encoding
content-length: 148
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: c0111557-6010-4ddc-b480-a00140b957d7
server
x-usersessionid: 91073bad-8707-4485-072f-07539a81388f
date: Tue, 28 Jul 2020 10:31:59 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private, no-store
x-machine: jpe-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_10
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
x-officeversion: 20.4.10623.11825

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://onedrive.live.com

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1 200
OK OneNoteSimplified.Wac.TellMeModel.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/ Frame B40A 205 KB
89 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

7ebf07e5c715518f922f344229223b479e56851490705ec91a43dedd54507710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "c88d7a47662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1g3n=afd_wordslice
Content-Length: 90642
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordslice
Last-Modified: Sat, 25 Jul 2020 11:27:55 GMT
X-OFFICEFD: AM4PEPF00004625
X-MSEdge-Ref: Ref A: 8D6BBE83ED8147EEAF08EB3C87036BED Ref B: AMS04EDGE0418 Ref C: 2020-07-25T11:38:56Z
X-UserSessionId: 20ee581e-8430-4c7c-a7af-672402a44675
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 20ee581e-8430-4c7c-a7af-672402a44675
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteSimplified.Wac.TellMeSuggestionModel.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 124 KB
34 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

24cdc3a8bed362e1efa94bfee82e9100e4ed9a034a229f9d0069d981cbdd75f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"634380c37662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 33841
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:47 GMT
X-OFFICEFD: AM4PEPF00004648
X-MSEdge-Ref: Ref A: F1F9616C66FA49D39AE14B5A18137445 Ref B: AMS04EDGE0819 Ref C: 2020-07-25T11:28:47Z
X-UserSessionId: 7ee55a33-95ff-40a0-be9d-7bb236078b2e
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 7ee55a33-95ff-40a0-be9d-7bb236078b2e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OsfRuntimeOneNoteWAC.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 496 KB
94 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OsfRuntimeOneNoteWAC.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a56c8e34995ef10276558f5e1691e53627cd1bbaedbc75bb4cfd6cf39ba4ee70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d969f63b7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000240E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 95695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:25:00 GMT
X-OFFICEFD: AM4PEPF00004646
X-MSEdge-Ref: Ref A: DE535E734DA44301BDD437E4944D03DB Ref B: AM3EDGE0212 Ref C: 2020-07-25T11:28:47Z
X-UserSessionId: 32636294-db73-45cd-b01a-c418b7d82e97
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 32636294-db73-45cd-b01a-c418b7d82e97
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OfficeExtension.WacRuntime.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 161 KB
16 KB 12ms
11ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OfficeExtension.WacRuntime.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

50170845a660d2259f8e7b495d1b26e85951a6537a472224851d93ed3e046d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "4de293327662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF00004733
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jcx=afd_powerpointslice
Content-Length: 15575
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_powerpointslice
Last-Modified: Sat, 25 Jul 2020 11:24:44 GMT
X-OFFICEFD: AM4PEPF0000462D
X-MSEdge-Ref: Ref A: 5A7B1EE2DC424717BE61EEEE5C39890B Ref B: AM3EDGE1010 Ref C: 2020-07-25T11:28:47Z
X-UserSessionId: a54ea9e9-cb0f-44cb-bae9-6017642e0deb
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a54ea9e9-cb0f-44cb-bae9-6017642e0deb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 Acl1033.js Show response
onenote.officeapps.live.com/o/App_Scripts/Acl/ Frame B40A 19 KB
6 KB 24ms
24ms XHR
application/javascript 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

609fad38751f633572b2c9d463963d017ca5162f6541cf32727c8eebbe2b7c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

haep: 1
X-AccessToken: 4wsQ7mX1r_PEYY9hP6ex6YQgO65qAdWp1i0Hppt_zWZSry-SniI7WqyyWhnWvEnfzvuBZvEH1H9wz4avUpl4LrcN39bPP8WREwqXREsVShXy8IgOFjzzHCL28bn6rFRH6MEu1UZu0YNrQft9SwZ2FXWQ
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1597746715644
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "0c7eeb7262d61:0"
x-officecluster: NL3
x-ccr: true
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00004738
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-length: 5979
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest
last-modified: Sat, 25 Jul 2020 10:55:02 GMT
x-officefd: AM4PEPF00004628
x-msedge-ref: Ref A: 0B3D120CD6B24ABCBD5F93821EE9E7EC Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:58Z
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:58 GMT
vary: Accept-Encoding
content-type: application/javascript
x-correlationid: a1e1a2ed-44e1-4c5a-a123-f74dcf4c4631
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 82 KB
83 KB 10ms
9ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/one.png

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3f51e202dd7ec9794105e0c3ed320bd8ecde1a864e385ae4751c7753f5a4518b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "5eda5dbc7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 83900
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:35 GMT
X-OFFICEFD: AM4PEPF00004644
X-MSEdge-Ref: Ref A: A265B8D670F747B1A82B10A05C98AEC4 Ref B: AMS04EDGE0514 Ref C: 2020-07-25T11:55:57Z
X-UserSessionId: 4b0c7bc8-526f-46df-b517-b724706500b5
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 4b0c7bc8-526f-46df-b517-b724706500b5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 proxy Show response
skyapi.onedrive.live.com/api/ Frame 804A 448 B
556 B 106ms
26ms Document
text/html 13.104.158.177
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://skyapi.onedrive.live.com/api/proxy?v=3

Requested by

Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac_s_office-6407c496.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.104.158.177 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: skyapi.onedrive.live.com
:scheme: https
:path: /api/proxy?v=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&&RD00155D5EA6D6&252; wla42=; mkt=en-US; xidseq=3; E=P:8vprc+Ey2Ig=:qxTEz3eTh66n+yJEsd+t0EfztJb4kFO7yCdc/07ejJ8=:F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

status: 200
cache-control: public
content-length: 295
content-type: text/html
content-encoding: gzip
expires: Wed, 28 Jul 2021 10:31:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver: AM3PPF115EF4899
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: T2/WjMLL0UiUwazUCYW15w.0
x-asmversion: UNKNOWN; 19.511.717.2004
date: Tue, 28 Jul 2020 10:31:58 GMT

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 25ms
25ms Image
image/gif 13.95.147.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac2-34e3e925.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 10:31:57 GMT
x-msnserver: RD0003FF23C253
last-modified: Tue, 14 Jul 2020 22:02:00 GMT
server: Microsoft-IIS/10.0
etag: "29133c662a5ad61:0"
content-type: image/gif
status: 200
cache-control: public,max-age=86400
x-odwebserver: westeurope1-odwebp
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK otelFull.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 173 KB
40 KB 11ms
10ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/otelFull.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

d0b3b75305a9b6be429ef4162615461d3d072cb8cbf410159bf3c87aad3a6259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"6deac27662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015
Content-Length: 39614
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:46 GMT
X-OFFICEFD: AM4PEPF0000462E
X-MSEdge-Ref: Ref A: D7A739D3E2694CA2B61CE142DD32F0DC Ref B: AMS04EDGE1008 Ref C: 2020-07-25T11:28:46Z
X-UserSessionId: ae20c92f-4de0-47f6-ada8-20e16442a6dc
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ae20c92f-4de0-47f6-ada8-20e16442a6dc
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
215 B 23ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000465A
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF00004737
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-msedge-features: typeheadertest
x-correlationid: 3b6ce18f-696c-4ab8-a347-78fbc027327b
x-officecluster: NL3
x-ccr: true
x-usersessionid: 3b6ce18f-696c-4ab8-a347-78fbc027327b
date: Tue, 28 Jul 2020 10:31:58 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: C756E59E82694160A679EE9BD6258069 Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:58Z
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame B40A 412 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 197128f3d52913a605dc17792afa60e3b908456592a0b1eade40300064cffcc8

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame B40A 0
226 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.13124.41001&waccluster=NL3

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161312441001_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wsQ7mX1r_PEYY9hP6ex6YQgO65qAdWp1i0Hppt_zWZSry-SniI7WqyyWhnWvEnfzvuBZvEH1H9wz4avUpl4LrcN39bPP8WREwqXREsVShXy8IgOFjzzHCL28bn6rFRH6MEu1UZu0YNrQft9SwZ2FXWQ
X-UserSessionId: 0736b599-7807-4f5f-b737-9e03d89b6a5e
X-OfficeVersion: 16.0.13124.41001
X-Key: sWgsgr1BeBa4v2Pnyk/pbhrFI9drZhEe21RDaXFJD8E=,637315291161161067
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=/hs1sjuD5kiOKPBz2UI+hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF8A68C78B3C23B34%21104&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1597746715644
X-WacCluster: NL3

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL3
x-officeversion: 16.0.13124.41001
x-officefe: AM4PEPF0000473E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-buls-suppressionetag: 5BE35811B397CC4D909EE2C726529AD5F29B98C6
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity_control
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity_control
x-correlationid: 311b5420-1f62-4687-92f5-3cad15c1632d
x-officefd: AM4PEPF00004622
x-ccr: true
x-usersessionid: 0736b599-7807-4f5f-b737-9e03d89b6a5e
date: Tue, 28 Jul 2020 10:31:58 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 0B32EDA4431C4D559DCAB414133CF88A Ref B: AMS04EDGE0317 Ref C: 2020-07-28T10:31:58Z
timing-allow-origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 8 KB
8 KB 24ms
23ms Image
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//filesbucket3-5286f09d.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
status: 200
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:00:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE7078AFE20
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dcfa223c-301e-003a-5da0-3a5e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661096
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
302 B

42ms
41ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D3913%26IR%3D1%26EX%3D0%26L.h%3D1084%26L.bc%3D1138%26L.ac%3D1148%26L.f%3D1154%26L.sjs%3D3835%26L.ttg%3D2941%26C.st%3D1595932314810%26N.jsPlt%3D1651%26N.domIn%3D1154%26N.req%3D965%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9434190761426395&CtsSyncId=E2C466ABE5CD4B378BA66176E0FC8206&MUID=23DF197AD1646E053025166FD00F6FDE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 10:31:58 GMT
etag: "9b2fd78e4b1ed61:0"
last-modified: Wed, 29 Apr 2020 17:28:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 10:31:58 GMT
x-msedge-ref: Ref A: AFFC20CC4E3548C7ACF63957FE8D9CCC Ref B: FRAEDGE1412 Ref C: 2020-07-28T10:31:58Z
x-powered-by: ASP.NET
status: 302
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&reqid=00265e06e4a&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EC5CC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D3913%26IR%3D1%26EX%3D0%26L.h%3D1084%26L.bc%3D1138%26L.ac%3D1148%26L.f%3D1154%26L.sjs%3D3835%26L.ttg%3D2941%26C.st%3D1595932314810%26N.jsPlt%3D1651%26N.domIn%3D1154%26N.req%3D965%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9434190761426395&CtsSyncId=E2C466ABE5CD4B378BA66176E0FC8206&MUID=23DF197AD1646E053025166FD00F6FDE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK OneNote.box4.dll2.js Show response
c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/ Frame B40A 1 MB
248 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.box4.dll2.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

93c86f582632ff099a7c6fb45fb9b9b1937da2cc0bea9f8cae6085f4c544b46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "5de9bd337662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13124.41001
X-OfficeFE: AM4PEPF00004733
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control
Content-Length: 252552
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control
Last-Modified: Sat, 25 Jul 2020 11:24:46 GMT
X-OFFICEFD: AM4PEPF00004634
X-MSEdge-Ref: Ref A: 95F6CD93C06E4D2EBDE03FB1FFAF4952 Ref B: AM3EDGE1010 Ref C: 2020-07-25T11:28:48Z
X-UserSessionId: cc89160b-cdee-4024-8175-f4e2397bb7de
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: cc89160b-cdee-4024-8175-f4e2397bb7de
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 215ms
43ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 10:31:58 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 195
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001// 8 KB
3 KB 32ms
29ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20200522.001/wac2-34e3e925.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
status: 200
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Sat, 23 May 2020 07:00:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D7FEE7078AFE20
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dcfa223c-301e-003a-5da0-3a5e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26661096
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.pipe.aria.microsoft.com/ Frame B40A 4 B
331 B 240ms
42ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/ping
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 10:31:59 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 jquery-1.7.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame 804A 93 KB
33 KB 84ms
21ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

Requested by

Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/api/proxy?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BBC) /

Resource Hash

e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skyapi.onedrive.live.com/api/proxy?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 10:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1718685
x-cache: HIT
status: 200
content-length: 33735
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:59 GMT
server: ECAcc (mil/6BBC)
etag: "80385acc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/ Frame B40A 82 KB
83 KB 10ms
9ms Image
image/png 2a02:26f0:10c:386::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161312441001_resources/1033/one.png

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:386::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

3f51e202dd7ec9794105e0c3ed320bd8ecde1a864e385ae4751c7753f5a4518b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "5eda5dbc7662d61:0"
X-OfficeCluster: NL3
X-CCR: true
X-OfficeVersion: 16.0.13113.41009
X-OfficeFE: AM4PEPF0000473D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 83900
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest
Last-Modified: Sat, 25 Jul 2020 11:28:35 GMT
X-OFFICEFD: AM4PEPF00004644
X-MSEdge-Ref: Ref A: A265B8D670F747B1A82B10A05C98AEC4 Ref B: AMS04EDGE0514 Ref C: 2020-07-25T11:55:57Z
X-UserSessionId: 4b0c7bc8-526f-46df-b517-b724706500b5
Date: Tue, 28 Jul 2020 10:31:58 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 4b0c7bc8-526f-46df-b517-b724706500b5
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame B40A 0
396 B 126ms
126ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.6&x-apikey=31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063,1705ef36a51840648341da866d62baf8-ddbcd60b-4ce4-48da-96be-ad5f28b48954-8035,c6393e4ed4b94e3baf9a46aa6585dce0-c1b3b0c6-b44c-4121-8eae-311d31e67bb6-7176,79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407&client-time-epoch-millis=1595932320856&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 10:32:00 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 17
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H/1.1 200
OK OneDrive.js Show response
js.live.net/v7.2/ Frame B40A 59 KB
16 KB 146ms
26ms Script
application/javascript 104.111.233.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v7.2/OneDrive.js
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/OneNote.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.233.232 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 826516774bc9f660c442bc5c360191576ba6f085fc3ec675cc9536c8b4a3b56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Date: Tue, 28 Jul 2020 10:32:01 GMT
X-MSNServer: RD0003FF23BC8E
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=53398, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16425

GET
H2 200 Plt.mvc
onedrive.live.com/Handlers/ 42 B
517 B 142ms
141ms Image
image/gif 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/redir?resid=F8A68C78B3C23B34%21104&authkey=%21AHfiyn7U5BTIODU&page=View&wd=target%28WINCHESTER%20HOME%20BUILDERS%20INC.one%7C5a45463b-45f1-4463-a125-92b2d18035ae%2FNancy%20Campbell%20has%20shared%20a%20file%20with%20you%7C6a33d23c-59a9-400b-9f85-bec36169b60f%2F%29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 31F422FCCE3344AA9BBFDEFF3D79A278 Ref B: FRAEDGE1210 Ref C: 2020-07-28T10:32:03Z
x-odwebserver: canadaeast0-odwebpl
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: private, max-age=31536000
date: Tue, 28 Jul 2020 10:32:03 GMT
x-msnserver: RD00155D5EC3D2
expires: Wed, 28 Jul 2021 10:32:03 GMT

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onenote.officeapps.live.com/	1970-01-19 13:31:21	Name: DcLcid Value: ui=1033&data=1033
.live.com/	1969-12-31 23:59:59	Name: E Value: P:8vprc+Ey2Ig=:qxTEz3eTh66n+yJEsd+t0EfztJb4kFO7yCdc/07ejJ8=:F
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 3
.live.com/	1970-01-19 20:03:50	Name: mkt Value: en-US
.live.com/	1970-01-19 11:28:57	Name: wla42 Value:
onenote.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: xid Value: 2b8c03e2-81e8-49dd-8dc0-3f8d7ac78653&&RD00155D5EA6D6&252

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/oreosearchpanelegacy.js(Line 2) Message: Deep requiring like `const uuidv1 = require('uuid/v1');` is deprecated as of uuid@7.x. Please require the top-level module when using the Node.js CommonJS module or use ECMAScript Modules when bundling for the browser. See https://github.com/uuidjs/uuid#deep-requires-now-deprecated for more information.
console-api	warning	URL: https://c1-onenote-15.cdn.office.net/o/s/161312441001_App_Scripts/common.min.js(Line 23) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: WebInsertHyperlink_20, MarqueeSelect_20x20x32, SpinnerLoop, CloudOn

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c.s-microsoft.com
c1-officeapps-15.cdn.office.net
c1-onenote-15.cdn.office.net
fs.microsoft.com
hyperurl.co
js.live.net
messaging.office.com
officeclient.microsoft.com
onedrive.live.com
onenote.officeapps.live.com
p.sfx.ms
site-cdn.onenote.net
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
www.microsoft.com
104.111.233.232
13.104.158.177
13.107.42.13
13.95.147.73
152.199.19.160
2.16.186.40
23.210.248.85
23.37.58.89
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:10c:386::4b36
2a02:26f0:10c:38e::356e
2a02:26f0:10c:39e::4b36
2a02:26f0:6c00:183::356e
3.222.255.180
52.109.32.27
52.109.52.36
52.114.77.34
52.142.114.2
063527abb8af04e5722831ea8677b1c2042e0959af0fdcb4d3ada41cfd4f04c6
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
0a286890a4389ca5ebfedbb7fec78d551ce23208a277f526ca14fb39d5055935
0d7dd171a7aeffc1b8217accdb8b0744c41fd86cacbfd7485224f254e1e54f21
1310d17158e78f28675b29716359d115fcc7aa3afd99c9f3d62a98abf6860cc4
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
168d484dedfd6fac926f82db28e9a0db8994d5dcd7b7a53575b27192ab155249
18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73
197128f3d52913a605dc17792afa60e3b908456592a0b1eade40300064cffcc8
224fee18af9335de54bccd25afe520252cc5c932ba1dd8a84e92ad6a686e9de7
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2351dd8bfcd6cdd2b5c106e48a086c19167ec3241222f3900a5bcd3d397b1c0b
24cdc3a8bed362e1efa94bfee82e9100e4ed9a034a229f9d0069d981cbdd75f7
2653d32419de95c0f6dfde35c2a0153291075d3011177ebe848126a613c087f0
2c70d8be7fd2658bce30f195cecd962c8f29f15792170d93c9b008bcfb1629c4
302bc96b46313eeff8c535c12cdd87fe4ad8d9a9ce23ec16ae477292e5c51f86
372ce761ecdd7f7c981dbecde804428e20ce43a57cf85945afb68e7f92cb8fa6
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f51e202dd7ec9794105e0c3ed320bd8ecde1a864e385ae4751c7753f5a4518b
4339ef6fc484d48533e9da01ab8016b060f3c378c63ed58ee5ffd869121fc362
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
4cbe492e48ac5e67cc4021bb64ac39d7b6586d3d67a76ed231c586cf761c15ad
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
50170845a660d2259f8e7b495d1b26e85951a6537a472224851d93ed3e046d9f
5802737795e427edef6224d56cf32f9641f938adf6c919dc829ce4f748d9afab
5b837360c102f1fe03b8b69eaa9b35217ca8c3b52ce116a0c102ee2fdf1ad450
5db631b85295c7d810b7e6a16b1750abfaee1470bae78146ea0ec3369cbbf99f
609fad38751f633572b2c9d463963d017ca5162f6541cf32727c8eebbe2b7c44
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
6b4f4fc885781a94eaaa0dad73897457da51d6503b9040403339464973bf9b97
6ca818218f8a115c3172f67c2f0a1606eb05e1f698ef9def63401ef8b3bdb431
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f74ca5dcdb18cae54c41578e1a886b97fa32066ea19ecad244d7b153b768987
6fe989ecd16fb61ff92eb1cde2c20fd154d525667e51558ce4f98f63cc2a2b72
758aaae21039ead139911676ff91632bf7339512c3bfb7c41d52eb21397c0657
7e2d010f4920c269ca0c945a8681e5723efc5f2b68106c2a26f5c7d7dbcd345f
7ebf07e5c715518f922f344229223b479e56851490705ec91a43dedd54507710
826516774bc9f660c442bc5c360191576ba6f085fc3ec675cc9536c8b4a3b56b
83b6a7bb4eb51c68ce34d6ab87dabdb43f2648974c0ddfa1b52366a109468d4a
85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd
90ec3501ab7e5c9e414bd596a50dac9c8246f350aa8bc1dc4b53093d32ffde03
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
93c86f582632ff099a7c6fb45fb9b9b1937da2cc0bea9f8cae6085f4c544b46f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4bd3fd7c4adf16943873c9bb06534320bd8c4a16b905de8a457664e2312c6a7
a56c8e34995ef10276558f5e1691e53627cd1bbaedbc75bb4cfd6cf39ba4ee70
a661d2f1ae03d18add307d370f7fc69814fbe2f2ea116b2bb2844c8d0345d9cf
a7523f1b15accd5aadc8fc9335a62008441693b044895f77a55cd716363b2c63
a96c44f56b32b8a28308d63690f082929bc11213aaaef5233fe703eaad0045df
ab1044d77c5dfdd833acb44fd1c17fda7979af17d39c26f39c62997e4c3d917d
ad2c438a3df47822819ba4bb6921891580bcbe543d65ad1393948ec87eefab0f
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b353428367e877e8cb12ef76c3e7440c992fc425d37f1008fcaf91af73087aa9
b46475614660782cbdd3ba6a3b3badfee0c8502b5779e33d51a1d21cc864683a
b51afa1051af694f880d9a09fcae5007f09d52f15e6a5d4bd8fa953ecf44a5bd
b5ddd459109494c957c6caeabbf31fe3c0b209d0dd597a5d71a4931b87e19a3a
b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c184bdc1e1d05a5ef49cad6104a741607c0945304cceef94b2e91eb459e9c060
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c526ea3061d6f3fad1072adf3983375f3a12c9dd507cb529b80fcb173550d8a5
c82fb0f88cbcd7c61e549082de6a00f7002d4d323f5823dc3f9f0ded07e8f4f3
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cd9935b2a70b6c2b44296e02583436ccfbe03f2a4795aaffcd4656e4e4194d1f
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
d0b3b75305a9b6be429ef4162615461d3d072cb8cbf410159bf3c87aad3a6259
d349beb8b108ff60c593482cc1883cfc9ffa8f00ed48885e7a8bcba69cc3b281
d353824beb2c5593baf4f3c4a66c5642db1484650964b5fc6c9ae3c16548fd6d
d47887dbd63988ad37b916b9d175dd22d6afc7490966b1fa1b116f77f781721e
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
df720b331ca8d45d1de875a81ee0c9811ee1c8da3587fab08f6d46d6179897ad
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e03e79dcdf0200c08b44871ed46f77c09cf23db69c1a9e6902cf0ef504698f19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
e8c3fd5fa6be196ca629bbe988eb479c6538b861118d03eb0cade672ab2cad26
ef89cf6124f4e731c64ef893b79226439d03784fe00163893cf4f360057d3db7
f08ba68b4815053b4a6df6a1f7f5ca57b464a943a2c331ea46278df82fade02c
f313680d73dc390d5943c1706dd955706b87cc4e22d7e68276cf66b3a87abada
f63e4709cafc3d0cd899fa68337dd796247b2a43861c0763047c4b6e16961c44
fbb8a5d8b4c64ba04493ab619079265df5adb4b705f1375caea95a992b333cea

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

103 Requests

100 %HTTPS

32 %IPv6

12 Domains

19 Subdomains

18 IPs

6 Countries

4525 kBTransfer

17183 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

32 %
IPv6

12
Domains

19
Subdomains

18
IPs

6
Countries

4525 kB
Transfer

17183 kB
Size

7
Cookies

103 HTTP transactions
7 data transactions