onedrive.live.com Open in urlscan Pro
204.79.197.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62DECF5!104&authkey=Aj...
Effective URL:
https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&a...
Submission: On September 13 via manual (September 13th 2017, 3:14:15 am UTC) from AU

Summary HTTP 69 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 9 domains to perform 69 HTTP transactions. The main IP is 204.79.197.217, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on August 2nd 2017. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	204.79.197.217 204.79.197.217	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
12	2.21.246.65 2.21.246.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.31.90.4 184.31.90.4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
28	2a02:26f0:10c... 2a02:26f0:10c:38e::1aff	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	92.123.94.77 92.123.94.77	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:10c... 2a02:26f0:10c:38b::611	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.97.178.173 23.97.178.173	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a02:26f0:64:... 2a02:26f0:64:1a2::747	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	92.123.92.100 92.123.92.100	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	157.55.109.226 157.55.109.226	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	207.46.194.10 207.46.194.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
69	14

4 204.79.197.217 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.21.246.65 (Austria)

ASN20940 (AKAMAI-ASN1, US)

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.90.4 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-4.deploy.static.akamaitechnologies.com

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onenote.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:26f0:10c:38e::1aff (European Union)

ASN20940 (AKAMAI-ASN1, US)

s3-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.94.77 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-77.deploy.akamaitechnologies.com

contentstorage.osi.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:38b::611 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.onenote.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.178.173 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

officeclient.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:1a2::747 (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.92.100 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-100.deploy.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.55.109.226 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: msnbot-157-55-109-226.search.msn.com

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.46.194.10 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: msnbot-207-46-194-10.search.msn.com

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (Redmond, United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	office.net s3-onenote-15.cdn.office.net s3-officeapps-15.cdn.office.net contentstorage.osi.office.net	2 MB
17	live.com 1 redirects onedrive.live.com onenote.officeapps.live.com skyapi.onedrive.live.com c.live.com	129 KB
12	akamaihd.net spoprod-a.akamaihd.net	417 KB
6	microsoft.com officeclient.microsoft.com www.microsoft.com fs.microsoft.com	937 KB
1	aspnetcdn.com ajax.aspnetcdn.com	33 KB
1	bing.com 1 redirects c.bing.com	1 KB
1	onenote.net cdn.onenote.net	515 B
1	sfx.ms p.sfx.ms	67 B
0	onenote.com Failed www.onenote.com Failed
69	9

	Domain	Requested by
24	s3-onenote-15.cdn.office.net	onenote.officeapps.live.com s3-onenote-15.cdn.office.net
12	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
10	onenote.officeapps.live.com	onedrive.live.com onenote.officeapps.live.com s3-officeapps-15.cdn.office.net
4	s3-officeapps-15.cdn.office.net	onenote.officeapps.live.com s3-onenote-15.cdn.office.net
4	onedrive.live.com	onedrive.live.com
3	fs.microsoft.com	s3-onenote-15.cdn.office.net
2	c.live.com	1 redirects
2	officeclient.microsoft.com	s3-onenote-15.cdn.office.net
2	contentstorage.osi.office.net	s3-onenote-15.cdn.office.net
1	ajax.aspnetcdn.com	skyapi.onedrive.live.com
1	c.bing.com	1 redirects
1	skyapi.onedrive.live.com	spoprod-a.akamaihd.net
1	www.microsoft.com
1	cdn.onenote.net
1	p.sfx.ms	onedrive.live.com
0	www.onenote.com Failed	s3-onenote-15.cdn.office.net
69	16

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 1	`2017-08-02` - `2019-08-02`	2 years	crt.sh
a248.e.akamai.net Symantec Class 3 ECC 256 bit SSL CA - G2	`2017-05-22` - `2018-08-21`	a year	crt.sh
p.sfx.ms Microsoft IT SSL SHA2	`2016-04-12` - `2018-04-12`	2 years	crt.sh
officeapps.live.com Microsoft IT SSL SHA2	`2017-02-23` - `2018-03-23`	a year	crt.sh
*.cdn.office.net Microsoft IT SSL SHA2	`2016-04-05` - `2018-04-05`	2 years	crt.sh
*.osi.office.net Microsoft IT SSL SHA2	`2017-07-12` - `2018-04-12`	9 months	crt.sh
cdn.onenote.net Microsoft IT SSL SHA2	`2016-05-02` - `2018-05-02`	2 years	crt.sh
config.officeapps.live.com Microsoft IT SSL SHA2	`2017-06-23` - `2018-03-23`	9 months	crt.sh
www.microsoft.com Symantec Class 3 Secure Server CA - G4	`2017-04-07` - `2019-04-08`	2 years	crt.sh
officecdn.microsoft.com Microsoft IT SSL SHA2	`2016-11-29` - `2018-04-29`	a year	crt.sh
storage.live.com Microsoft IT SSL SHA2	`2017-03-09` - `2018-03-09`	a year	crt.sh
c.msn.com Microsoft IT SSL SHA2	`2017-03-22` - `2018-02-22`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 1	`2017-08-29` - `2019-08-29`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Frame ID: 25307.1
Requests: 18 HTTP requests in this frame

Frame: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Frame ID: 25307.2
Requests: 52 HTTP requests in this frame

Frame: https://www.onenote.com/officeaddins/learningtools/?et=
Frame ID: 25307.3
Requests: 1 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/api/proxy?v=3
Frame ID: 25307.4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62... Page URL
https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Page Statistics

69
Requests

97 %
HTTPS

36 %
IPv6

9
Domains

16
Subdomains

14
IPs

5
Countries

3647 kB
Transfer

11360 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62DECF5!104&authkey=AjcWzb70gGMMS-E&Bsrc=SMIT&ref=name Page URL
https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D2958%26IR%3D1%26EX%3D0%26L.h%3D506%26L.bc%3D640%26L.ac%3D642%26L.f%3D653%26L.sjs%3D2904%26L.ttg%3D2761%26C.st%3D1505272443551%26N.jsPlt%3D1382%26N.domIn%3D653%26N.req%3D441%26N.resp%3D9%26N.navType%3D0%26N.redirectCount%3D0&r=0.9809115188887896 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D2958%26IR%3D1%26EX%3D0%26L.h%3D506%26L.bc%3D640%26L.ac%3D642%26L.f%3D653%26L.sjs%3D2904%26L.ttg%3D2761%26C.st%3D1505272443551%26N.jsPlt%3D1382%26N.domIn%3D653%26N.req%3D441%26N.resp%3D9%26N.navType%3D0%26N.redirectCount%3D0&r=0.9809115188887896&ctsa=mr&CtsSyncId=93082212EADD41EBB298C1E51F987E1F&RedC=c.live.com&MXFR=3753C0E36AAA63A133C2CA1F6EAA6749 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D2958%26IR%3D1%26EX%3D0%26L.h%3D506%26L.bc%3D640%26L.ac%3D642%26L.f%3D653%26L.sjs%3D2904%26L.ttg%3D2761%26C.st%3D1505272443551%26N.jsPlt%3D1382%26N.domIn%3D653%26N.req%3D441%26N.resp%3D9%26N.navType%3D0%26N.redirectCount%3D0&r=0.9809115188887896&ctsa=mr&CtsSyncId=93082212EADD41EBB298C1E51F987E1F&MUID=3753C0E36AAA63A133C2CA1F6EAA6749

69 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
S 200 redir.aspx Show response
onedrive.live.com/ 7 KB
3 KB 324ms
298ms Document
text/html 204.79.197.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62DECF5!104&authkey=AjcWzb70gGMMS-E&Bsrc=SMIT&ref=name

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.79.197.217 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

d0a4a56e4b6fd9ee4765921c9317c487646a903c31f52a1dd7af72b4c5726779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: BL3301xxPFE008
x-content-type-options: nosniff
x-msedge-ref: Ref A: A69E3BFBF2BA4EF49029CF6D99749409 Ref B: FRAEDGE0507 Ref C: 2017-09-13T03:14:03Z
date: Wed, 13 Sep 2017 03:14:02 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache, no-store
content-encoding: gzip
expires: -1

GET
S 200 Primary Request view.aspx Show response
onedrive.live.com/ 83 KB
27 KB 432ms
431ms Document
text/html 204.79.197.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62DECF5!104&authkey=AjcWzb70gGMMS-E&Bsrc=SMIT&ref=name

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.79.197.217 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

c147634a4824cbac3188ae6f7d38ccc5620f1bf82e67da1fb08ee308230c1ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Referer: https://onedrive.live.com/redir.aspx?cid=45235d62b62decf5&resid=45235D62B62DECF5!105&parId=45235D62B62DECF5!104&authkey=AjcWzb70gGMMS-E&Bsrc=SMIT&ref=name
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: BL3301xxPFE143
x-content-type-options: nosniff
x-msedge-ref: Ref A: 0A8E0033C1E947D28C4CEE9A37A5C108 Ref B: FRAEDGE0507 Ref C: 2017-09-13T03:14:03Z
date: Wed, 13 Sep 2017 03:14:03 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
status: 200
cache-control: no-cache, no-store
content-encoding: gzip
expires: -1

GET
S 200 maincss-5c430450.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 136 KB
25 KB 31ms
6ms Stylesheet
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//maincss-5c430450.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b1c1b0090ded46cb4cb1d9eff87403b9a55685e309e3803dcefd872a88d78c33

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:04 GMT
content-encoding: gzip
content-md5: XEMEUGFiFrgXr+2rzyw3Dg==
status: 200
content-length: 25480
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A44A0D28A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7b24d28c-0001-0047-1e24-c8c2b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290577
x-ms-version: 2009-09-19

GET
S 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 85 KB
15 KB 37ms
12ms Stylesheet
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:04 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
status: 200
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A41FD2607
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 44a6aff0-0001-0063-0d24-c85bf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290577
x-ms-version: 2009-09-19

GET
S 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 169 KB
30 KB 36ms
11ms Stylesheet
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:04 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
status: 200
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A430BE069
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45b19f38-0001-00e4-1a24-c80ed8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290577
x-ms-version: 2009-09-19

GET
S 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 89 KB
25 KB 178ms
177ms Script
text/javascript 204.79.197.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.74.0713.2017&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.79.197.217 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

05da92ebd494e1023a692129b9975d834bb366b99570705a88eb957082c899b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2017 03:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-msnserver: DM2301xxPFE065
expires: Thu, 13 Sep 2018 03:14:04 GMT

GET
S 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
1 KB 156ms
155ms Script
text/javascript 204.79.197.217
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.74.0713.2017&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.79.197.217 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

949d4c7ca2b2867f9785e8bd7ccb397a11b6f6391d35fcc0dc38fcb5e3297766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2017 03:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-msnserver: DM2301xxPFE036
expires: Thu, 13 Sep 2018 03:14:04 GMT

GET
H/1.1 200
OK invis.gif
p.sfx.ms/is/ 43 B
67 B 6ms
6ms Image
image/gif 184.31.90.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 184.31.90.4 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-4.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Wed, 13 Sep 2017 03:14:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jan 2015 00:18:44 GMT
Server: Microsoft-IIS/8.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=11522187, s-maxage=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
X-GFXSERVER: DM2301-SKPGX004
Expires: Wed, 24 Jan 2018 11:50:31 GMT

POST
S 200 onenoteframe.aspx Show response
onenote.officeapps.live.com/o/ Frame 2530 60 KB
61 KB 69ms
40ms Document
text/html 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

627ccb9705f4cc7f0153b5d3e067b0fcf21ada436ba00ad99c7c997cc260c9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: cab3ef700f62
x-officeversion: 16.0.8609.1900
content-security-policy-report-only: font-src data: s3-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' s3-onenote-15.cdn.office.net s3-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' s3-onenote-15.cdn.office.net s3-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /reportcsp.ashx
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
pragma: no-cache
x-correlationid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-officecluster: NL1S
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:03 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 8A4BDA9C0AF7427E8B469EC3E0198DB0 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:04Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK EditSurface.css
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 19 KB
3 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/EditSurface.css

Requested by

Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

732b1a707fc8a091ae23ccb64b4680358ef12bdde3f9263e233bc424a44fb3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80d35dda4b2bd31:0"
X-OFFICEFD: 46d281f3ce21
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3386
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:18:11 GMT
X-OfficeCluster: NL1S
X-UserSessionId: cd02c8dd-c816-4d1b-8182-281878bab2bc
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: cd02c8dd-c816-4d1b-8182-281878bab2bc
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 28ms
28ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Origin: https://onenote.officeapps.live.com
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: e4d839c2-b30b-4c4f-a07d-88e0d5e0a816
x-officefd: e7c28cf1e433
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:03 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: 29A9CF1438614EDC91383B7744E8E0E8 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:04Z
timing-allow-origin: *

GET
H/1.1 200
OK OneNote.css
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 303 KB
49 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/OneNote.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

3cb447e494dc8363c1c4cad5445efefac6a6d961945d94032b3cb9abd1f0404a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "03dc5d94b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 49724
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:10 GMT
X-OFFICEFD: ca53c9951f3f
X-UserSessionId: 04c4e107-2d73-4494-8cae-d4291449f793
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 04c4e107-2d73-4494-8cae-d4291449f793
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 2530 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db5afd59f5716e21cb940d85780242e0cd2b782c0529b4c1352e373bf4ef39de

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2530 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200
OK MicrosoftAjax.js Show response
s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 105 KB
26 KB 9ms
8ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80a62cd94b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 26964
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:09 GMT
X-OFFICEFD: f6b023515fee
X-UserSessionId: 00a73481-9dd4-46f0-8325-3f1e3b7915ea
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 00a73481-9dd4-46f0-8325-3f1e3b7915ea
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacbooton.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 36 KB
7 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/wacbooton.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

5af66ff986a5b826e5d1b3b545f15a79e4a27057072606d4149d07ebca93455f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "06af6da4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 7292
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:12 GMT
X-OFFICEFD: 46d281f3ce21
X-UserSessionId: 1d0987a2-3266-4c4a-a0b4-f0f79624860f
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1d0987a2-3266-4c4a-a0b4-f0f79624860f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 52 KB
16 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

e73d4d97e7a8b1642857b46ba169084426db4002c488fbe0732c0496752ab2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 16039
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OFFICEFD: 63aa1cd78b40
X-UserSessionId: 8cf60397-914e-45bd-8b62-aba171e4b1f0
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8cf60397-914e-45bd-8b62-aba171e4b1f0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 6 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1618
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OFFICEFD: 63aa1cd78b40
X-UserSessionId: 18cefc6c-1ec2-4470-8ab8-1de9b6afecd1
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 18cefc6c-1ec2-4470-8ab8-1de9b6afecd1
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Box4Intl.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 54 KB
10 KB 10ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/Box4Intl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

06f84bce2d4d5141490fac5f67c0086680c8cf6f35fa63e0b1d5be30374974c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OFFICEFD: da78028f6c03
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10532
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 4fdd39ea-085e-4095-b506-9525c50eee45
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4fdd39ea-085e-4095-b506-9525c50eee45
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WoncaIntl.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 25 KB
5 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/WoncaIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

55eefb5614436452d1aa4c3221012b0ab0b5b4acb4a1e235b61fbd996c75acb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "802334b74d2bd31:0"
X-OFFICEFD: ca53c9951f3f
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 5278
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:31:31 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 47f00cef-3122-4ead-876b-2ad7f09f4385
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 47f00cef-3122-4ead-876b-2ad7f09f4385
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteIntl.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 21 KB
5 KB 18ms
8ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/OneNoteIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

b8acdb4da0c5df22fe7e25da5ab152f23e55c373aa539aa184beff5f900b3591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8081d7384d2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 4834
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:27:59 GMT
X-OFFICEFD: a9fe62b0eb78
X-UserSessionId: 84794cfb-f8b4-45c5-bfad-0ab317445b82
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 84794cfb-f8b4-45c5-bfad-0ab317445b82
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteExp.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 2 MB
521 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

a668a0dadfba1aeb59d8221585f1927324c72a13dee02022c0ce6a9f7e2c9108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80d35dda4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 533309
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:11 GMT
X-OFFICEFD: da78028f6c03
X-UserSessionId: 861bd52e-c7d6-4003-910a-6c436b9f1a5a
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 861bd52e-c7d6-4003-910a-6c436b9f1a5a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jSanity.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 11 KB
4 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/jSanity.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3910
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OFFICEFD: f6b023515fee
X-UserSessionId: 126a872e-21b8-4b07-b7d1-34624116f623
Date: Wed, 13 Sep 2017 03:14:04 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 126a872e-21b8-4b07-b7d1-34624116f623
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 29ms
29ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Origin: https://onenote.officeapps.live.com
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":10,"Value":"https://s3-onenote-15.cdn.office.net:443/o/s/1686091900_resources/1033/EditSurface.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 4bc41e6a-a748-4e64-9cc0-fb2e4eb400e1
x-officefd: c5bf75af9f4d
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:03 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: 06F517FB7A6240E6B4D2B2EFF6F31BF2 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:04Z
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 2530 60 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 2530 60 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

POST
S 200 OneNote.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 24 KB
4 KB 1573ms
1573ms XHR
application/json 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNote.ashx

Requested by

Host: s3-officeapps-15.cdn.office.net
URL: https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

f79c0e27080ad2171de3521f4ea460c3cc0d1539416d1c35f4cfc88c7b5e2118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://onenote.officeapps.live.com
X-AccessToken: t=0&s=0&v=AjcWzb70gGMMS-E&aid=c6b1b13b-46c5-404c-b626-5f44f3e144c7&m=en-us
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
X-OfficeVersion: 16.0.8609.1900
X-Key: GE7oId3RzpoMsM2Q+sc8U6/8TxzrTmkmzWWjrlAtAi0=,636408692442025313
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
X-Requested-With: XMLHttpRequest
X-UserType: WSHI
X-xhr: 1
X-WacCluster: NL1S

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 3554
pragma: no-cache
x-correlationid: e175e07e-3798-47c5-83a8-b84ea52bb482
x-officefd: 09e65c29d854
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:05 GMT
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: 88C1595B4A374FC380FF3C6F594C2042 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:05Z
timing-allow-origin: *
expires: -1

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 28ms
28ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Origin: https://onenote.officeapps.live.com
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":667,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 37b1e1c1-56a5-4109-adf8-e6fbf24ea17d
x-officefd: 8c219c1f03c4
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:04 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: 3B975CA9D106497AA813C8A4AD5CC8A4 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:04Z
timing-allow-origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 36 KB
6 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

40db12793e8f8562e34b7c8f1c882034f351f3bc8463bf4412aa884b70d229f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "06af6da4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6371
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:12 GMT
X-OFFICEFD: 63aa1cd78b40
X-UserSessionId: 36361631-8c21-470b-8cca-8274c5cacd7a
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 36361631-8c21-470b-8cca-8274c5cacd7a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
s3-officeapps-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 10 KB
10 KB 8ms
8ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-officeapps-15.cdn.office.net/o/s/1686091900_resources/1033/wapsw.png?b=16086091900

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

96ca722b29f6a5723564ad8b5330547b44c649e1bc487ded9b0de2061f5dd643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "d0a2bd634d2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10479
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:29:10 GMT
X-OFFICEFD: a9fe62b0eb78
X-UserSessionId: 08ced64f-431d-4bdb-94ed-b9a530939492
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 08ced64f-431d-4bdb-94ed-b9a530939492
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK one.png
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 91 KB
91 KB 9ms
8ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/one.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

644227d28c74b12bb60289965783e4549e0a19cf9240d2e4c1a23dcab5aaf2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "576a2c9a4c2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 93486
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:23:32 GMT
X-OFFICEFD: da78028f6c03
X-UserSessionId: 3f9afa13-abdd-422f-84a8-6a2b10550a0e
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 3f9afa13-abdd-422f-84a8-6a2b10550a0e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 14 KB
14 KB 9ms
9ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/box42.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

dc7e1698b8ac3664b6f160a012b16af7df9b7ba1be6ca58e4a2f0f4081361a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "168254da4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 14454
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:18:10 GMT
X-OFFICEFD: da78028f6c03
X-UserSessionId: 93ab5e44-49c3-4348-88d5-f38f7e5a6908
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 93ab5e44-49c3-4348-88d5-f38f7e5a6908
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK f35a69747df98cdb.js Show response
contentstorage.osi.office.net/scripts/ Frame 2530 1 MB
301 KB 167ms
156ms Script
application/javascript 92.123.94.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://contentstorage.osi.office.net/scripts/f35a69747df98cdb.js
Requested by: Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.77 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-77.deploy.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f35a69747df98cdb9837e73e1df933e0d8f9c5b77f184905f3caafc5d2428fc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Encoding: gzip
Content-MD5: uTSH+3pHQrN7Vf2qcyFn4g==
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-ms-lease-status: unlocked
Last-Modified: Tue, 29 Aug 2017 20:00:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4EF18966C488D
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
x-ms-request-id: 122fc275-001e-008a-353e-2c5010000000
Access-Control-Allow-Credentials: true
x-ms-version: 2009-09-19

GET
H/1.1 200
OK box43.png
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 4 KB
4 KB 8ms
8ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/box43.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

8d78f84dafeb218b47e21e6847734a399c8419d8504d57271abf398d916ca823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "6be456da4b2bd31:0"
X-OFFICEFD: 46d281f3ce21
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3834
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:10 GMT
X-OfficeCluster: NL1S
X-UserSessionId: eb41ce58-2512-47bd-bea2-db419bc2343d
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: eb41ce58-2512-47bd-bea2-db419bc2343d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteExp.box4.dll1.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 2 MB
435 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.box4.dll1.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

04c012aec12127ff53e73956d41acf047abb5215462d03b1bcfe68a3dc2589be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80d35dda4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 445873
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:11 GMT
X-OFFICEFD: f6b023515fee
X-UserSessionId: 0e385ac7-7764-4393-a73f-1115f155b59c
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 0e385ac7-7764-4393-a73f-1115f155b59c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.Wac.TellMeModel.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 204 KB
94 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/OneNote.Wac.TellMeModel.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d8f889e6953866fb94fd5d5ebaa7b3ee08ab5d699087296cb25cd86994174619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 96481
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OFFICEFD: 46d281f3ce21
X-UserSessionId: e8f91948-42d6-4d64-96b2-3ea44abe7396
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e8f91948-42d6-4d64-96b2-3ea44abe7396
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OsfRuntimeOneNoteWAC.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 372 KB
87 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OsfRuntimeOneNoteWAC.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

20eedccccc41e6e5f60dbe11fc8aad537d2caec9bc88f418ac8918114165e0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "06af6da4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 89208
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:12 GMT
X-OFFICEFD: da78028f6c03
X-UserSessionId: ca202c98-e149-47ef-b8fd-fc9b62aa4fa6
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ca202c98-e149-47ef-b8fd-fc9b62aa4fa6
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OfficeExtension.WacRuntime.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 142 KB
16 KB 9ms
8ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OfficeExtension.WacRuntime.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

98a2d9ef344ae858e2d110eba9fcdf9171c4c3cdd8fa7f0758230801e251a354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80a62cd94b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 16081
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:09 GMT
X-OFFICEFD: a9fe62b0eb78
X-UserSessionId: 0f1885c7-be9e-430e-8732-37738df83309
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 0f1885c7-be9e-430e-8732-37738df83309
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
S 200 Acl1033.js Show response
onenote.officeapps.live.com/o/App_Scripts/Acl/ Frame 2530 19 KB
6 KB 32ms
32ms XHR
application/javascript 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js

Requested by

Host: s3-officeapps-15.cdn.office.net
URL: https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

4e9e11959eb7117dbf4e0b1072f1193daf73709e1d58c2d8534186de02ba900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-AccessToken: t=0&s=0&v=AjcWzb70gGMMS-E&aid=c6b1b13b-46c5-404c-b626-5f44f3e144c7&m=en-us
X-AccessTokenTtl: 0
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
X-OfficeVersion: 16.0.8609.1900
X-Key: GE7oId3RzpoMsM2Q+sc8U6/8TxzrTmkmzWWjrlAtAi0=,636408692442025313
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
X-Requested-With: XMLHttpRequest
X-UserType: WSHI
X-xhr: 1
X-WacCluster: NL1S

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "80f946f7ecf7cf1:0"
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-length: 5981
cache-control: public,max-age=31536000
last-modified: Tue, 04 Nov 2014 05:05:35 GMT
x-officefd: c5bf75af9f4d
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:04 GMT
vary: Accept-Encoding
content-type: application/javascript
x-correlationid: 8ba79755-f4ab-45dc-a8ec-fe4a9cb6f2e6
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK segoeui-semilight-final.woff
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 25 KB
25 KB 9ms
9ms Font
font/x-woff 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/segoeui-semilight-final.woff

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.box4.dll1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/OneNote.css
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "3543a9d4d2bd31:0"
X-OFFICEFD: a9fe62b0eb78
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 25997
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:30:47 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 499a3e5a-6c78-42d8-ad09-0091b629a684
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 499a3e5a-6c78-42d8-ad09-0091b629a684
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteExp.box4.dll2.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/ Frame 2530 813 KB
191 KB 9ms
8ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.box4.dll2.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

c5d1a6be8f87340f4da25d3f14f735f63c8a876c4ee795e257a4afdcebe00e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80d35dda4b2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 195722
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:11 GMT
X-OFFICEFD: f6b023515fee
X-UserSessionId: a5c11abb-4ded-44d8-a82b-d979e4f4b831
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a5c11abb-4ded-44d8-a82b-d979e4f4b831
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK osfruntime_strings.js Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/ Frame 2530 6 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/1033/osfruntime_strings.js

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

de2e4df2862da8b69d06b14bafca8acfcd6e73c27c006b9e3acbadd5b3bd0de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8079fbd74b2bd31:0"
X-OFFICEFD: da78028f6c03
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1737
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:18:07 GMT
X-OfficeCluster: NL1S
X-UserSessionId: ad63c2cd-ddcb-49f3-b543-233d20f124cb
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ad63c2cd-ddcb-49f3-b543-233d20f124cb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Meetings_manifest.xml Show response
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 88 KB
14 KB 8ms
8ms XHR
text/xml 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/Meetings_manifest.xml

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

6a4f7d16240758dd426b54f5621669da849a5cc802ae427afbbe7d240397d6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8041b91d4e2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 14376
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:34:23 GMT
X-OFFICEFD: a9fe62b0eb78
X-UserSessionId: 12c156cc-c8ad-4f98-a3a2-5a8b83d8617c
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: text/xml
Access-Control-Allow-Origin: *
X-CorrelationId: 12c156cc-c8ad-4f98-a3a2-5a8b83d8617c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
S 403 AddinServiceHandler.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 1 KB
1 KB 28ms
28ms XHR
text/html 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-US&Fi=SD45235D62B62DECF5!105&C=5_810_BN1-SKY-WAC-WSHI&ak=t%3D0%26s%3D0%26v%3DAjcWzb70gGMMS%2DE%26aid%3Dc6b1b13b%2D46c5%2D404c%2Db626%2D5f44f3e144c7%26m%3Den%2Dus

Requested by

Host: s3-officeapps-15.cdn.office.net
URL: https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-AccessTokenTtl: 0
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
X-OfficeVersion: 16.0.8609.1900
X-Key: GE7oId3RzpoMsM2Q+sc8U6/8TxzrTmkmzWWjrlAtAi0=,636408692442025313
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
X-Requested-With: XMLHttpRequest
X-UserType: WSHI
X-xhr: 1
X-WacCluster: NL1S

Response headers

strict-transport-security: max-age=31536000
x-officefd: 27ef2334c30b
x-powered-by: ARR/2.5
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 403
content-length: 1233
x-correlationid: 1687caf6-60f8-44ad-b098-62e7089a32f0
x-officecluster: NL1S
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
date: Wed, 13 Sep 2017 03:14:05 GMT
content-type: text/html
cache-control: private
x-msedge-ref: Ref A: 97C4191B650D4ED28416AE74E4BCEA14 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:05Z
timing-allow-origin: *
x-officeversion: 16.0.8609.1900

GET
H/1.1 200
OK moeerrorux.css
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 4 KB
900 B 8ms
8ms Stylesheet
text/css 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/moeerrorux.css

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

681f5e1d6aa249ad6eb0400e01c541aec595a4dfc5d027ca16093d55f6cfe6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "03dc5d94b2bd31:0"
X-OFFICEFD: da78028f6c03
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 900
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:18:10 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 7a0f8d60-347f-4029-b5cc-36f8f47a9b21
Date: Wed, 13 Sep 2017 03:14:05 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 7a0f8d60-347f-4029-b5cc-36f8f47a9b21
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET /
www.onenote.com/officeaddins/learningtools/ Frame 2530 0
0

GET
H/1.1 200
OK progress.gif
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 695 B
695 B 8ms
8ms Image
image/gif 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "14a95bda4b2bd31:0"
X-OFFICEFD: 46d281f3ce21
X-OfficeVersion: 16.0.8609.1900
X-OfficeFE: 99049af4e20f
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 695
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:18:10 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 1bad25af-5df2-473e-a9cf-693c0563c3b5
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 1bad25af-5df2-473e-a9cf-693c0563c3b5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK moe_status_icons.png
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 6 KB
6 KB 12ms
8ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/moe_status_icons.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "bd2a8e9a4c2bd31:0"
X-OFFICEFD: ca53c9951f3f
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6140
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 11 Sep 2017 22:23:33 GMT
X-OfficeCluster: NL1S
X-UserSessionId: 890fd343-0221-4892-ad49-797144122392
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 890fd343-0221-4892-ad49-797144122392
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK agavedefaulticon96x96.png
s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/ Frame 2530 1 KB
1 KB 17ms
9ms Image
image/png 2a02:26f0:10c:38e::1aff
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3-onenote-15.cdn.office.net/o/s/1686091900_resources/1033/agavedefaulticon96x96.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38e::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "7d169a9a4c2bd31:0"
X-OfficeCluster: NL1S
X-OfficeVersion: 16.0.8530.1726
X-OfficeFE: a05c5ca600dd
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1115
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/8.5
Last-Modified: Mon, 11 Sep 2017 22:23:33 GMT
X-OFFICEFD: da78028f6c03
X-UserSessionId: dacc1d7a-2f42-42a0-82d9-ccf5365bab9a
Date: Wed, 13 Sep 2017 03:14:05 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: dacc1d7a-2f42-42a0-82d9-ccf5365bab9a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK insert_outlook_meeting_details32x32.png
cdn.onenote.net/officeaddins/images/meetings/ Frame 2530 515 B
515 B 9ms
8ms Image
image/png 2a02:26f0:10c:38b::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.onenote.net/officeaddins/images/meetings/insert_outlook_meeting_details32x32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:10c:38b::611 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

9d24c71b594e556fc731d3a8acd53950412b9b7000c1c21379a52fa1eab479f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

X-CorrelationId: 2b69463c-e974-4813-9abd-4dd84f78a44d
Date: Wed, 13 Sep 2017 03:14:05 GMT
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.8517.1550
X-OfficeFE: AgavesFrontEnd_IN_0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 515
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_4
X-RoutingOfficeVersion: 16.0.8517.1550
Last-Modified: Sun, 30 Oct 2016 19:53:26 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 2ebb4e2b-7f3d-46ea-905d-002051d81af8
X-Powered-By: ASP.NET
ETag: "0ff2a47e732d21:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29602818
X-RoutingSessionId: 2ebb4e2b-7f3d-46ea-905d-002051d81af8
X-RoutingCorrelationId: 2b69463c-e974-4813-9abd-4dd84f78a44d
Accept-Ranges: bytes
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 28ms
27ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Origin: https://onenote.officeapps.live.com
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1637,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 5c644f6f-4340-4bd6-89f6-481efdd0f3c8
x-officefd: 8c219c1f03c4
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: 2538332D08F24FDB8328B62D0AB7DA6A Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:05Z
timing-allow-origin: *

OPTIONS
H/1.1 204
No Content config16 Show response
officeclient.microsoft.com/ Frame 2530 0
0 80ms
17ms XHR
text/plain 23.97.178.173
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.ResourceService3&services=ResourceServiceEndpoint2

Requested by

Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

23.97.178.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: GET
Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 13 Sep 2017 03:14:07 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-OfficeFE: ConfigSvcFrontEnd_IN_20
Server: Microsoft-IIS/8.5
Pragma: no-cache
X-CorrelationId: afca1d01-d243-4f42-8490-0cf750d19911
X-OfficeCluster: weu-config.officeapps.live.com
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,odata-version,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext
X-OfficeVersion: 16.0.8606.6850
Expires: -1

GET
S 200 latest.woff2
www.microsoft.com/fonts/segoe-ui/west-european/normal/ Frame 2530 33 KB
33 KB 169ms
157ms Font
application/octet-stream 2a02:26f0:64:1a2::747
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff2

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:1a2::747 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

x-edgeconnect-origin-mex-latency: 133, 133
date: Wed, 13 Sep 2017 03:14:06 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "5e732076e173d11:0"
vtag: 279740725400000000
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public,max-age=1209600
accept-ranges: bytes
content-type: application/octet-stream
content-length: 34052

GET
H/1.1 200
OK config16 Show response
officeclient.microsoft.com/ Frame 2530 272 B
196 B 22ms
22ms XHR
text/xml 23.97.178.173
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.ResourceService3&services=ResourceServiceEndpoint2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

23.97.178.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

63a20eb8055539ddb773373bd9b689d8e0e84c10252c1087f20906cb3e47ad66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 13 Sep 2017 03:14:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeCluster: weu-config.officeapps.live.com
X-AspNet-Version: 4.0.30319
X-OfficeVersion: 16.0.8606.6850
X-OfficeFE: ConfigSvcFrontEnd_IN_20
Content-Length: 196
Server: Microsoft-IIS/8.5
Pragma: no-cache
X-CorrelationId: e25f50ab-1281-40f2-8c78-81e34c03d500
X-Office-CacheDuration: 1440
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,odata-version,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext
Expires: -1

GET
H/1.1 200
OK listAll.json Show response
fs.microsoft.com/fs/3.3/ Frame 2530 158 KB
22 KB 10ms
10ms XHR
application/octet-stream 92.123.92.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/3.3/listAll.json
Requested by: Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.92.100 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-100.deploy.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 7f325781c489c95a0b824065954736513e707695b4aa85f672b9170112b3608d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Date: Wed, 13 Sep 2017 03:14:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2017 19:07:47 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "cb69fa1e88ed21:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=160020
Content-Length: 22879
Content-Disposition: attachment; filename=listAll.json
Connection: keep-alive
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 29932528050
fs.microsoft.com/fs/3.3/rawguids/ Frame 2530 785 KB
415 KB 11ms
10ms Font
application/octet-stream 92.123.92.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/3.3/rawguids/29932528050
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.92.100 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-100.deploy.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 93e9693f07d5a6c76e1031c25a16ae1ef39dcf00715d4e7591efa762e38898d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Date: Wed, 13 Sep 2017 03:14:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2016 20:30:10 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "49842f81257d21:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=130278
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=29932528050
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 43428430397
fs.microsoft.com/fs/3.3/rawguids/ Frame 2530 915 KB
467 KB 10ms
10ms Font
application/octet-stream 92.123.92.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/3.3/rawguids/43428430397
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.92.100 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-92-100.deploy.akamaitechnologies.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: aece4b6e6868bf24dfb8dbab8d14761bb66fcdc2210e9e02f07c9355fb363c88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

Date: Wed, 13 Sep 2017 03:14:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Dec 2016 20:31:57 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "67d8d1471257d21:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=64269
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=43428430397
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 29ms
28ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
Origin: https://onenote.officeapps.live.com
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":2030,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 043caa79-d299-4325-b66c-4a9405f841e7
x-officefd: 80c350b7252e
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: C42485897D1F4561B48280B4AB56BC66 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:06Z
timing-allow-origin: *

POST
S 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2530 0
0 53ms
52ms XHR
text/plain 2620:1ec:a92::171
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.8609.1900&waccluster=NL1S

Requested by

Host: s3-officeapps-15.cdn.office.net
URL: https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

/ ARR/2.5

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://onenote.officeapps.live.com
X-AccessToken: t=0&s=0&v=AjcWzb70gGMMS-E&aid=c6b1b13b-46c5-404c-b626-5f44f3e144c7&m=en-us
X-UserSessionId: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
X-OfficeVersion: 16.0.8609.1900
X-Key: GE7oId3RzpoMsM2Q+sc8U6/8TxzrTmkmzWWjrlAtAi0=,636408692442025313
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&Fi=SD45235D62B62DECF5!105&H=emul&C=5_810_BN1-SKY-WAC-WSHI&ui=en-US&rs=en-US&wdo=2&wdp=7&su=4981928291346541813&ad=en-US&sc=host%3d&cy=canary
X-Requested-With: XMLHttpRequest
X-UserType: WSHI
X-xhr: 1
X-AccessTokenTtl: 0
X-WacCluster: NL1S

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: NL1S
x-officeversion: 16.0.8609.1900
x-officefe: a05c5ca600dd
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
content-length: 0
x-correlationid: 44c70d3f-8ff9-4e53-8776-ab224ffae21e
x-officefd: b592e35938ab
x-usersessionid: 7d508dd1-1ff5-40f9-930b-6612d8081dbb
x-powered-by: ARR/2.5
date: Wed, 13 Sep 2017 03:14:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control: private
x-msedge-ref: Ref A: FB53EC70085048E38A982167DA4317D3 Ref B: AMS04EDGE0316 Ref C: 2017-09-13T03:14:06Z
timing-allow-origin: *

GET
S 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/ 92 KB
33 KB 6ms
6ms Script
application/javascript 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
status: 200
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A4490A304
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1a73dfa5-0001-006f-3924-c8b506000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290642
x-ms-version: 2009-09-19

GET
S 200 wac_s_office-477e6735.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/ 303 KB
92 KB 7ms
7ms Script
application/javascript 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac_s_office-477e6735.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5717331cff1ffbde44e4eb14ab9d2bfe860ee379989b65a3ccba3f5aea5b6de5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: R35nNUawIaD+VdT9aSOz3Q==
status: 200
content-length: 94377
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A4135E1EB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 949b85aa-0001-0053-2e24-c801dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290679
x-ms-version: 2009-09-19

GET
S 200 wac2-34e3e925.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/ 311 KB
107 KB 6ms
6ms Script
application/javascript 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac2-34e3e925.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2351dd8bfcd6cdd2b5c106e48a086c19167ec3241222f3900a5bcd3d397b1c0b

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: NOPpJYwA9mxMNCQWKHx2tg==
status: 200
content-length: 109231
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A41337061
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45b23354-0001-00e4-4624-c80ed8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290700
x-ms-version: 2009-09-19

GET
S 200 wac1-94024fff.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/ 47 KB
14 KB 6ms
6ms Script
application/javascript 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac1-94024fff.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 41f576a814c905d9190328149f550bce7e188eeda25324f40261738962407550

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: lAJP/4aaRA3X0uTUWxGi6w==
status: 200
content-length: 14118
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:32 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A40F375BE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc04c421-0001-0011-4124-c82ac9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290700
x-ms-version: 2009-09-19

GET
S 200 wac0-c2bada28.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/ 15 KB
6 KB 7ms
7ms Script
application/javascript 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac0-c2bada28.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&wdo=2&authkey=AjcWzb70gGMMS-E
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a82b54c0de75d53bb6eb9c02dcfa197b6f677f2985aead1e3f396e11fbea75d7

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: wrraKM820d+OPkIdkPtmnw==
status: 200
content-length: 6055
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:32 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A4096C633
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7b257480-0001-0047-7924-c8c2b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290700
x-ms-version: 2009-09-19

GET
H/1.1 200
OK proxy Show response
skyapi.onedrive.live.com/api/ Frame 2530 448 B
295 B 643ms
124ms Document
text/html 157.55.109.226
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://skyapi.onedrive.live.com/api/proxy?v=3

Requested by

Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac_s_office-477e6735.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

157.55.109.226 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

msnbot-157-55-109-226.search.msn.com

Software

Resource Hash

b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-MSNSERVER: DM5SCH102221815
X-AsmVersion: UNKNOWN; 19.79.828.2019
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 13 Sep 2017 03:14:06 GMT
Content-Type: text/html
Cache-Control: public
Content-Encoding: gzip
Content-Length: 295
Expires: Thu, 13 Sep 2018 03:14:07 GMT

GET
S 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 8 KB
0 6ms
6ms Image
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//filesbucket3-5286f09d.css
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
status: 200
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A41992235
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45b274ad-0001-00e4-1024-c80ed8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290743
x-ms-version: 2009-09-19

GET
S 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 32 KB
0 6ms
6ms Image
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//wlx_fonts-c7993ded.css
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A48BF06B9
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cc03e8e3-0001-0011-4224-c82ac9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290575
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252AN...
https://c.bing.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252AN...
https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252AN...

42 B
42 B

31ms
31ms

Image
image/gif

207.46.194.10
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D2958%26IR%3D1%26EX%3D0%26L.h%3D506%26L.bc%3D640%26L.ac%3D642%26L.f%3D653%26L.sjs%3D2904%26L.ttg%3D2761%26C.st%3D1505272443551%26N.jsPlt%3D1382%26N.domIn%3D653%26N.req%3D441%26N.resp%3D9%26N.navType%3D0%26N.redirectCount%3D0&r=0.9809115188887896&ctsa=mr&CtsSyncId=93082212EADD41EBB298C1E51F987E1F&MUID=3753C0E36AAA63A133C2CA1F6EAA6749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.46.194.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: msnbot-207-46-194-10.search.msn.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Sep 2017 03:14:05 GMT
Last-Modified: Fri, 21 Jul 2017 18:08:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6d8b1c534c2d31:0"
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: private, no-cache, proxy-revalidate, no-store
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 42

Redirect headers

pragma: no-cache
date: Wed, 13 Sep 2017 03:14:06 GMT
x-msedge-ref: Ref A: F7D483FDA7984BD9B34BC2C8781DC37D Ref B: FRAEDGE0510 Ref C: 2017-09-13T03:14:06Z
x-powered-by: ASP.NET
status: 302
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&reqid=0026ddc3e7c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DBL3301xxPFE143%26MA%3Den-US%26B%3D17.502.3311%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.onenote%26PLT%3D2958%26IR%3D1%26EX%3D0%26L.h%3D506%26L.bc%3D640%26L.ac%3D642%26L.f%3D653%26L.sjs%3D2904%26L.ttg%3D2761%26C.st%3D1505272443551%26N.jsPlt%3D1382%26N.domIn%3D653%26N.req%3D441%26N.resp%3D9%26N.navType%3D0%26N.redirectCount%3D0&r=0.9809115188887896&ctsa=mr&CtsSyncId=93082212EADD41EBB298C1E51F987E1F&MUID=3753C0E36AAA63A133C2CA1F6EAA6749
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
S 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 8 KB
2 KB 6ms
6ms Stylesheet
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac2-34e3e925.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Referer: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&authkey=AjcWzb70gGMMS-E
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
status: 200
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A41992235
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45b274ad-0001-00e4-1024-c80ed8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290743
x-ms-version: 2009-09-19

GET
S 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001// 123 KB
93 KB 6ms
6ms Stylesheet
text/css 2.21.246.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001//wlx_fonts-c7993ded.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20170505.001/wac2-34e3e925.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.246.65 , Austria, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/view.aspx?ref=name&Bsrc=SMIT&resid=45235D62B62DECF5!105&cid=45235d62b62decf5&app=OneNote&authkey=AjcWzb70gGMMS-E
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Sep 2017 03:14:06 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Fri, 05 May 2017 22:58:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D4940A48BF06B9
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cc03e8e3-0001-0011-4224-c82ac9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=20290575
x-ms-version: 2009-09-19

GET
S 200 jquery-1.7.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame 2530 93 KB
33 KB 6ms
6ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

Requested by

Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/api/proxy?v=3

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frb/6735) /

Resource Hash

e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skyapi.onedrive.live.com/api/proxy?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Wed, 13 Sep 2017 03:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 33717
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:59 GMT
server: ECAcc (frb/6735)
etag: "80385acc33d21:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST OneNote.ashx
onenote.officeapps.live.com/o/ Frame 2530 0
0

GET
H/1.1 200
OK 7168a7368a4df9d4.js
contentstorage.osi.office.net/scripts/ Frame 2530 859 KB
185 KB 268ms
268ms Script
application/javascript 92.123.94.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://contentstorage.osi.office.net/scripts/7168a7368a4df9d4.js
Requested by: Host: s3-onenote-15.cdn.office.net
URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/OneNoteExp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.94.77 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-94-77.deploy.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 13 Sep 2017 03:14:09 GMT
Content-Encoding: gzip
Content-MD5: uz6DfqmQkk2yLZBjFsAf0A==
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-ms-lease-status: unlocked
Last-Modified: Tue, 29 Aug 2017 20:00:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4EF18977B5329
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
x-ms-request-id: 122fc566-001e-008a-513e-2c5010000000
Access-Control-Allow-Credentials: true
x-ms-version: 2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Domain: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/OneNote.ashx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onenote.officeapps.live.com/	1970-01-01 00:00:00	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
onenote.officeapps.live.com/	2017-12-13 03:14:05	Name: DcLcid Value: ui=1033&data=1033
.live.com/	2017-09-20 03:14:03	Name: wla42 Value:
.live.com/	1970-01-01 00:00:00	Name: E Value: P:HvSvfFX61Ig=:V7KbyNiVOBwUS9IZZPiid7txxzEvYEP7B5kyd1swq8E=:F
.onenote.officeapps.live.com/	1970-01-01 00:00:00	Name: NL1S-ARRAffinity Value: fce3064265b4a446ba0dc6a1f14d1414c11536dc119e8f8105b1f8310da829aa
.live.com/	1970-01-01 00:00:00	Name: xidseq Value: 2
.live.com/	1970-01-01 00:00:00	Name: xid Value: e6b46a20-be28-4ef7-99e9-8e3609a4a7d5&&BL3301xxPFE008&301

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://s3-onenote-15.cdn.office.net/o/s/1686091900_App_Scripts/Compat.js(Line 1) Message: OSF_Outil_getQueryStringParamValue: The parameter is not found.
console-api	log	URL: https://s3-officeapps-15.cdn.office.net/o/s/1686091900_App_Scripts/MicrosoftAjax.js(Line 5) Message: OSF_Outil_getQueryStringParamValue: The parameter is not found.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
c.bing.com
c.live.com
cdn.onenote.net
contentstorage.osi.office.net
fs.microsoft.com
officeclient.microsoft.com
onedrive.live.com
onenote.officeapps.live.com
p.sfx.ms
s3-officeapps-15.cdn.office.net
s3-onenote-15.cdn.office.net
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
www.microsoft.com
www.onenote.com
onenote.officeapps.live.com
www.onenote.com
157.55.109.226
184.31.90.4
2.21.246.65
204.79.197.200
204.79.197.217
207.46.194.10
23.97.178.173
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:a92::171
2a02:26f0:10c:38b::611
2a02:26f0:10c:38e::1aff
2a02:26f0:64:1a2::747
92.123.92.100
92.123.94.77
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984
04c012aec12127ff53e73956d41acf047abb5215462d03b1bcfe68a3dc2589be
05da92ebd494e1023a692129b9975d834bb366b99570705a88eb957082c899b0
06f84bce2d4d5141490fac5f67c0086680c8cf6f35fa63e0b1d5be30374974c4
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
20eedccccc41e6e5f60dbe11fc8aad537d2caec9bc88f418ac8918114165e0bd
2351dd8bfcd6cdd2b5c106e48a086c19167ec3241222f3900a5bcd3d397b1c0b
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6
3cb447e494dc8363c1c4cad5445efefac6a6d961945d94032b3cb9abd1f0404a
40db12793e8f8562e34b7c8f1c882034f351f3bc8463bf4412aa884b70d229f9
41f576a814c905d9190328149f550bce7e188eeda25324f40261738962407550
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
4e9e11959eb7117dbf4e0b1072f1193daf73709e1d58c2d8534186de02ba900a
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
55eefb5614436452d1aa4c3221012b0ab0b5b4acb4a1e235b61fbd996c75acb6
5717331cff1ffbde44e4eb14ab9d2bfe860ee379989b65a3ccba3f5aea5b6de5
5af66ff986a5b826e5d1b3b545f15a79e4a27057072606d4149d07ebca93455f
627ccb9705f4cc7f0153b5d3e067b0fcf21ada436ba00ad99c7c997cc260c9d3
63a20eb8055539ddb773373bd9b689d8e0e84c10252c1087f20906cb3e47ad66
644227d28c74b12bb60289965783e4549e0a19cf9240d2e4c1a23dcab5aaf2d0
681f5e1d6aa249ad6eb0400e01c541aec595a4dfc5d027ca16093d55f6cfe6ec
6a4f7d16240758dd426b54f5621669da849a5cc802ae427afbbe7d240397d6dc
732b1a707fc8a091ae23ccb64b4680358ef12bdde3f9263e233bc424a44fb3cc
77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd
7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395
7f325781c489c95a0b824065954736513e707695b4aa85f672b9170112b3608d
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7
8d78f84dafeb218b47e21e6847734a399c8419d8504d57271abf398d916ca823
93e9693f07d5a6c76e1031c25a16ae1ef39dcf00715d4e7591efa762e38898d9
949d4c7ca2b2867f9785e8bd7ccb397a11b6f6391d35fcc0dc38fcb5e3297766
96ca722b29f6a5723564ad8b5330547b44c649e1bc487ded9b0de2061f5dd643
98a2d9ef344ae858e2d110eba9fcdf9171c4c3cdd8fa7f0758230801e251a354
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d24c71b594e556fc731d3a8acd53950412b9b7000c1c21379a52fa1eab479f4
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a668a0dadfba1aeb59d8221585f1927324c72a13dee02022c0ce6a9f7e2c9108
a82b54c0de75d53bb6eb9c02dcfa197b6f677f2985aead1e3f396e11fbea75d7
aece4b6e6868bf24dfb8dbab8d14761bb66fcdc2210e9e02f07c9355fb363c88
b1c1b0090ded46cb4cb1d9eff87403b9a55685e309e3803dcefd872a88d78c33
b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d
b8acdb4da0c5df22fe7e25da5ab152f23e55c373aa539aa184beff5f900b3591
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c147634a4824cbac3188ae6f7d38ccc5620f1bf82e67da1fb08ee308230c1ed0
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c5d1a6be8f87340f4da25d3f14f735f63c8a876c4ee795e257a4afdcebe00e9c
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
d0a4a56e4b6fd9ee4765921c9317c487646a903c31f52a1dd7af72b4c5726779
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d8f889e6953866fb94fd5d5ebaa7b3ee08ab5d699087296cb25cd86994174619
db5afd59f5716e21cb940d85780242e0cd2b782c0529b4c1352e373bf4ef39de
dc7e1698b8ac3664b6f160a012b16af7df9b7ba1be6ca58e4a2f0f4081361a5f
de2e4df2862da8b69d06b14bafca8acfcd6e73c27c006b9e3acbadd5b3bd0de6
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e73d4d97e7a8b1642857b46ba169084426db4002c488fbe0732c0496752ab2d2
f35a69747df98cdb9837e73e1df933e0d8f9c5b77f184905f3caafc5d2428fc4
f79c0e27080ad2171de3521f4ea460c3cc0d1539416d1c35f4cfc88c7b5e2118

onedrive.live.com Open in urlscan Pro 204.79.197.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

97 %HTTPS

36 %IPv6

9 Domains

16 Subdomains

14 IPs

5 Countries

3647 kBTransfer

11360 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
204.79.197.217 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

97 %
HTTPS

36 %
IPv6

9
Domains

16
Subdomains

14
IPs

5
Countries

3647 kB
Transfer

11360 kB
Size

7
Cookies

69 HTTP transactions
4 data transactions