urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
2620:1ec:bdf::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.onenote.com/teams/ChannelNotes?ui=en-us
Effective URL: https://www.onenote.com/teams/ChannelNotes?ui=en-us
Submission: On August 27 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2620:1ec:bdf::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com. The Cisco Umbrella rank of the primary domain is 6746.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on July 30th 2024. Valid for: a year.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2620:1ec:bdf::44 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2
Apex Domain
Subdomains		 Transfer
3 onenote.com
www.onenote.com — Cisco Umbrella Rank: 6746
44 KB
1 onenote.net
cdn.onenote.net — Cisco Umbrella Rank: 1513
2 KB
3 2
Domain Requested by
3 www.onenote.com 1 redirects
1 cdn.onenote.net www.onenote.com
3 2

This site contains no links.

Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-07-30 -
2025-07-25		 a year crt.sh
cdn.onenote.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-09 -
2025-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.onenote.com/teams/ChannelNotes?ui=en-us
Frame ID: 301B6FAA72538A904029D53F73AB7F63
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.onenote.com/teams/ChannelNotes?ui=en-us HTTP 307
    https://www.onenote.com/teams/ChannelNotes?ui=en-us Page URL

Page Statistics

3
Requests

67 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

42 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.onenote.com/teams/ChannelNotes?ui=en-us HTTP 307
    https://www.onenote.com/teams/ChannelNotes?ui=en-us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.onenote.com/favicon.ico HTTP 302
  • https://www.onenote.com/?404&public=1

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ChannelNotes
www.onenote.com/teams/
Redirect Chain
  • http://www.onenote.com/teams/ChannelNotes?ui=en-us
  • https://www.onenote.com/teams/ChannelNotes?ui=en-us
180 B
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/teams/ChannelNotes?ui=en-us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa3c982b1e42edf169e994ecde18fcf369de35059514e5d461336a27ad87689d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-length
180
content-type
text/html; charset=utf-8
date
Tue, 27 Aug 2024 22:32:19 GMT
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="P3P is not supported anymore; see: https://msdn.microsoft.com/en-us/library/mt146424%28v=vs.85%29.aspx"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-azure-ref
20240827T223219Z-1774f884598hzbgg5e25e1ktuc00000007r0000000006dre
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
1c196f87-298c-4e2f-a90c-314fc9390f35
x-officecluster
neu-000.appsforoffice.onenote.com
x-officefe
AgavesFrontEnd_IN_10
x-officeversion
16.0.18025.40450
x-partitioning-enabled
true
x-routingcorrelationid
1c196f87-298c-4e2f-a90c-314fc9390f35
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_21
x-routingofficeversion
16.0.18019.40457
x-routingsessionid
fbd4bf86-4e85-45c5-a609-2392758ed4f0
x-usersessionid
fbd4bf86-4e85-45c5-a609-2392758ed4f0

Redirect headers

Location
https://www.onenote.com/teams/ChannelNotes?ui=en-us
Non-Authoritative-Reason
HttpsUpgrades
Error.png
cdn.onenote.net/officeaddins/161802540450_Images/Shared/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Images/Shared/Error.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/teams/ChannelNotes?ui=en-us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58a::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1f5becce781c128c1cd34a9684aec5cf91081fb62917eeced0186e65826eb632
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 27 Aug 2024 22:32:19 GMT
x-content-type-options
nosniff
x-officeversion
16.0.18025.40450
x-officefe
AgavesFrontEnd_IN_7
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1377
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_5
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
37c1765f-bccf-47b8-bf4b-218ff4c505f2
x-usersessionid
bd9a8081-73f1-48f6-b406-85b38c3c43b0
x-officecluster
neu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
x-azure-ref
20240827T101858Z-r1bf48c9547h9cn5zsrmrkkhz400000003m000000000d65u
Content-Type
image/png
X-RoutingCorrelationId
37c1765f-bccf-47b8-bf4b-218ff4c505f2
Cache-Control
public, max-age=31491999
X-RoutingSessionId
bd9a8081-73f1-48f6-b406-85b38c3c43b0
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
/
www.onenote.com/
Redirect Chain
  • https://www.onenote.com/favicon.ico
  • https://www.onenote.com/?404&public=1
41 KB
42 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/?404&public=1
Protocol
H2
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72d0ecb9158c33d0ed9c3fcc7b857c88a1f82894be9a772401b29ce675176f42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/teams/ChannelNotes?ui=en-us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 22:32:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
x-officeversion
16.0.18025.40450
x-officefe
SiteFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
41776
x-partitioning-enabled
true
x-routingofficefe
ReverseProxyFrontEnd_IN_21
x-xss-protection
1; mode=block
x-routingofficeversion
16.0.18019.40457
x-correlationid
6728eee1-ed20-4ea0-b6a7-74f0819b6a97
x-officecluster
neu-000.site.onenote.com
x-usersessionid
0e222fc5-878e-45ee-af94-16b9df7b3065
x-azure-ref
20240827T223220Z-1774f884598hzbgg5e25e1ktuc00000007r0000000006ds8
content-type
text/html; charset=utf-8
x-routingcorrelationid
6728eee1-ed20-4ea0-b6a7-74f0819b6a97
cache-control
private
x-routingsessionid
0e222fc5-878e-45ee-af94-16b9df7b3065
accept-ranges
bytes
x-routingofficecluster
weu-000.reverseproxy.onenote.com

Redirect headers

date
Tue, 27 Aug 2024 22:32:20 GMT
x-content-type-options
nosniff
x-officeversion
16.0.18025.40450
x-officefe
SiteFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
135
x-partitioning-enabled
true
x-routingofficefe
ReverseProxyFrontEnd_IN_21
x-routingofficeversion
16.0.18019.40457
x-correlationid
96a16316-dd04-4d88-92fe-b38a29a4a18f
x-officecluster
neu-000.site.onenote.com
x-usersessionid
44b40ef9-714c-45e3-a4b6-84403023ca2d
x-azure-ref
20240827T223220Z-1774f884598hzbgg5e25e1ktuc00000007r0000000006drz
content-type
text/html; charset=utf-8
location
/?404&public=1
x-routingcorrelationid
96a16316-dd04-4d88-92fe-b38a29a4a18f
x-routingsessionid
44b40ef9-714c-45e3-a4b6-84403023ca2d
x-routingofficecluster
weu-000.reverseproxy.onenote.com

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
www.onenote.com/ Name: UserTrackerKey
Value: AnonymousId=81eed84d-55b8-4288-8236-9deb2ebcc7c2&FirstVisit=08/27/2024 22:32:20&LastVisit=08/27/2024 22:32:20
www.onenote.com/ Name: ONSessionKey
Value: SessionId=d07101ff-c38a-46a1-9d9c-380a208ef841&StartTime=08/27/2024 22:32:20&LastActivityTime=08/27/2024 22:32:20
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Treatment2
.www.onenote.com/ Name: AuthSess
Value: 19ebff8b-413c-4cb0-9156-90d065d5e452
.onenote.com/ Name: AADNonce
Value: 8a15fdda-7159-4cd4-b848-912f06d467e5.638603947401395201

1 Console Messages

Source Level URL
Text
network error URL: https://www.onenote.com/teams/ChannelNotes?ui=en-us
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onenote.net
www.onenote.com
2620:1ec:bdf::44
2a02:26f0:3500:58a::611
1f5becce781c128c1cd34a9684aec5cf91081fb62917eeced0186e65826eb632
72d0ecb9158c33d0ed9c3fcc7b857c88a1f82894be9a772401b29ce675176f42
fa3c982b1e42edf169e994ecde18fcf369de35059514e5d461336a27ad87689d