urlscan.io logo urlscan.io
SecurityTrails logo

www.microsoft.com Open in urlscan Pro
2600:141b:f000:b0ac::356e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdn.onenote.net/
Effective URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Submission: On November 24 via api from JP — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 1 countries across 44 domains to perform 111 HTTP transactions. The main IP is 2600:141b:f000:b0ac::356e, located in Edison, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 287.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on October 4th 2022. Valid for: a year.
This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:141b:f00... 20940 (AKAMAI-ASN1)
1 6 52.109.13.55 8075 (MICROSOFT...)
1 152.199.4.33 15133 (EDGECAST)
5 52.168.74.246 8075 (MICROSOFT...)
2 20.190.151.133 8075 (MICROSOFT...)
2 40.126.24.147 8075 (MICROSOFT...)
4 2620:1ec:49::40 8075 (MICROSOFT...)
1 21 2600:141b:f00... 20940 (AKAMAI-ASN1)
3 2620:1ec:40::40 8075 (MICROSOFT...)
14 2600:1400:d::... 20940 (AKAMAI-ASN1)
2 72.247.67.79 16625 (AKAMAI-AS)
1 25 52.33.194.179 16509 (AMAZON-02)
2 2600:141b:f00... 20940 (AKAMAI-ASN1)
1 1 35.174.188.209 14618 (AMAZON-AES)
1 3.226.2.172 14618 (AMAZON-AES)
1 1 216.200.232.253 30419 (MEDIAMATH...)
1 2 20.221.206.60 8075 (MICROSOFT...)
2 2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2600:141b:f00... 20940 (AKAMAI-ASN1)
2 3 68.67.178.10 29990 (ASN-APPNEX)
2 2 35.190.60.146 15169 (GOOGLE)
2 3 142.250.80.66 15169 (GOOGLE)
12 13 151.101.130.49 54113 (FASTLY)
6 20.42.73.24 8075 (MICROSOFT...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 1 199.38.167.131 54312 (ROCKETFUEL)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 2620:116:800b... 27281 (QUANTCAST)
1 1 23.192.41.210 16625 (AKAMAI-AS)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 76.13.32.147 26101 (YAHOO-BF1)
2 2 23.76.43.24 16625 (AKAMAI-AS)
1 1 3.213.126.19 ()
1 104.18.8.110 ()
1 1 192.132.33.46 ()
2 2 35.71.139.29 ()
1 34.192.159.16 ()
2 2 54.172.188.135 ()
1 69.173.151.100 ()
1 2 192.40.39.223 ()
1 2 34.98.64.218 ()
1 8.28.7.83 ()
1 2 192.35.249.137 ()
1 2a03:2880:f12... ()
1 2a04:4e42:400... ()
2 3 52.46.151.131 ()
1 1 23.23.131.203 ()
111 31
1    2600:141b:f000:1a5::611 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.onenote.net
6    52.109.13.55 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.onenote.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
5    52.168.74.246 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
site.onenote.com
2    20.190.151.133 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    40.126.24.147 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
4    2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
logincdn.msftauth.net
mem.gfx.ms
21    2600:141b:f000:b0ac::356e (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
3    2620:1ec:40::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
js.monitor.azure.com
14    2600:1400:d::17cc:8a4a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
2    72.247.67.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-67-79.deploy.static.akamaitechnologies.com
query.prod.cms.rt.microsoft.com
25    52.33.194.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-194-179.us-west-2.compute.amazonaws.com
dpm.demdex.net
mscom.demdex.net
2    2600:141b:f000:192::356e (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.s-microsoft.com
1    35.174.188.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-188-209.compute-1.amazonaws.com
cm.everesttech.net
1    3.226.2.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-2-172.compute-1.amazonaws.com
target.microsoft.com
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    20.221.206.60 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c1.microsoft.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    2600:141b:f000:194::1e80 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    68.67.178.10 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
3    142.250.80.66 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net
13    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
rtd.tubemogul.com
rtd-tm.everesttech.net
sync-tm.everesttech.net
6    20.42.73.24 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN27281 (QUANTCAST, US)
cms.quantserve.com
1    23.192.41.210 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-41-210.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
2    23.76.43.24 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-43-24.deploy.static.akamaitechnologies.com
px.owneriq.net
1    3.213.126.19 (None, )

ASN- ()
jadserve.postrelease.com
1    104.18.8.110 (None, )

ASN- ()
ds.reson8.com
1    192.132.33.46 (None, )

ASN- ()
bttrack.com
2    35.71.139.29 (None, )

ASN- ()
dmpsync.3lift.com
1    34.192.159.16 (None, )

ASN- ()
rtb.adentifi.com
2    54.172.188.135 (None, )

ASN- ()
sync.crwdcntrl.net
1    69.173.151.100 (None, )

ASN- ()
pixel.rubiconproject.com
2    192.40.39.223 (None, )

ASN- ()
dsum-sec.casalemedia.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
1    8.28.7.83 (None, )

ASN- ()
image2.pubmatic.com
2    192.35.249.137 (None, )

ASN- ()
sync.search.spotxchange.com
1    2a03:2880:f12c:183:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
3    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
1    23.23.131.203 (None, )

ASN- ()
sync.srv.stackadapt.com
Apex Domain
Subdomains		 Transfer
32 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 287
query.prod.cms.rt.microsoft.com — Cisco Umbrella Rank: 6987
target.microsoft.com — Cisco Umbrella Rank: 14339
c1.microsoft.com — Cisco Umbrella Rank: 6356
browser.events.data.microsoft.com — Cisco Umbrella Rank: 242
577 KB
25 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 189
mscom.demdex.net — Cisco Umbrella Rank: 14349
27 KB
14 akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1235
211 KB
12 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 894
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2823
sync-tm.everesttech.net
2 KB
11 onenote.com
www.onenote.com — Cisco Umbrella Rank: 3914
site.onenote.com — Cisco Umbrella Rank: 7399
89 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 440
37 KB
4 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 1873
60 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
899 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
3 KB
2 spotxchange.com
sync.search.spotxchange.com
902 B
2 openx.net
us-u.openx.net
381 B
2 casalemedia.com
dsum-sec.casalemedia.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
876 B
2 3lift.com
dmpsync.3lift.com
764 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 962
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 783
s.tribalfusion.com — Cisco Umbrella Rank: 1813
945 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 307
953 B
2 tubemogul.com
rtd.tubemogul.com — Cisco Umbrella Rank: 7303
373 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 333
833 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 251
1 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 11532
63 KB
2 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 3296
13 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 25
57 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 85
13 KB
1 stackadapt.com
sync.srv.stackadapt.com
554 B
1 taboola.com
trc.taboola.com
379 B
1 facebook.com
www.facebook.com
560 B
1 pubmatic.com
image2.pubmatic.com
451 B
1 rubiconproject.com
pixel.rubiconproject.com
755 B
1 adentifi.com
rtb.adentifi.com
35 B
1 bttrack.com
bttrack.com
434 B
1 reson8.com
ds.reson8.com
97 B
1 postrelease.com
jadserve.postrelease.com
532 B
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 813
833 B
1 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 757
552 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649
494 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 774
735 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 541
393 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1940
554 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 471
684 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1506
34 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1114
39 KB
1 onenote.net
cdn.onenote.net — Cisco Umbrella Rank: 1107
789 B
111 44
Domain Requested by
23 dpm.demdex.net 1 redirects www.microsoft.com
21 www.microsoft.com 1 redirects site.onenote.com
www.microsoft.com
14 img-prod-cms-rt-microsoft-com.akamaized.net www.microsoft.com
9 sync-tm.everesttech.net 9 redirects
6 browser.events.data.microsoft.com www.microsoft.com
6 www.onenote.com 1 redirects site.onenote.com
5 site.onenote.com www.onenote.com
4 assets.adobedtm.com query.prod.cms.rt.microsoft.com
assets.adobedtm.com
4 mem.gfx.ms www.microsoft.com
mem.gfx.ms
3 s.amazon-adsystem.com 2 redirects
3 cm.g.doubleclick.net 2 redirects
3 ib.adnxs.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 dmpsync.3lift.com 2 redirects
2 px.owneriq.net 2 redirects
2 match.adsrvr.org 2 redirects
2 rtd-tm.everesttech.net 1 redirects
2 rtd.tubemogul.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 c.bing.com 2 redirects
2 c1.microsoft.com 1 redirects
2 mscom.demdex.net www.microsoft.com
2 c.s-microsoft.com www.microsoft.com
2 query.prod.cms.rt.microsoft.com www.microsoft.com
2 logincdn.msftauth.net login.live.com
2 login.microsoftonline.com site.onenote.com
login.microsoftonline.com
2 login.live.com site.onenote.com
mem.gfx.ms
1 sync.srv.stackadapt.com 1 redirects
1 trc.taboola.com
1 www.facebook.com
1 image2.pubmatic.com
1 pixel.rubiconproject.com
1 rtb.adentifi.com
1 bttrack.com 1 redirects
1 ds.reson8.com
1 jadserve.postrelease.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 servedby.flashtalking.com 1 redirects
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 analytics.twitter.com
1 idpix.media6degrees.com 1 redirects
1 sync.mathtag.com 1 redirects
1 target.microsoft.com www.microsoft.com
1 cm.everesttech.net 1 redirects
1 js.monitor.azure.com mem.gfx.ms
1 ajax.aspnetcdn.com www.onenote.com
1 cdn.onenote.net 1 redirects
111 53
Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft RSA TLS CA 01		 2022-09-13 -
2023-09-13		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
site.onenote.com
Microsoft Azure TLS Issuing CA 02		 2022-09-01 -
2023-08-27		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-10-04 -
2023-10-04		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-11-17 -
2023-11-17		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 05		 2022-10-21 -
2023-10-16		 a year crt.sh
www.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-10-04 -
2023-09-29		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.prod.cms.rt.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2022-07-08 -
2023-07-03		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
target.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-12 -
2023-09-12		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2022-09-08 -
2023-09-03		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-25 -
2023-03-25		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Frame ID: 44A8CFCAD70C3FEC3F52405D323A7DA4
Requests: 67 HTTP requests in this frame

Frame: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Frame ID: B041659B67EFCFD7B74FC4E4DEF45341
Requests: 2 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de&sso_reload=true
Frame ID: F356C9577D870B3E0250247C808BA5CB
Requests: 2 HTTP requests in this frame

Frame: https://mscom.demdex.net/dest5.html?d_nsid=0
Frame ID: 281F8EA30FBFDB6D4259E802129B0C0F
Requests: 35 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=0bde5196-cde8-4781-932d-50f6c3a18fc3&partnerId=officeproducts
Frame ID: CC8968EE75AD0E1E4FBEBF8577213003
Requests: 2 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com%2Fen-ca%2Fmicrosoft-365%2Fonenote%2Fdigital-note-taking-app%3Fms.url%3Donenotecom%26rtc%3D1
Frame ID: 19CE50A3509BB3F1CB9B917C2792156C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft OneNote Digital Note Taking App | Microsoft 365

Page URL History Show full URLs

  1. http://cdn.onenote.net/ HTTP 301
    https://www.onenote.com/ HTTP 302
    https://www.onenote.com/signin?wdorigin=ondc Page URL
  2. https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom HTTP 302
    https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

70 %
HTTPS

27 %
IPv6

44
Domains

53
Subdomains

31
IPs

1
Countries

1222 kB
Transfer

3907 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdn.onenote.net/ HTTP 301
    https://www.onenote.com/ HTTP 302
    https://www.onenote.com/signin?wdorigin=ondc Page URL
  2. https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom HTTP 302
    https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cdn.onenote.net/ HTTP 301
  • https://www.onenote.com/ HTTP 302
  • https://www.onenote.com/signin?wdorigin=ondc
Request Chain 55
  • https://cm.everesttech.net/cm/dd?d_uuid=48665310382873181221899482621664829459 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3-pRAAAAJpBxwOH
Request Chain 60
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=48665310382873181221899482621664829459&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d48665310382873181221899482621664829459 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=36d7637f-e945-4700-9743-deb575974ae4&ddsuuid=48665310382873181221899482621664829459
Request Chain 61
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&RedC=c1.microsoft.com&MXFR=0DE8A05263D168471E6DB23462C369A9 HTTP 302
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&MUID=0DE8A05263D168471E6DB23462C369A9
Request Chain 68
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8220684583014101988
Request Chain 71
  • https://idsync.rlcdn.com/365868.gif?partner_uid=48665310382873181221899482621664829459 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTkQABoNCMTS_5sGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=b42d4922e2805188e441de9d77d5cc2b0ef75e4eac3ad3192240b28bc972a983b0da87c991749652
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTk= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTk=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3MaOJWuyYXOoZm-aBBs2Y&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 75
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
Request Chain 78
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=48665310382873181221899482621664829459 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1pmcfmneuxix6
Request Chain 80
  • https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1783777317953358447
Request Chain 81
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
Request Chain 82
  • https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Q7_a9BC12adY7d73Fr7Ap0G71fFYvNT2Q7hbRA_3
Request Chain 83
  • https://c.bing.com/c.gif?uid=48665310382873181221899482621664829459&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0DE8A05263D168471E6DB23462C369A9
Request Chain 84
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54416EECA6E22E&gdpr=0&gdpr_consent=
Request Chain 85
  • https://a.tribalfusion.com/i.match?p=b13&u=48665310382873181221899482621664829459&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b13&u=48665310382873181221899482621664829459&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22054
Request Chain 86
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=48665310382873181221899482621664829459&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-LmHZN6RE2pH08LyOXk0AHSl2gru5xsfC85E-~A
Request Chain 87
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7226135741189320244&uid=Q7226135741189320244&ref=%2Feucm%2Fp%2Fadpq HTTP 302
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7226135741189320244
Request Chain 90
  • https://jadserve.postrelease.com/dmp/7?vk=48665310382873181221899482621664829459&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=38117&dpuuid=54c4d319-7a3d-40ec-8829-216beea11514
Request Chain 93
  • https://bttrack.com/dmp/adobe/user?dd_uuid=48665310382873181221899482621664829459 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=49276&dpuuid=3164b308-5c88-4ce3-bb9f-24db528c48ae
Request Chain 94
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2545428555874315652665&gdpr=0&gdpr_consent=
Request Chain 97
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=48665310382873181221899482621664829459?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=48665310382873181221899482621664829459?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=80e45ed04ab5f3665bf813903eb75418
Request Chain 98
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
Request Chain 99
  • https://rtd.tubemogul.com/migrate_et3/ HTTP 302
  • https://rtd-tm.everesttech.net/migrate_et3/
Request Chain 100
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTMtcFJBQUFBSnBCeHdPSA==
Request Chain 101
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3-pRAAAAJpBxwOH&expires=90
Request Chain 102
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH&C=1
Request Chain 103
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y3-pRAAAAJpBxwOH
Request Chain 104
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3-pRAAAAJpBxwOH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3-pRAAAAJpBxwOH
Request Chain 105
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3-pRAAAAJpBxwOH
Request Chain 106
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1&__user_check__=1&sync_id=48cc4a07-6c43-11ed-ae29-1f1ca6fb0403
Request Chain 107
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3-pRAAAAJpBxwOH&t=2592000&o=0
Request Chain 109
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=C5mP11fORnuG9kdhJgvIMg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=48665310382873181221899482621664829459
Request Chain 110
  • https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
  • https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1Pg99NrBQoF8cfXdCQYwDJU4mb0

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
signin
www.onenote.com/
Redirect Chain
  • http://cdn.onenote.net/
  • https://www.onenote.com/
  • https://www.onenote.com/signin?wdorigin=ondc
21 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.55 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b98d7f2c313a9a01dee6d2eeb8e2f164c99de0a246c39d76a776c6e41a1fb6b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
3109
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:28 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-correlationid
c15ee6da-d8bf-4d7c-9f82-131e96205050
x-officecluster
eus-000.site.onenote.com
x-officefe
SiteFrontEnd_IN_6
x-officeversion
16.0.15914.40456
x-routingcorrelationid
c15ee6da-d8bf-4d7c-9f82-131e96205050
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-routingsessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-usersessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-encoding
gzip
content-length
143
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:28 GMT
location
https://www.onenote.com/signin?wdorigin=ondc
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-correlationid
a60e29ee-318e-4b7a-990b-ad8fd45532c6
x-officecluster
eus-000.site.onenote.com
x-officefe
SiteFrontEnd_IN_6
x-officeversion
16.0.15914.40456
x-routingcorrelationid
a60e29ee-318e-4b7a-990b-ad8fd45532c6
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-routingsessionid
89c3f25c-1f34-4cf1-813e-2369f5282034
x-usersessionid
89c3f25c-1f34-4cf1-813e-2369f5282034
x-xss-protection
1; mode=block
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/8133) /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7764796
x-cache
HIT
content-length
39744
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 15:26:14 GMT
server
ECAcc (cha/8133)
etag
"c844f287112d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bodymovin.min.js
site.onenote.com/libraries/bodymovin/4.13.0/ 		248 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/libraries/bodymovin/4.13.0/bodymovin.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.246 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
60057
last-modified
Mon, 14 Nov 2022 14:53:12 GMT
server
Microsoft-IIS/10.0
x-usersessionid
afc25804-5d8e-492d-a3bb-6d6501cf6af7
x-correlationid
afc25804-5d8e-492d-a3bb-6d6501cf6af7
x-officecluster
eus-000.site.onenote.com
etag
"03c41d138f8d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
CommonDiagnostics.js
site.onenote.com/161591440456_Scripts/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161591440456_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.246 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Mon, 14 Nov 2022 14:53:12 GMT
x-correlationid
b5171e97-1687-454a-94ba-55636d811143
x-usersessionid
b5171e97-1687-454a-94ba-55636d811143
x-officecluster
eus-000.site.onenote.com
etag
"03c41d138f8d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
Common.js
site.onenote.com/161591440456_Scripts/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161591440456_Scripts/Common.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.246 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7dcf3a69f756a6f1381e2371fbdaff1d09cfa9c602bb48802f67989804d06262
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4489
last-modified
Mon, 14 Nov 2022 14:53:12 GMT
x-correlationid
77253cb6-ea73-44e2-8376-678548171a7c
x-usersessionid
77253cb6-ea73-44e2-8376-678548171a7c
x-officecluster
eus-000.site.onenote.com
etag
"03c41d138f8d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
DefaultSignIn.min.js
site.onenote.com/161591440456_Scripts/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161591440456_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.246 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
3461
last-modified
Mon, 14 Nov 2022 14:53:12 GMT
x-correlationid
f4f206d1-97eb-44ad-802e-66dcb34b5ae4
x-usersessionid
f4f206d1-97eb-44ad-802e-66dcb34b5ae4
x-officecluster
eus-000.site.onenote.com
etag
"03c41d138f8d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
Default2SignIn.js
site.onenote.com/161591440456_Scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161591440456_Scripts/Default2SignIn.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.246 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e9938668b176bfedffcdd211615019e758eab1deb786ba09c81cbd019ab1c0ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4537
last-modified
Mon, 14 Nov 2022 14:53:12 GMT
x-correlationid
537167bd-f0cd-4914-b963-9d86a71390ca
x-usersessionid
537167bd-f0cd-4914-b963-9d86a71390ca
x-officecluster
eus-000.site.onenote.com
etag
"03c41d138f8d81:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
RemoteUls.ashx
www.onenote.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.55 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
5ec1fecf-f13d-407a-aef9-d5239511213a
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-correlationid
590be4ad-a0a5-41db-ad78-714ed2573d67
x-officecluster
eus-000.site.onenote.com
x-usersessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
590be4ad-a0a5-41db-ad78-714ed2573d67
cache-control
private
x-routingsessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.55 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
5ec1fecf-f13d-407a-aef9-d5239511213a
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Nov 2022 21:59:30 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-correlationid
b01ecb2f-59ce-4119-ae06-40998bb7169c
x-officecluster
eus-000.site.onenote.com
x-usersessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
b01ecb2f-59ce-4119-ae06-40998bb7169c
cache-control
private
x-routingsessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
Me.srf
login.live.com/ Frame B041 		12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f7b4b615ae2e69ccfeb8a624f6d52f8d6043324f0e469687d6f8341d1948546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
4865
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 21:59:30 GMT
Expires
Thu, 24 Nov 2022 21:58:30 GMT
Link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF00006838 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
0ee5cde8-9faf-4bd1-83e2-2c8297a2d2ae
x-ms-route-info
R3_BL2
savedusers
login.microsoftonline.com/ Frame F356 		152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.147 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c054eac644da1534a1f2e07a93598857f0c5f9afa95b2fb70b73b15f5c5a289c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55024
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 21:59:30 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.14059.16 - EUS ProdSlices
x-ms-request-id
134d9cbb-44ca-4244-bea6-e5a727a05c01
savedusers
login.microsoftonline.com/ Frame F356 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.147 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
383cd43ce18934620e54db87f992ef4dce0de3494ec6d070aeeb1a7984b018dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
1033
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 21:59:30 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.14059.16 - NCUS ProdSlices
x-ms-request-id
0bbe5d3e-0cc9-4b8f-bd4d-af87f5f60c01
MeControl_GO_wC8TuKKkgsOmYJN749A2.js
logincdn.msftauth.net/16.000/content/js/ Frame B041 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/16.000/content/js/MeControl_GO_wC8TuKKkgsOmYJN749A2.js
Requested by
Host: login.live.com
URL: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
be261893b3c955360005423ba744db1623bc8fc77d9989a5d9fa425e1e75d363

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 21:59:30 GMT
content-encoding
gzip
x-azure-ref-originshield
0OYdxYwAAAAAtvc5PDIO7S6p3VFYgJkNDTU5aMjIxMDYwNjExMDIxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
KPq1c+IXrD9W30CH+BCXQA==
x-cache
TCP_HIT
content-length
6045
x-ms-lease-status
unlocked
last-modified
Wed, 02 Nov 2022 05:20:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABC91F96DA192
x-azure-ref
0Q+l/YwAAAADrDCF7y2VWQpEJkGl2hXDuWVRPMjIxMDkwODE4MDE5AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b1719435-201e-0055-79a1-f6d34a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
RemoteUls.ashx
www.onenote.com/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.55 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
5ec1fecf-f13d-407a-aef9-d5239511213a
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Nov 2022 21:59:31 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-correlationid
03f18fbe-270d-4b7d-b9dc-9232e85b807a
x-officecluster
eus-000.site.onenote.com
x-usersessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
03f18fbe-270d-4b7d-b9dc-9232e85b807a
cache-control
private
x-routingsessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.13.55 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
5ec1fecf-f13d-407a-aef9-d5239511213a
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Nov 2022 21:59:31 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.15914.40456
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_10
x-routingofficeversion
16.0.15914.40454
x-correlationid
3bcede94-080f-4775-831b-7ff8cf0e966e
x-officecluster
eus-000.site.onenote.com
x-usersessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
3bcede94-080f-4775-831b-7ff8cf0e966e
cache-control
private
x-routingsessionid
5ec1fecf-f13d-407a-aef9-d5239511213a
x-routingofficecluster
eus-azsc-001.reverseproxy.onenote.com
Primary Request digital-note-taking-app
www.microsoft.com/en-ca/microsoft-365/onenote/
Redirect Chain
  • https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom
  • https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
211 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161591440456_Scripts/Default2SignIn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d89b2c0caa3c1235c55d037ee48581ee25caac91ecd4d8de0211bb6beb02c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control
no-cache, no-store, no-transform
content-encoding
gzip
content-length
46835
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:31 GMT
expires
-1
ms-cv
qnrxzSt250ep2pFz.0
ms-operation-id
56d51b7f018fe24d810a350b5093d015
p3p
CP="CAO CONi OTR OUR DEM ONL"
pragma
no-cache
strict-transport-security
max-age=31536000
tls_version
tls1.3
vary
Accept-Encoding
x-activity-id
db26d88a-bd7b-4159-bd92-847457e6509c
x-appversion
1.0.8349.33967
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rtag
RT
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control
max-age=0, no-cache, no-store
content-length
222
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:31 GMT
expires
Thu, 24 Nov 2022 21:59:31 GMT
location
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
ms-cv
7CUBhMb+8USd24wz.0
ms-operation-id
830ffa4cf6856b449065340b9a390140
p3p
CP="CAO CONi OTR OUR DEM ONL"
pragma
no-cache
strict-transport-security
max-age=31536000
tls_version
tls1.3
x-activity-id
f64d7edb-ec43-45fb-bee8-c582bd092ebc
x-appversion
1.0.8349.33967
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-rtag
RT
x-xss-protection
1; mode=block
RemoteUls.ashx
www.onenote.com/ 		0
0
mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
2979ff487b56294b9811fea7d3cb819d
date
Thu, 24 Nov 2022 21:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
f859d689-3946-41c4-89f6-a5786c5cc4e2
tls_version
tls1.3
ms-cv
kPB1IrvcA0mcES0C.0
content-length
22904
x-xss-protection
1; mode=block
last-modified
Mon, 11 Apr 2022 08:14:22 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=11873691
x-appversion
1.0.8125.42964
expires
Tue, 11 Apr 2023 08:14:22 GMT
social
www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hype... 		468 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
905367e3bd68a81d76143294737fec5fc8de039f653f7fe4ad2629ab54d952d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
27e614285059554c952278baa777e4c5
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-11-02T18:20:15
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
01f61226-98d3-4230-b5b8-ab0437450441
tls_version
tls1.3
ms-cv
1zGK7OyBkkm5LLv0.0
content-length
50356
x-xss-protection
1; mode=block
last-modified
Wed, 02 Nov 2022 18:20:13 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-28T04:12:36.0000000Z}
x-s1
2022-11-02T18:20:15
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=29622042
timing-allow-origin
*
x-appversion
1.0.8335.36378
expires
Thu, 02 Nov 2023 18:20:13 GMT
f7-fea1b5
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/microsoft-365/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/6f-d7d610/53-06022a/2a-d7fc75/eb-b9e528/98-2133bc/66-... 		373 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/microsoft-365/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/6f-d7d610/53-06022a/2a-d7fc75/eb-b9e528/98-2133bc/66-44826c/68-7e0fea/c0-8f81ed/d0-9fa912/1d-7e1880/28-27206c/eb-89f891/1c-c8f01f/ef-a24652/81-fd3bd1/c2-67adea/f7-fea1b5?ver=2.0&_cf=02242021_3231
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f89a2908c8b428e81e5995d4cd1d9a7f87572c5447a49b00573a8d6f4ab509f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
c2a21d163e8af947976f6feeacde64bb
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-11-17T15:58:18
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
c27f6f54-ccca-4384-93f9-1bf5b04d30a6
tls_version
tls1.3
ms-cv
sQUkRigE5kGEiLfR.0
content-length
45422
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 15:58:17 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-s1
2022-11-17T15:58:18
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30909526
timing-allow-origin
*
x-appversion
1.0.8349.33967
expires
Fri, 17 Nov 2023 15:58:17 GMT
jquery-3.5.1.min.js
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/jquery-3.5.1.min.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
16f7fbf67ca4f04581b390f34bdeb6ab
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
3774b379-ddcd-4a60-9ccf-93be36b0962a
tls_version
tls1.3
ms-cv
lDU5C2KX0E2Fuh2V.0
content-length
30958
x-xss-protection
1; mode=block
last-modified
Thu, 28 Apr 2022 10:18:56 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-22T02:28:24.0000000Z}
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=13349965
x-appversion
1.0.8146.33252
expires
Fri, 28 Apr 2023 10:18:56 GMT
at.js
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/daa3a9f7/office.testdrive/externalscripts/adobetarget/ 		221 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/daa3a9f7/office.testdrive/externalscripts/adobetarget/at.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd492824df9e0e64f4cd4d609a426f1fa06aacabc56afc3fb108dc44798d2b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
a8a35c8743dd6f48af63a9dbb15f5bd9
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
ef348422-cc23-40df-9e8a-a547d301e72e
tls_version
tls1.3
ms-cv
EDLFHsuF8k6v4rZe.0
x-xss-protection
1; mode=block
last-modified
Tue, 03 May 2022 19:25:42 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-29T04:23:10.0000000Z}
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=13814771
x-appversion
1.0.8153.36695
expires
Wed, 03 May 2023 19:25:42 GMT
9f-763b80
www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/44-f01b50/79-851f4c/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-c... 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/44-f01b50/79-851f4c/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/2b-3c7e83/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9/9f-763b80?ver=2.0&_cf=02242021_3231
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
76deaf57a0d1a28a55f7decc60bd204b99b7e2359cc2baa9f7b3fbbd4c1838f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
94d35b0077f0ed4196d6a84ea16f9584
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-10-19T00:18:07
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
22a72bc0-3b3f-45e9-a6df-f9ef56f302b5
tls_version
tls1.3
ms-cv
/ubqmGf730KCrHal.0
content-length
29761
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 00:18:07 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-14T01:18:56.0000000Z}
x-s1
2022-10-19T00:18:07
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=28347526
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8321.31168
expires
Thu, 19 Oct 2023 00:18:17 GMT
c5-b377aa
www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/bb-837594/97-68c2ce/29-e9e2d4/90-df9727/d7-f81b99/19-48c3ba/ce-8d19fe/25-1568f6/cf-31e07d/16-1fd0bb/cc-b... 		519 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/bb-837594/97-68c2ce/29-e9e2d4/90-df9727/d7-f81b99/19-48c3ba/ce-8d19fe/25-1568f6/cf-31e07d/16-1fd0bb/cc-b4c199/26-476d83/c5-b377aa?ver=2.0&_cf=02242021_3231
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
039d0bde667ce44c6bec236d1e38a29fc325f29518d73b4ec2126a40cfe9ac2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
e214081885c24c47975f771446198d1c
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-09-07T18:42:10
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
2cafb488-3fe6-4d69-860b-efe2e2005fa6
tls_version
tls1.3
ms-cv
KSbHWMEmHU6nPQR2.0
content-length
132930
x-xss-protection
1; mode=block
last-modified
Wed, 07 Sep 2022 18:42:10 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
x-s1
2022-09-07T18:42:10
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=24784899
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8276.37632
expires
Thu, 07 Sep 2023 18:41:10 GMT
4f-a47e0e
www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/ 		206 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
654de40bb758e63a64b1d1572ed1509fe3b1323b66127e6f7dc994e898bdae65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
6c450e231a699c49bdce4921064558ed
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-11-16T01:30:26
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
8d8ba7f3-3960-4d59-9ccb-bb2ac4c27742
tls_version
tls1.3
ms-cv
7CU+KFYBRUarsrzy.0
content-length
69506
x-xss-protection
1; mode=block
last-modified
Wed, 16 Nov 2022 01:30:26 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-s1
2022-11-16T01:30:26
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30771083
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8349.33967
expires
Thu, 16 Nov 2023 01:30:54 GMT
social
www.microsoft.com/mwf/js/MWF_20220915_56101889/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/l... 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/js/MWF_20220915_56101889/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9cb9c91f72230219fb849cc666a992b2b82e0a85897067a5b4e9aea7a455910a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
a24737f01d75124e975e46842795c09a
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-11-02T18:22:30
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
4a361c66-57a6-423c-b819-1544be53cc5f
tls_version
tls1.3
ms-cv
feFDgcykf0CtHPxu.0
content-length
26552
x-xss-protection
1; mode=block
last-modified
Wed, 02 Nov 2022 18:22:29 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-28T04:12:36.0000000Z}
x-s1
2022-11-02T18:22:30
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=29622177
timing-allow-origin
*
x-appversion
1.0.8335.36378
expires
Thu, 02 Nov 2023 18:22:28 GMT
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-ca&uhf=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9110408d1bb1bb7c96a4db55d209cd3c0b790b3772e603a8bf6efbd5795f023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ua-compatible
IE=edge
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 21:59:32 GMT
x-azure-ref-originshield
0mU9/YwAAAADtofkHPl1FS7yS24Nc1zhgTU5aMjIxMDYwNjEyMDMzAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref
0ROl/YwAAAAAGWuHefuGNT6BfDlX2F0qaWVRPMjIxMDkwODE3MDUxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
expires
Thu, 24 Nov 2022 22:37:41 GMT
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Mon, 14 Nov 2022 19:59:33 GMT
x-resizerversion
1.0
x-source-length
4054
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=338803
x-activityid
700cd4a4-3335-48e0-a5c1-4e1c947ff6d3
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin
*
content-length
4054
expires
Mon, 28 Nov 2022 20:06:15 GMT
RE26mYP
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE26mYP?ver=4cb5&q=90&m=2&h=768&w=1024&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
48f8286cf542b96996fa8c49cdfa11aeeafcfc6cfb5eb7a473a919a3623b9496

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Sun, 20 Nov 2022 17:27:41 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=70061
content-length
64944
expires
Fri, 25 Nov 2022 17:27:13 GMT
1x1clear.gif
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/9be151e5/coreui.statics/images/ 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/9be151e5/coreui.statics/images/1x1clear.gif
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
1f95af075e90c144a64814b49f1030d7
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
cebcf2d7-ff9f-42ea-99e2-18016d8f1661
tls_version
tls1.3
ms-cv
uRVVzthVpECUemsO.0
content-length
43
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 14:25:15 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=11809542
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 14:25:14 GMT
RE2l8Zw
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		438 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2l8Zw?ver=0615&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
af196477ca96a8514323df78ee44216f6e0afa65ea19b248168da12a09575205

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Mon, 21 Nov 2022 16:04:43 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=151322
content-length
438
expires
Sat, 26 Nov 2022 16:01:34 GMT
RE2lGIj
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		438 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lGIj?ver=9eee&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
89ffb7d08c9d0694733ecdbe4e2fac9f07af0d40cda7ecb5d9135fd706ae4405

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Mon, 21 Nov 2022 05:56:01 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=115026
content-length
438
expires
Sat, 26 Nov 2022 05:56:38 GMT
RE2lGIm
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		524 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lGIm?ver=9db8&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c166f044b29964b2e35261189bb67647d4043dda8dedce4a3f06fb4b88c3a007

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Thu, 24 Nov 2022 15:31:44 GMT
x-serial
640
server
Akamai Image Manager
x-check-cacheable
YES
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=408546
content-length
524
expires
Tue, 29 Nov 2022 15:28:38 GMT
RE2lgSp
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		388 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lgSp?ver=b96a&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
256419001640c17483b12ab834a7d71c6ab12ed65f52fe384b60d67693850e1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Wed, 23 Nov 2022 15:09:40 GMT
x-serial
555
server
Akamai Image Manager
x-check-cacheable
YES
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=320931
content-length
388
expires
Mon, 28 Nov 2022 15:08:23 GMT
RE2lrfK
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		384 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lrfK?ver=31e0&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
84cc1e0279d9fabca4607596d2927e07370fac0cd8247db765466fd4f7241019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Wed, 23 Nov 2022 14:27:07 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=318355
content-length
384
expires
Mon, 28 Nov 2022 14:25:27 GMT
RE2lgSs
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		700 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lgSs?ver=7dc3&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
69225e6ab4064f869cf57a2857e42e1726504d3c8b470bfc91bd401f2df1d3c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Mon, 21 Nov 2022 07:09:50 GMT
x-serial
1228
server
Akamai Image Manager
x-check-cacheable
YES
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=119373
content-length
700
expires
Sat, 26 Nov 2022 07:09:05 GMT
RE2lr00
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		416 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lr00?ver=0e19&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f6ddb122fbeedf31e0cd1971e1de361c57f698c89b1617e3cb1a46ed38c33abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Sun, 20 Nov 2022 18:44:40 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=74755
content-length
416
expires
Fri, 25 Nov 2022 18:45:27 GMT
RE2lgFW
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		376 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lgFW?ver=171e&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1d86c8e6eb668b8f983c0eefefff756f5d422c0ddfe1150d2dd6913600fe68f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Sat, 19 Nov 2022 16:48:39 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=370433
content-length
376
expires
Tue, 29 Nov 2022 04:53:25 GMT
RE2yJZy
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		532 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2yJZy?ver=066d&q=90&h=40&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cc35db3b27e4ad27322095727f7d4b539448eb0bbcaa9baab703d19a8ec89ec3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Wed, 23 Nov 2022 12:05:55 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=309973
content-length
532
expires
Mon, 28 Nov 2022 12:05:45 GMT
LinkedIn.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/30de2af0/office.testdrive/images/social/ 		315 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/30de2af0/office.testdrive/images/social/LinkedIn.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
45b13a55cf79034dbb99a143004bd819
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
f39bbbbd-a530-467b-b0fc-26c5209ecad7
tls_version
tls1.3
ms-cv
hzaEvYwRG0e+m07y.0
content-length
315
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 19:42:05 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11828553
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 19:42:05 GMT
LinkedIn-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e9682e51/office.testdrive/images/social/ 		293 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/e9682e51/office.testdrive/images/social/LinkedIn-high-contrast.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
361b6014458b0bb0eeca24f4cbc59f4dd365e7a6813855ea159b7b596af9c772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
3352b5d86fedca4dbfd72c1998d54b8d
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
84f3dbe5-d8d3-4aa9-842e-3d1decf6cbfe
tls_version
tls1.3
ms-cv
r1wT6D8RC0KhETMd.0
content-length
293
x-xss-protection
1; mode=block
last-modified
Mon, 11 Apr 2022 00:41:50 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11846537
x-appversion
1.0.8125.42964
expires
Tue, 11 Apr 2023 00:41:49 GMT
Twitter.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/10609c90/office.testdrive/images/social/ 		369 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/10609c90/office.testdrive/images/social/Twitter.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
be1d4d0339313d4794d998e2e330a676
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
5cb903f0-98d6-4882-acee-e36f00a79368
tls_version
tls1.3
ms-cv
yLZdL/K+gU6W2qZ3.0
content-length
369
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 20:42:14 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11832161
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 20:42:13 GMT
Twitter-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/6edf9aa7/office.testdrive/images/social/ 		382 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/6edf9aa7/office.testdrive/images/social/Twitter-high-contrast.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b97f1390080d6f405c86af4c00f87e5a2b460da827273c6d6e1d5370aeaef705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
2eef639336b56641b4c86998085a77ac
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
08990d0d-d802-4112-858a-e88090d06e7b
tls_version
tls1.3
ms-cv
SpNJScNbTkSLYG2H.0
content-length
382
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 17:03:38 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11819046
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 17:03:38 GMT
Blog.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/f3229d48/office.testdrive/images/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/f3229d48/office.testdrive/images/social/Blog.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43319333296e47ba21d33cf9ac03c72cfadb2f0c9cc181f896de70129b605624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
169ffda6c3f69348b6df77f0f42d5683
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
f11a36bd-48b6-47f2-b682-54e8eeab4b86
tls_version
tls1.3
ms-cv
pu6VxR1nSEi5ce2i.0
content-length
1244
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 19:13:36 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11826843
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 19:13:35 GMT
Blog-high-contrast.png
www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/fa9a23e2/office.testdrive/images/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/fa9a23e2/office.testdrive/images/social/Blog-high-contrast.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fd351788ddd8a404e52617f00dca9ca802d2fbd642d713133116e899a9e322ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
c23ff080743f964a8cdcbfab6cd1dac8
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
c68bc9a7-085f-4e4b-b6c2-5c72c65d2aaf
tls_version
tls1.3
ms-cv
c789uJ36VUK7G//U.0
content-length
1204
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 17:03:39 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11819046
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 17:03:38 GMT
RE4QYGp
query.prod.cms.rt.microsoft.com/cms/api/am/binary/ 		57 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4QYGp
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.67.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-67-79.deploy.static.akamaitechnologies.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
540b42bb7f63e43f0a390379d38fa8b95f83c17069a64019325e12832ef29986

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

AppEx-Activity-Id
299bd926-85d2-49f0-8113-7abfc766189e
Content-Encoding
gzip
Date
Thu, 24 Nov 2022 21:59:32 GMT
X-CMS-Tenant
am
X-CMS-ServiceLocation
eastus:0
X-CMS-Type
binary
X-CMS-DocumentId
RE4QYGp
X-CMS-Alias
default
Content-Disposition
inline; filename=RE4QYGp.js
Connection
keep-alive
MS-CV
3wUjb7J8X0GEmUJ6amngDw.0
Content-Length
10110
X-Trace-Context
{"ActivityId":"299bd926-85d2-49f0-8113-7abfc766189e"}
X-CMS-Version
57
Last-Modified
Fri, 04 Nov 2022 23:08:54 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"73"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CMS-ExecutionTimeInMilliseconds
103
Cache-Control
public, must-revalidate, max-age=12334
X-CMS-State
Published
id
dpm.demdex.net/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1669327171942
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/daa3a9f7/office.testdrive/externalscripts/adobetarget/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0a5c0c12b881f2f13243d7d595b7b31b115dcef43ebfb761e636da09c89a3268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.microsoft.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v041-0f66d19e7.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
h+rNzAPDQ2I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.microsoft.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2008
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ms-operation-id
eb684698f74eab49b4fc1a1ed62f15c9
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
204c9acc-7671-4f73-88c6-0701bb4023ac
tls_version
tls1.3
ms-cv
BkPvhjmH7k6mbjvS.0
content-length
26288
x-xss-protection
1; mode=block
last-modified
Sun, 10 Apr 2022 22:44:50 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=11839518
x-appversion
1.0.8125.42964
expires
Mon, 10 Apr 2023 22:44:50 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:192::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Fri, 10 Jan 2020 19:09:42 GMT
etag
"83cce83e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=84912
accept-ranges
bytes
content-length
30132
expires
Fri, 25 Nov 2022 21:34:44 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20220915_56101889/west-european/default/alert/ambientvideo/autosuggest/button/calltoaction/contentrichblock/dialog/divider/feature/glyph/groupcalltoaction/heading/hyperlinkgroup/image/list/logo/mosaic/multislidecarousel/pagebehaviors/rating/skiptomain/social?apiVersion=1.0&include_base=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:192::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=144726
accept-ranges
bytes
content-length
34052
expires
Sat, 26 Nov 2022 14:11:38 GMT
ms.shared.analytics.mectrl-3.2.6.gbl.min.js
js.monitor.azure.com/scripts/c/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-ca&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Thu, 18 Aug 2022 21:40:45 GMT
x-azure-ref-originshield
0BKp/YwAAAAA7Aqb7rVejS5CsUkqDiOuXTU5aMjIxMDYwNjEyMDQ5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
RlzwH95FOkmm6gksZWAC+w==
etag
0x8DA81624EF9033C
x-azure-ref
0ROl/YwAAAACO5b0eZcdOR7aGI8PcxVqXWVRPMjIxMDkwODE4MDM1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
db2d6f20-201e-0064-444b-f876a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/ 		177 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-ca&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf469f5d35c6b4fc5e7401cfdb21c25f22a6a6345abff761a53b290e3c017fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 21:59:31 GMT
last-modified
Wed, 02 Nov 2022 22:23:16 GMT
x-azure-ref-originshield
0NG1/YwAAAABY33GAm8joQYP9dy7zvhQ6TU5aMjIxMDYwNjExMDI1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d8ef44604cb8a1"
x-azure-ref
0ROl/YwAAAADam/YP767WToovxqyGZXlYWVRPMjIxMDkwODE4MDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
RE2lwga
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lwga?ver=afbc&q=90&h=675&w=830&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2b98c13ae57e2671705d7ebe397607bf678cb27cf9d7add8a5178baaec91d43b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Thu, 24 Nov 2022 11:36:54 GMT
x-serial
468
server
Akamai Image Manager
x-check-cacheable
YES
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=394541
content-length
36484
expires
Tue, 29 Nov 2022 11:35:13 GMT
RE2lrfB
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lrfB?ver=899f&q=90&h=675&w=830&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4eda0227074084845b9471fc6a34ab6f6051141d9f6f4e12ace5327f6bed9508

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Mon, 21 Nov 2022 05:12:23 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=112352
content-length
66474
expires
Sat, 26 Nov 2022 05:12:04 GMT
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
dest5.html
mscom.demdex.net/ Frame 281F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mscom.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/_h/daa3a9f7/office.testdrive/externalscripts/adobetarget/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v041-022b86299.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
f9mNgL/ESWg=
content-encoding
gzip
date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Fri, 28 Oct 2022 11:23:09 GMT
transfer-encoding
chunked
vary
accept-encoding
ibs:dpid=411&dpuuid=Y3-pRAAAAJpBxwOH
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=48665310382873181221899482621664829459
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3-pRAAAAJpBxwOH
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3-pRAAAAJpBxwOH
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-039afd681.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wxeVKpVlSJg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3-pRAAAAJpBxwOH
Date
Thu, 24 Nov 2022 21:59:32 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
target.microsoft.com/rest/v1/ 		447 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=c644e704f4184a54bc52038094f90bf4&version=2.4.0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.2.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-2-172.compute-1.amazonaws.com
Software
/
Resource Hash
c52366d1dec1fdc18eccd842c5132895d0d59d44c73b8417ef9541ca396a0fc2

Request headers

Referer
https://www.microsoft.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.microsoft.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
d53517dede761a8732807bececc58df5
RE2lrfG
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2lrfG?ver=e4a7&q=90&h=675&w=830&b=%23FFFFFFFF&aim=true
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::17cc:8a4a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
500a8d51a56cd203322e04ed4d8080a79681f8de5888059a31939ea70f50e1bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Tue, 22 Nov 2022 10:02:15 GMT
x-serial
124
server
Akamai Image Manager
x-check-cacheable
YES
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=216191
content-length
36438
expires
Sun, 27 Nov 2022 10:02:43 GMT
me.srf
login.live.com/ Frame CC89 		12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=0bde5196-cde8-4781-932d-50f6c3a18fc3&partnerId=officeproducts
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/meBoot.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.151.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5aac2f143afc8894f0fe4fee429f08dd3bb31923e59193de1bf230d78bfd1e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
4872
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Nov 2022 21:59:32 GMT
Expires
Thu, 24 Nov 2022 21:58:32 GMT
Link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02PFED983CEAE V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
98a8954f-39b1-43eb-9060-e9405889ccb9
x-ms-route-info
R3_BL2
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/ 		98 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=OfficeProducts&market=en-ca&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4138cee0dc9879fa5cf0e2bae14be75ec3affbbcf11c95735e870ffd0642d145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 21:59:31 GMT
last-modified
Wed, 02 Nov 2022 22:23:24 GMT
x-azure-ref-originshield
0VgR/YwAAAACt6ntHFnuYSrrzVQsmexhITU5aMjIxMDYwNjExMDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d8ef446512a7ad"
x-azure-ref
0ROl/YwAAAABsyWjxz0iqQLfDIkNaHirQWVRPMjIxMDkwODE4MDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
ibs:dpid=269&dpuuid=36d7637f-e945-4700-9743-deb575974ae4&ddsuuid=48665310382873181221899482621664829459
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=48665310382873181221899482621664829459&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d48665310382873...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=36d7637f-e945-4700-9743-deb575974ae4&ddsuuid=48665310382873181221899482621664829459
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=36d7637f-e945-4700-9743-deb575974ae4&ddsuuid=48665310382873181221899482621664829459
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04172e512.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lQz7UJ8BQhQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Thu, 24 Nov 2022 21:59:32 GMT
Server
MT3 169 32252b7 master ord-pixel-x54 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=36d7637f-e945-4700-9743-deb575974ae4&ddsuuid=48665310382873181221899482621664829459
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 24 Nov 2022 21:59:31 GMT
c.gif
c1.microsoft.com/
Redirect Chain
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&RedC=c1.microsoft.com&MXFR=0DE8A05263D168471E6DB23462C369A9
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&MUID=0DE8A05263D168471E6DB23462C369A9
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&MUID=0DE8A05263D168471E6DB23462C369A9
Protocol
H2
Server
20.221.206.60 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:32 GMT
last-modified
Thu, 13 Oct 2022 20:08:57 GMT
server
Microsoft-IIS/10.0
etag
"e47587a03fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 26AB0853500C48BF940644CCDE81B4AB Ref B: YTO01EDGE0414 Ref C: 2022-11-24T21:59:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=42BD871097FE4EBD9654F0DD83478F1E&MUID=0DE8A05263D168471E6DB23462C369A9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
broker.js
www.microsoft.com/library/svy/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/library/svy/broker.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8bd93fe9370530899e0456e64f553f47eba4cc7c87f0b06d936b77ff7eb76fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Nov 2022 18:11:28 GMT
content-md5
u03iTQmJV4i6fUMa4x8hRQ==
x-rtag
RT
etag
"0x8DAC346FD13633C"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
4f0abf28-801e-007a-17ba-f9d115000000
tls_version
tls1.3
cache-control
max-age=84819
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
5260
RE1r2ij
query.prod.cms.rt.microsoft.com/cms/api/am/binary/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE1r2ij
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.67.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-67-79.deploy.static.akamaitechnologies.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4ce067ee7b11add8ffefd6f327a6e4ee01dca104506689e39f3450d6d596dfa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

AppEx-Activity-Id
705cf5f6-ec13-4f57-a3ad-069529cf9039
Content-Encoding
gzip
Date
Thu, 24 Nov 2022 21:59:32 GMT
X-CMS-Tenant
am
X-CMS-ServiceLocation
eastus:0
X-CMS-Type
binary
X-CMS-DocumentId
RE1r2ij
X-CMS-Alias
default
Content-Disposition
inline; filename=oa.min.js
Connection
keep-alive
MS-CV
i4L22A8zOU+GQkduIukH7A.0
Content-Length
2669
X-Trace-Context
{"ActivityId":"705cf5f6-ec13-4f57-a3ad-069529cf9039"}
X-CMS-Version
72
Last-Modified
Mon, 26 Apr 2021 16:08:54 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
W/"171"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CMS-ExecutionTimeInMilliseconds
51
Cache-Control
public, must-revalidate, max-age=10569
X-CMS-State
Published
event
mscom.demdex.net/ 		96 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mscom.demdex.net/event?_ts=1669327172739
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c0a8221f7776a51162d2f402fbbf274689d3974c10420c3f1927c47a0da9d470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.microsoft.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v041-0f66d19e7.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
icJDpRc6SAg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.microsoft.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
118
Expires
Thu, 01 Jan 1970 00:00:00 UTC
MeControl_GO_wC8TuKKkgsOmYJN749A2.js
logincdn.msftauth.net/16.000/content/js/ Frame CC89 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msftauth.net/16.000/content/js/MeControl_GO_wC8TuKKkgsOmYJN749A2.js
Requested by
Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=0bde5196-cde8-4781-932d-50f6c3a18fc3&partnerId=officeproducts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
be261893b3c955360005423ba744db1623bc8fc77d9989a5d9fa425e1e75d363

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 21:59:31 GMT
content-encoding
gzip
x-azure-ref-originshield
0OYdxYwAAAAAtvc5PDIO7S6p3VFYgJkNDTU5aMjIxMDYwNjExMDIxAGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-md5
KPq1c+IXrD9W30CH+BCXQA==
x-cache
TCP_HIT
content-length
6045
x-ms-lease-status
unlocked
last-modified
Wed, 02 Nov 2022 05:20:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABC91F96DA192
x-azure-ref
0ROl/YwAAAACcaGwJ0I1IQbEAWebdUq7hWVRPMjIxMDkwODE4MDE5AGRiNjYyZmUzLWY0MzgtNDNjMi1hMjlmLWU2NTkwYzRmNWU1MQ==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b1719435-201e-0055-79a1-f6d34a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
broker-config.js
www.microsoft.com/library/svy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/library/svy/broker-config.js?1669327172758
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/library/svy/broker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:b0ac::356e Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8099bc537aaa15852063e0d60b6a222717a9e6e0305d30acd399aaba46d95604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/en-ca/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Nov 2022 18:11:28 GMT
content-md5
SbkndKFqN1wEPXY3zxEzNA==
x-rtag
RT
etag
"0x8DAC346FD0B7520"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
6bbd1129-f01e-0060-3b50-00b0ca000000
tls_version
tls1.3
cache-control
max-age=604744
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
2579
launch-41185cd0b005.min.js
assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js
Requested by
Host: query.prod.cms.rt.microsoft.com
URL: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE1r2ij
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:194::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8e673d59965134cf831a38a2bdfa3578e332afc766bb3efb377624631cbde8f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:39:55 GMT
server
AkamaiNetStorage
etag
"2ff66f47957052cad7dcc1ed409f7cff:1638999595.762542"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.microsoft.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
18602
expires
Thu, 24 Nov 2022 22:59:32 GMT
ibs:dpid=358&dpuuid=8220684583014101988
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8220684583014101988
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8220684583014101988
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0884cae41.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
elJmFCaQRM0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:32 GMT
AN-X-Request-Uuid
a3189f7d-fb58-4d45-aa52-ae703d8bb36a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8220684583014101988
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mecache
mem.gfx.ms/me/ Frame 19CE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/mecache?partner=officeproducts&wreply=https%3A%2F%2Fwww.microsoft.com%2Fen-ca%2Fmicrosoft-365%2Fonenote%2Fdigital-note-taking-app%3Fms.url%3Donenotecom%26rtc%3D1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/en-US/meBoot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c53b92a6a99ba5ff38af35af9ae6c39cb9ee31d9c6c870422511e0ed81d91542
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.microsoft.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, no-transform, max-age=43200
content-encoding
br
content-security-policy
frame-ancestors https://www.microsoft.com;
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:32 GMT
expires
Thu, 24 Nov 2022 19:55:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
0ROl/YwAAAAALK9F554i5Q649OMggi9dcWVRPMjIxMDkwODE3MDUxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref-originshield
0pk1/YwAAAACECSi/kOZ7R5HfXoX7a0sYTU5aMjIxMDYwNjExMDI3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
x-content-type-options
nosniff
x-ua-compatible
IE=edge
RCbec314109be34962999dbad4041375a8-source.min.js
assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/ 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCbec314109be34962999dbad4041375a8-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:194::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
08349a70b033f56eb076549f7092120abb5a40f017bd92ee24aef58d8b10f05b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:39:56 GMT
server
AkamaiNetStorage
etag
"d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.microsoft.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
513
expires
Thu, 24 Nov 2022 22:59:32 GMT
ibs:dpid=477&dpuuid=b42d4922e2805188e441de9d77d5cc2b0ef75e4eac3ad3192240b28bc972a983b0da87c991749652
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=48665310382873181221899482621664829459
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTkQABoNCMTS_5sGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=b42d4922e2805188e441de9d77d5cc2b0ef75e4eac3ad3192240b28bc972a983b0da87c991749652
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=b42d4922e2805188e441de9d77d5cc2b0ef75e4eac3ad3192240b28bc972a983b0da87c991749652
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0ebb8c108.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sh24XhUHSIk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 24 Nov 2022 21:59:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=b42d4922e2805188e441de9d77d5cc2b0ef75e4eac3ad3192240b28bc972a983b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RCb827b2d874d8436fa48a7c19baf01bf1-source.min.js
assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/ 		66 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RCb827b2d874d8436fa48a7c19baf01bf1-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:194::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bc96efefbf007ccc620b6188a1af63aa9cf933add7629bb6285ffc7253422bb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:39:56 GMT
server
AkamaiNetStorage
etag
"d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.microsoft.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16898
expires
Thu, 24 Nov 2022 22:59:32 GMT
RC3845794034964e32934c4dad4bdff728-source.min.js
assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/ 		880 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/cc63921ab1f0/RC3845794034964e32934c4dad4bdff728-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:194::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a0ccbc0fc837e36f74dad4b2a55a43f4c78114e4f8aaf6fe884ba61a430a6ee2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Thu, 24 Nov 2022 21:59:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:39:56 GMT
server
AkamaiNetStorage
etag
"d8b4a532e9559d18d4118fb4a3525c9b:1638999596.382245"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.microsoft.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
520
expires
Thu, 24 Nov 2022 22:59:32 GMT
ibs:dpid=771&dpuuid=CAESEI3MaOJWuyYXOoZm-aBBs2Y&google_cver=1
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTk=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDg2NjUzMTAzODI4NzMxODEyMjE4OTk0ODI2MjE2NjQ4Mjk0NTk=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3MaOJWuyYXOoZm-aBBs2Y&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3MaOJWuyYXOoZm-aBBs2Y&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a71483ba.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
emc3edcQRMA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEI3MaOJWuyYXOoZm-aBBs2Y&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0b46d44a3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
yhMCY5aDSv0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1669327173.173291,VS0,VE14
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 24 Nov 2022 21:59:32 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b6a0a8c9debfc71744a5d2cd0ff7c5d01fe7ff021e51fe585aa45ae8543b9460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1669327173176
accept-language
en-CA,en;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.microsoft.com/
apikey
1cfc1aff02e4437889594f14c4cad289-5bf9ec06-73a3-4827-a5e7-d709ff3d3b12-6941
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 24 Nov 2022 21:59:32 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
258
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
ibs:dpid=992&dpuuid=1pmcfmneuxix6
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=48665310382873181221899482621664829459
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1pmcfmneuxix6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1pmcfmneuxix6
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-008a7e584.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZqtF779VSVo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1pmcfmneuxix6
cache-control
no-cache
cf-ray
76f56990fa50ecf2-YUL
content-length
0
adsct
analytics.twitter.com/i/ Frame 281F 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=48665310382873181221899482621664829459&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
5
date
Thu, 24 Nov 2022 21:59:32 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
1e47bba8ff6c587b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f358ac8e0df4130ca9d882b9ccaaa4d9c8fec4550d33f61c47c14990f5cec3fe
content-length
43
ibs:dpid=1121&dpuuid=1783777317953358447
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=7085
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1783777317953358447
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1783777317953358447
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0ed113106.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wti3I3AoQCg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1783777317953358447
Date
Thu, 24 Nov 2022 21:59:33 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=903&dpuuid=5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04c095abe.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+afwf2x9TF0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
ibs:dpid=1175&gdpr=0&dpuuid=Q7_a9BC12adY7d73Fr7Ap0G71fFYvNT2Q7hbRA_3
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Q7_a9BC12adY7d73Fr7Ap0G71fFYvNT2Q7hbRA_3
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Q7_a9BC12adY7d73Fr7Ap0G71fFYvNT2Q7hbRA_3
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0dbc6c16a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4RL4xvkMRSo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Q7_a9BC12adY7d73Fr7Ap0G71fFYvNT2Q7hbRA_3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=1957&dpuuid=0DE8A05263D168471E6DB23462C369A9
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://c.bing.com/c.gif?uid=48665310382873181221899482621664829459&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0DE8A05263D168471E6DB23462C369A9
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0DE8A05263D168471E6DB23462C369A9
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-039bf2bc9.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
n2Xp7DjKQkg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F26268BDFE994AEB925FC2508B864A4C Ref B: YTO01EDGE0414 Ref C: 2022-11-24T21:59:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0DE8A05263D168471E6DB23462C369A9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=3047&dpuuid=54416EECA6E22E&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54416EECA6E22E&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54416EECA6E22E&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0849bb3c3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
227gtY24RKo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:33 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app75.ash11
Location
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54416EECA6E22E&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 24 Nov 2022 21:59:33 GMT
ibs:dpid=22054
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b13&u=48665310382873181221899482621664829459&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b13&u=48665310382873181221899482621664829459&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
  • https://dpm.demdex.net/ibs:dpid=22054
42 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22054
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ad808d7b.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
C3PentOzRYE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1131
content-type
text/html
location
https://dpm.demdex.net/ibs:dpid=22054
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76f56995cd917138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=30646
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=48665310382873181221899482621664829459&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-LmHZN6RE2pH08LyOXk0AHSl2gru5xsfC85E-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-LmHZN6RE2pH08LyOXk0AHSl2gru5xsfC85E-~A
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-01710b2f0.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
24w6TiJYTxc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 24 Nov 2022 21:59:34 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0110.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-LmHZN6RE2pH08LyOXk0AHSl2gru5xsfC85E-~A
content-length
0
ibs:dpid=53196&dpuuid=Q7226135741189320244
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7226135741189320244&uid=Q7226135741189320244&ref=%2Feucm%2Fp%2Fadpq
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7226135741189320244
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7226135741189320244
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-05fceeb7f.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6Vfjm1zPTh4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Thu, 24 Nov 2022 21:59:34 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7226135741189320244
Content-Type
text/html
Cache-Control
max-age=18377
Connection
keep-alive
Content-Length
154
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 24 Nov 2022 21:59:33 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b6a0a8c9debfc71744a5d2cd0ff7c5d01fe7ff021e51fe585aa45ae8543b9460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1669327174180
accept-language
en-CA,en;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
time-delta-to-apply-millis
258
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.microsoft.com/
apikey
1cfc1aff02e4437889594f14c4cad289-5bf9ec06-73a3-4827-a5e7-d709ff3d3b12-6941
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 24 Nov 2022 21:59:33 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
35
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
ibs:dpid=38117&dpuuid=54c4d319-7a3d-40ec-8829-216beea11514
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://jadserve.postrelease.com/dmp/7?vk=48665310382873181221899482621664829459&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
  • https://dpm.demdex.net/ibs:dpid=38117&dpuuid=54c4d319-7a3d-40ec-8829-216beea11514
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=38117&dpuuid=54c4d319-7a3d-40ec-8829-216beea11514
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-07125beb1.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ji7sG3+QTZo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=38117&dpuuid=54c4d319-7a3d-40ec-8829-216beea11514
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
adb-ext.gif
ds.reson8.com/ Frame 281F 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds.reson8.com/adb-ext.gif?puid=48665310382873181221899482621664829459
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.110 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:34 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
76f569990f903fde-YYZ
vary
Accept-Encoding
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		210 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/microsoft-365/_scrf/js/themes=default/88-3d3ba4/4f-a47e0e?ver=2.0&_cf=02242021_3231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d9260cfa095f7fd210f0888b88a43f5f5f76e68d08d4e78a6b9644f1c5510639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1669327174342
accept-language
en-CA,en;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.microsoft.com/
apikey
b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 24 Nov 2022 21:59:33 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
46
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
210
ibs:dpid=49276&dpuuid=3164b308-5c88-4ce3-bb9f-24db528c48ae
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://bttrack.com/dmp/adobe/user?dd_uuid=48665310382873181221899482621664829459
  • https://dpm.demdex.net/ibs:dpid=49276&dpuuid=3164b308-5c88-4ce3-bb9f-24db528c48ae
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=49276&dpuuid=3164b308-5c88-4ce3-bb9f-24db528c48ae
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-00b3c1cb1.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kbfrAQnGTB4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:04 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
//dpm.demdex.net/ibs:dpid=49276&dpuuid=3164b308-5c88-4ce3-bb9f-24db528c48ae
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
206
expires
-1
ibs:dpid=72352&dpuuid=2545428555874315652665&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2545428555874315652665&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2545428555874315652665&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-00ec6e883.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LDqYgJDnSxc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2545428555874315652665&gdpr=0&gdpr_consent=
date
Thu, 24 Nov 2022 21:59:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 24 Nov 2022 21:59:33 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
CookieSyncAdobe
rtb.adentifi.com/ Frame 281F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdobe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.159.16 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:34 GMT
ibs:dpid=121998&dpuuid=80e45ed04ab5f3665bf813903eb75418
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=48665310382873181221899482621664829459?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=48665310382873181221899482621664829459?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=80e45ed04ab5f3665bf813903eb75418
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=80e45ed04ab5f3665bf813903eb75418
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-04794f34a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VRiunQi0QA8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=80e45ed04ab5f3665bf813903eb75418
cache-control
no-cache
x-server
10.40.33.29
content-length
0
expires
0
ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0c017fa91.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wIjVMjBASCc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327175.821241,VS0,VE0
x-cache
HIT
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y3-pRAAAAJpBxwOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtd-tm.everesttech.net/migrate_et3/ Frame 281F
Redirect Chain
  • https://rtd.tubemogul.com/migrate_et3/
  • https://rtd-tm.everesttech.net/migrate_et3/
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtd-tm.everesttech.net/migrate_et3/
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1669327175.924857,VS0,VE15
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327175.913460,VS0,VE0
x-cache
HIT
location
https://rtd-tm.everesttech.net/migrate_et3/
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTMtcFJBQUFBSnBCeHdPSA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTMtcFJBQUFBSnBCeHdPSA==
Protocol
H3
Server
142.250.80.66 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327175.016619,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTMtcFJBQUFBSnBCeHdPSA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3-pRAAAAJpBxwOH&expires=90
42 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3-pRAAAAJpBxwOH&expires=90
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327175.117995,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3-pRAAAAJpBxwOH&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH&C=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=Y3-pRAAAAJpBxwOH&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
ib.adnxs.com/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y3-pRAAAAJpBxwOH
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y3-pRAAAAJpBxwOH
Protocol
HTTP/1.1
Server
68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:35 GMT
AN-X-Request-Uuid
1d90610e-2c3d-4bfb-b031-947ab9c3e208
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327175.319784,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y3-pRAAAAJpBxwOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3-pRAAAAJpBxwOH
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3-pRAAAAJpBxwOH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3-pRAAAAJpBxwOH
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y3-pRAAAAJpBxwOH
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3-pRAAAAJpBxwOH
1 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3-pRAAAAJpBxwOH
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 21:59:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327176.556040,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3-pRAAAAJpBxwOH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1&__user_check__=1&sync_id=48cc4a07-6c43-11ed-ae29-1f1ca6fb0403
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1&__user_check__=1&sync_id=48cc4a07-6c43-11ed-ae29-1f1ca6fb0403
Protocol
H2
Server
192.35.249.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 21:59:35 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
298
content-length
43

Redirect headers

date
Thu, 24 Nov 2022 21:59:35 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
/partner?adv_id=6409&uid=Y3-pRAAAAJpBxwOH&img=1&__user_check__=1&sync_id=48cc4a07-6c43-11ed-ae29-1f1ca6fb0403
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
413
content-length
0
b.php
www.facebook.com/fr/ Frame 281F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3-pRAAAAJpBxwOH&t=2592000&o=0
43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3-pRAAAAJpBxwOH&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12c:183:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 13:59:35 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
LUCjxAZae7JMq8qwilYB7jimIryAcZ1+fqKgu+jobA7siYrmx8TnY7eoU6QXg1HNLK/MaFO5xcuSsb9KGxvHzQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Thu, 24 Nov 2022 13:59:35 PST

Redirect headers

x-served-by
cache-yul12827-YUL
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669327176.732489,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3-pRAAAAJpBxwOH&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
trc.taboola.com/sg/adobe/1/ Frame 281F 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Thu, 24 Nov 2022 21:59:35 GMT
via
1.1 varnish
x-served-by
cache-yul12828-YUL
server
nginx
x-timer
S1669327176.871249,VS0,VE21
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 281F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=C5mP11fORnuG9kdhJgvIMg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=48665310382873181221899482621664829459
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=48665310382873181221899482621664829459
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Nov 2022 21:59:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4ERC38HJ8BHCVXM2BFFW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-usw2-1-v041-07125beb1.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Cm2Y1P91RyA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=48665310382873181221899482621664829459
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=390122&dpuuid=1Pg99NrBQoF8cfXdCQYwDJU4mb0
dpm.demdex.net/ Frame 281F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=adobe
  • https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1Pg99NrBQoF8cfXdCQYwDJU4mb0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1Pg99NrBQoF8cfXdCQYwDJU4mb0
Protocol
HTTP/1.1
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mscom.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0a07f3b05.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6x171pxqQ9k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=1Pg99NrBQoF8cfXdCQYwDJU4mb0
Date
Thu, 24 Nov 2022 21:59:36 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.onenote.com
URL
https://www.onenote.com/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _pageBITags function| requirejs function| require function| define function| e object| visitor function| getCookie undefined| cookie1 string| A undefined| cookie2 string| GUID undefined| cookie3 string| ID object| customerIDs boolean| hasIDs function| isEmpty function| key function| distinct object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| mscomDil function| tt_getCookie function| targetPageParams object| targetGlobalSettings object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| _preLoadErrorHandler object| _preLoadErrorsBuffer object| lazySizesConfig object| lazySizes object| _pageTimings function| __extends object| Selector object| TooltipPosition object| rf function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| __core-js_shared__ object| __dynProto$Gbl object| awa function| $ function| jQuery undefined| p object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| chatVNext object| MsOnePlayer object| onShellReadyToLoad object| msCommonShell object| oneDsMeControl object| COMSCORE boolean| _isMsResearchIdle function| executeOaCode function| beforeConsent function| shouldLegacyCodeBeSkipped function| onPageLoad function| waitForSattelite function| waitForPromises function| checkForPromiseThenLoad object| WCPConsentBinder string| preConScript object| _satellite boolean| __satelliteLoaded function| BannerLoadedFunc function| oaLoadRule object| utag_cfg_ovrd function| utf_event function| requireEUCompliance function| waitForUTF function| oaLoadRuleProd object| eventTagging object| oa object| oaTagging object| util object| oaTaggingStore object| oaSetupProvider object| oaQueueProvider object| oaDataStore boolean| utfLoaded

63 Cookies

Domain/Path Name / Value
www.onenote.com/ Name: UserTrackerKey
Value: AnonymousId=c71c5e26-0f64-4352-bb62-cba8cfe9ebd1&FirstVisit=11/24/2022 21:59:29&LastVisit=11/24/2022 21:59:29
www.onenote.com/ Name: ONSessionKey
Value: SessionId=55ab6943-a0f3-48df-8971-9f2a6e532c17&StartTime=11/24/2022 21:59:29&LastActivityTime=11/24/2022 21:59:29
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Treatment1
www.onenote.com/ Name: OneNoteMvcUserIdentifier
Value: b98cf4fc-238e-448c-a81b-8fdc5615b668
www.onenote.com/ Name: PageVisitKey
Value: PublicSiteHomepage=2
.www.onenote.com/ Name: AuthSess
Value: 51e64884-5ea7-498f-b6f4-3e9ad24dc919
.onenote.com/ Name: AADNonce
Value: 182f7d54-078d-4740-86db-5a2f21643edc.638049239699530905
login.microsoftonline.com/ Name: fpc
Value: AtNxRw5qE65KuvT8hCu6M4E
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrIwYBznziWKu8DcTDdLf-GPeOA_EYpNsQX5p7Xm4XX9zdFB4KcNoqOE1VV9cpRf_rZ9o9rAssLF3IWvCJ_uXwF5-hqppNskfbmjD7lFykWwYTl66QrwqleBPAdp45U5nxYRhyXu_zJluro5fAe6qq7rp3KYUbTUMFBN132L90BI4faYJzdasSMpK2PmOPjVBABaLF000cZnAtZpSEPg4YgVqNwOvWdKFNQ2Wt9KXMf0MgAA
www.microsoft.com/ Name: isFirstSession
Value: 1
.microsoft.com/ Name: MUID
Value: 0DE8A05263D168471E6DB23462C369A9
www.microsoft.com/ Name: X-FD-FEATURES
Value: ids=atperf680t2%2c17016t1%2ctasmigration010%2ccartemberpl%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2csha-exp-inlyi9j7ql%2cenablesaturn%2cdisableapprestore%2cusewsasmodecheck%2ccjhii185%2cwsaenabledforusonly&imp=f64d7edb-ec43-45fb-bee8-c582bd092ebc
www.microsoft.com/ Name: X-FD-Time
Value: 1
.microsoft.com/ Name: at_check
Value: true
www.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 0b9d6bdc-db06-46fe-87a7-57d5c43a097d
www.microsoft.com/ Name: ai_session
Value: BTMhCZSj/nVRiymuk8PeLi|1669327172173|1669327172173
.demdex.net/ Name: demdex
Value: 48665310382873181221899482621664829459
.microsoft.com/ Name: AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3-pRAAAAJpBxwOH
.dpm.demdex.net/ Name: dpm
Value: 48665310382873181221899482621664829459
.microsoft.com/ Name: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19321%7CMCMID%7C48406248305483216371943426322556504348%7CMCAAMLH-1669931972%7C9%7CMCAAMB-1669931972%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1669334372s%7CNONE%7CMCSYNCSOP%7C411-19328%7CvVersion%7C4.4.0
.microsoft.com/ Name: mbox
Value: session#c644e704f4184a54bc52038094f90bf4#1669329032|PC#c644e704f4184a54bc52038094f90bf4.34_0#1703513871
.microsoft.com/ Name: mboxEdgeCluster
Value: 34
.login.live.com/ Name: uaid
Value: 0bde5196cde84781932d50f6c3a18fc3
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1669327172&co=2
.login.live.com/ Name: OParams
Value: 11O.Df83EXh5h4FeIcElgZR44yFx*6MFeu88aNSKofHWSxiwvMRfhsanfgcK!jS410Jz0YJkl7LjMz1EXnKEGV2Il*sLzwXtnvEvVdrJJtZJLTKl!LZbrpH8u4fQl22NjLhwBrqYzjlWdxAcmjU9VGUKhmR4rmtGDwPNNbI*1l7QZKOdlSuzoikrL1gxgqYlxDxc92JmW2NzjS7lrBAP07L1OocrV5GA*zqVf8S4mAExnlhj8Y5hokiAv6MOxR3ea6oVpedRtcpl2sr75XzkMOgpkF661aT0w9WElu3lnw1YacU9Z72P*dwVWM22hFbjs1zUsngSXTrzjatK5L4178fTnUGxGd7A2892Bh38hdSx8uOxhkZGi4ClfNVAN2JP8RZV0A$$
.mathtag.com/ Name: uuid
Value: 36d7637f-e945-4700-9743-deb575974ae4
.microsoft.com/ Name: aam_uuid
Value: 48665310382873181221899482621664829459
.adnxs.com/ Name: uuid2
Value: 8220684583014101988
.bing.com/ Name: MUID
Value: 0DE8A05263D168471E6DB23462C369A9
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0DE8A05263D168471E6DB23462C369A9
.c.bing.com/ Name: SRM_I
Value: 0DE8A05263D168471E6DB23462C369A9
.c1.microsoft.com/ Name: SM
Value: C
.c1.microsoft.com/ Name: SRM_I
Value: 0DE8A05263D168471E6DB23462C369A9
.c1.microsoft.com/ Name: MR
Value: 0
.c1.microsoft.com/ Name: ANONCHK
Value: 0
.rlcdn.com/ Name: rlas3
Value: Bz4v7RvvF2jv/FyReID63HvwiPhu891xVfsj5e2fLiA=
.rlcdn.com/ Name: pxrc
Value: CMXS/5sGEgUI6AcQABIGCPHrARAA
.doubleclick.net/ Name: IDE
Value: AHWqTUmu5gIy450iVP2IQEhLkUbovJHg2lXVvJktXiIvU5JsQfxxd7PHwr4lbDc_7ac
.media6degrees.com/ Name: clid
Value: 2rlvh3901171pmcfmneuxix60000000194011c01b01
.media6degrees.com/ Name: acs
Value: 012020k1rlvh39xzt10
.twitter.com/ Name: personalization_id
Value: "v1_Cwsrf9/zE9OYlRc47GJBgA=="
.microsoft.com/ Name: MC1
Value: GUID=c82871d2eb914dcc814557ddaa53199e&HASH=c828&LV=202211&V=4&LU=1669327173434
.microsoft.com/ Name: MS0
Value: 52441dd983994cd29722c3cf5dc0309d
www.microsoft.com/ Name: MSFPC
Value: GUID=c82871d2eb914dcc814557ddaa53199e&HASH=c828&LV=202211&V=4&LU=1669327173434
.adsrvr.org/ Name: TDID
Value: 5f1d1f7d-aa62-42c0-bd22-e8568a76f23a
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIop-kv6acpzsQBRgFIAEoAjILCLavhOy8nKc7EAU4AQ..
.quantserve.com/ Name: d
Value: EJ4BDAHTJ7mvYA
.quantserve.com/ Name: mc
Value: 637fe945-a3ec2-5478c-09d64
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFxGtoZmZpbGRuaG5sYWwCAG7Y-kUQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NLc0NTY2tTAxMRfiM9Q1SQozMElPdLZMc9YFAGAHreolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NLc0NTY2tTAxMRfiM9Q1SQozMElPdLZMc9YFAGAHreolAAAA
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=54416EECA6E22E"
.yahoo.com/ Name: A3
Value: d=AQABBEbpf2MCEMntmkKILGbPa-t9KO_GySUFEgEBAQE6gWOJYwAAAAAA_eMAAA&S=AQAAAqQUr3iTflHmFThZYbcuR5s
.tribalfusion.com/ Name: ANON_ID
Value: aqnrAkmMZaE9DXqwmyCTJG9fh6Eo2wBp1sNXSNPkUCZdWU3ZbhBevkBir4N6k2VUsDs78vqUiwNSEjj
.demdex.net/ Name: dextp
Value: 269-1-1669327172671|358-1-1669327172780|477-1-1669327172885|771-1-1669327172986|782-1-1669327173088|992-1-1669327173188|1123-1-1669327173289|1121-1-1669327173390|903-1-1669327173492|1175-1-1669327173593|1957-1-1669327173694|3047-1-1669327173795|22054-1-1669327173896|30646-1-1669327173997|53196-1-1669327174098|38117-1-1669327174199
.owneriq.net/ Name: si
Value: Q7226135741189320244
.owneriq.net/ Name: p2
Value: adpq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ajax.aspnetcdn.com
analytics.twitter.com
assets.adobedtm.com
browser.events.data.microsoft.com
bttrack.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
cdn.onenote.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
dmpsync.3lift.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
img-prod-cms-rt-microsoft-com.akamaized.net
jadserve.postrelease.com
js.monitor.azure.com
login.live.com
login.microsoftonline.com
logincdn.msftauth.net
match.adsrvr.org
mem.gfx.ms
mscom.demdex.net
p.rfihub.com
pixel.rubiconproject.com
px.owneriq.net
query.prod.cms.rt.microsoft.com
rtb.adentifi.com
rtd-tm.everesttech.net
rtd.tubemogul.com
s.amazon-adsystem.com
s.tribalfusion.com
servedby.flashtalking.com
site.onenote.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
target.microsoft.com
trc.taboola.com
us-u.openx.net
www.facebook.com
www.microsoft.com
www.onenote.com
www.onenote.com
104.18.8.110
104.244.42.195
142.250.80.66
151.101.130.49
152.199.4.33
192.132.33.46
192.35.249.137
192.40.39.223
199.38.167.131
20.190.151.133
20.221.206.60
20.42.73.24
216.200.232.253
23.192.41.210
23.23.131.203
23.76.43.24
2600:1400:d::17cc:8a4a
2600:141b:f000:192::356e
2600:141b:f000:194::1e80
2600:141b:f000:1a5::611
2600:141b:f000:b0ac::356e
2606:4700::6812:17ea
2606:4700::6812:18ad
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:40::40
2620:1ec:49::40
2620:1ec:c11::200
2a03:2880:f12c:183:face:b00c:0:25de
2a04:4e42:400::300
3.213.126.19
3.226.2.172
34.192.159.16
34.98.64.218
35.174.188.209
35.190.60.146
35.71.131.137
35.71.139.29
40.126.24.147
52.109.13.55
52.168.74.246
52.33.194.179
52.46.151.131
54.172.188.135
68.67.178.10
69.173.151.100
72.247.67.79
76.13.32.147
8.28.7.83
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
039d0bde667ce44c6bec236d1e38a29fc325f29518d73b4ec2126a40cfe9ac2d
08349a70b033f56eb076549f7092120abb5a40f017bd92ee24aef58d8b10f05b
0a5c0c12b881f2f13243d7d595b7b31b115dcef43ebfb761e636da09c89a3268
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
1b98d7f2c313a9a01dee6d2eeb8e2f164c99de0a246c39d76a776c6e41a1fb6b
1d86c8e6eb668b8f983c0eefefff756f5d422c0ddfe1150d2dd6913600fe68f2
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
256419001640c17483b12ab834a7d71c6ab12ed65f52fe384b60d67693850e1f
2b98c13ae57e2671705d7ebe397607bf678cb27cf9d7add8a5178baaec91d43b
361b6014458b0bb0eeca24f4cbc59f4dd365e7a6813855ea159b7b596af9c772
383cd43ce18934620e54db87f992ef4dce0de3494ec6d070aeeb1a7984b018dd
3d89b2c0caa3c1235c55d037ee48581ee25caac91ecd4d8de0211bb6beb02c52
4138cee0dc9879fa5cf0e2bae14be75ec3affbbcf11c95735e870ffd0642d145
43319333296e47ba21d33cf9ac03c72cfadb2f0c9cc181f896de70129b605624
48f8286cf542b96996fa8c49cdfa11aeeafcfc6cfb5eb7a473a919a3623b9496
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce067ee7b11add8ffefd6f327a6e4ee01dca104506689e39f3450d6d596dfa5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda0227074084845b9471fc6a34ab6f6051141d9f6f4e12ace5327f6bed9508
4f7b4b615ae2e69ccfeb8a624f6d52f8d6043324f0e469687d6f8341d1948546
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
500a8d51a56cd203322e04ed4d8080a79681f8de5888059a31939ea70f50e1bd
540b42bb7f63e43f0a390379d38fa8b95f83c17069a64019325e12832ef29986
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aac2f143afc8894f0fe4fee429f08dd3bb31923e59193de1bf230d78bfd1e52
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69
654de40bb758e63a64b1d1572ed1509fe3b1323b66127e6f7dc994e898bdae65
69225e6ab4064f869cf57a2857e42e1726504d3c8b470bfc91bd401f2df1d3c1
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
76deaf57a0d1a28a55f7decc60bd204b99b7e2359cc2baa9f7b3fbbd4c1838f0
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
7dcf3a69f756a6f1381e2371fbdaff1d09cfa9c602bb48802f67989804d06262
8099bc537aaa15852063e0d60b6a222717a9e6e0305d30acd399aaba46d95604
84cc1e0279d9fabca4607596d2927e07370fac0cd8247db765466fd4f7241019
89ffb7d08c9d0694733ecdbe4e2fac9f07af0d40cda7ecb5d9135fd706ae4405
8e673d59965134cf831a38a2bdfa3578e332afc766bb3efb377624631cbde8f2
905367e3bd68a81d76143294737fec5fc8de039f653f7fe4ad2629ab54d952d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb9c91f72230219fb849cc666a992b2b82e0a85897067a5b4e9aea7a455910a
a0ccbc0fc837e36f74dad4b2a55a43f4c78114e4f8aaf6fe884ba61a430a6ee2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af196477ca96a8514323df78ee44216f6e0afa65ea19b248168da12a09575205
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a0a8c9debfc71744a5d2cd0ff7c5d01fe7ff021e51fe585aa45ae8543b9460
b97f1390080d6f405c86af4c00f87e5a2b460da827273c6d6e1d5370aeaef705
bc96efefbf007ccc620b6188a1af63aa9cf933add7629bb6285ffc7253422bb0
bd492824df9e0e64f4cd4d609a426f1fa06aacabc56afc3fb108dc44798d2b52
be261893b3c955360005423ba744db1623bc8fc77d9989a5d9fa425e1e75d363
c054eac644da1534a1f2e07a93598857f0c5f9afa95b2fb70b73b15f5c5a289c
c0a8221f7776a51162d2f402fbbf274689d3974c10420c3f1927c47a0da9d470
c166f044b29964b2e35261189bb67647d4043dda8dedce4a3f06fb4b88c3a007
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c52366d1dec1fdc18eccd842c5132895d0d59d44c73b8417ef9541ca396a0fc2
c53b92a6a99ba5ff38af35af9ae6c39cb9ee31d9c6c870422511e0ed81d91542
c8bd93fe9370530899e0456e64f553f47eba4cc7c87f0b06d936b77ff7eb76fb
c9110408d1bb1bb7c96a4db55d209cd3c0b790b3772e603a8bf6efbd5795f023
cc35db3b27e4ad27322095727f7d4b539448eb0bbcaa9baab703d19a8ec89ec3
cf469f5d35c6b4fc5e7401cfdb21c25f22a6a6345abff761a53b290e3c017fa6
d9260cfa095f7fd210f0888b88a43f5f5f76e68d08d4e78a6b9644f1c5510639
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9938668b176bfedffcdd211615019e758eab1deb786ba09c81cbd019ab1c0ab
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f6ddb122fbeedf31e0cd1971e1de361c57f698c89b1617e3cb1a46ed38c33abb
f89a2908c8b428e81e5995d4cd1d9a7f87572c5447a49b00573a8d6f4ab509f4
fd351788ddd8a404e52617f00dca9ca802d2fbd642d713133116e899a9e322ae