onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Submission Tags: falconsandbox
Submission: On July 13 via api (July 13th 2021, 4:29:12 pm UTC) from US

Summary HTTP 134 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 11 domains to perform 134 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on October 13th 2020. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.16.106.112 2.16.106.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.81.118.91 13.81.118.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
63	2a02:26f0:710... 2a02:26f0:7100:487::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.109.88.177 52.109.88.177	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.218.208.56 23.218.208.56	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.79.129.177 23.79.129.177	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.104.208.165 13.104.208.165	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	168.62.200.169 168.62.200.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::42 2620:1ec:46::42	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.114.132.91 52.114.132.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.132 20.190.159.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.109.88.2 52.109.88.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a02:26f0:710... 2a02:26f0:7100:484::611	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
4	23.79.131.103 23.79.131.103	16625 (AKAMAI-AS) (AKAMAI-AS)
134	19

4 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.106.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-112.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.81.118.91 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a02:26f0:7100:487::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onenote.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.177 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

officeclient.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-56.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.129.177 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-129-177.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.104.208.165 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.62.200.169 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::42 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.114.132.91 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.132 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.onenote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:7100:484::611 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.onenote.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.131.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-131-103.deploy.static.akamaitechnologies.com

appsforoffice.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	office.net c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net	3 MB
30	live.com 2 redirects onedrive.live.com onenote.officeapps.live.com skyapi.onedrive.live.com c.live.com storage.live.com login.live.com	133 KB
13	microsoft.com officeclient.microsoft.com fs.microsoft.com browser.pipe.aria.microsoft.com browser.events.data.microsoft.com appsforoffice.microsoft.com	799 KB
10	akamaihd.net spoprod-a.akamaihd.net	346 KB
7	onenote.net cdn.onenote.net	47 KB
4	sharepointonline.com static2.sharepointonline.com	135 KB
3	sfx.ms p.sfx.ms	12 KB
2	aspnetcdn.com ajax.aspnetcdn.com	79 KB
2	onenote.com www.onenote.com	2 KB
1	msftauth.net amcdn.msftauth.net	9 KB
1	bing.com 1 redirects c.bing.com	859 B
134	11

	Domain	Requested by
54	c1-onenote-15.cdn.office.net	onedrive.live.com onenote.officeapps.live.com c1-onenote-15.cdn.office.net
21	onenote.officeapps.live.com	c1-onenote-15.cdn.office.net onedrive.live.com onenote.officeapps.live.com c1-officeapps-15.cdn.office.net
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
9	c1-officeapps-15.cdn.office.net	onenote.officeapps.live.com c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net
7	cdn.onenote.net	www.onenote.com
4	appsforoffice.microsoft.com	www.onenote.com appsforoffice.microsoft.com
4	static2.sharepointonline.com	onenote.officeapps.live.com
4	onedrive.live.com	onedrive.live.com
3	browser.pipe.aria.microsoft.com	c1-officeapps-15.cdn.office.net p.sfx.ms c1-onenote-15.cdn.office.net
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
2	ajax.aspnetcdn.com	www.onenote.com skyapi.onedrive.live.com
2	www.onenote.com	c1-onenote-15.cdn.office.net cdn.onenote.net
2	browser.events.data.microsoft.com	c1-onenote-15.cdn.office.net
2	c.live.com	1 redirects
2	fs.microsoft.com	c1-onenote-15.cdn.office.net onenote.officeapps.live.com
2	officeclient.microsoft.com	c1-onenote-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	amcdn.msftauth.net	c1-onenote-15.cdn.office.net
1	c.bing.com	1 redirects
1	skyapi.onedrive.live.com	spoprod-a.akamaihd.net
134	21

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2020-10-13` - `2021-10-13`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
config.officeapps.live.com Microsoft RSA TLS CA 02	`2021-06-14` - `2022-06-14`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 02	`2020-09-08` - `2021-09-08`	a year	crt.sh
storage.live.com Microsoft RSA TLS CA 01	`2020-10-13` - `2021-10-13`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2021-06-05` - `2022-05-31`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-06-10` - `2022-06-10`	a year	crt.sh
reverseproxy.onenote.com Microsoft RSA TLS CA 01	`2020-10-06` - `2021-10-06`	a year	crt.sh
cdn.onenote.net Microsoft RSA TLS CA 01	`2020-10-02` - `2021-10-02`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
appsforoffice.microsoft.com Microsoft RSA TLS CA 01	`2021-01-28` - `2022-01-28`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Frame ID: D04E7AFD9AC2F6F0BB1CED5707AFCD12
Requests: 24 HTTP requests in this frame

Frame: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Frame ID: 2274577BE644FA6AC719888AE8A054C5
Requests: 98 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/api/proxy?v=3
Frame ID: 08E7518EDFB802A821AE6FD457690D8C
Requests: 2 HTTP requests in this frame

Frame: https://www.onenote.com/officeaddins/learningtools/?et=
Frame ID: D496B83085A55A3E59CB4767742E96E9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Page Statistics

134
Requests

99 %
HTTPS

26 %
IPv6

11
Domains

21
Subdomains

19
IPs

4
Countries

5150 kB
Transfer

20472 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4849%26IR%3D1%26EX%3D0%26L.h%3D810%26L.bc%3D857%26L.ac%3D857%26L.f%3D874%26L.sjs%3D4693%26L.ttg%3D2881%26C.st%3D1626193732818%26N.jsPlt%3D1584%26N.domIn%3D874%26N.dns%3D17%26N.tcp%3D45%26N.req%3D631%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.8816644673456766 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4849%26IR%3D1%26EX%3D0%26L.h%3D810%26L.bc%3D857%26L.ac%3D857%26L.f%3D874%26L.sjs%3D4693%26L.ttg%3D2881%26C.st%3D1626193732818%26N.jsPlt%3D1584%26N.domIn%3D874%26N.dns%3D17%26N.tcp%3D45%26N.req%3D631%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.8816644673456766&CtsSyncId=62E5378AC8954C9497FD15E5EE194171&RedC=c.live.com&MXFR=26DDF7AFF1E463B73534E7DCF5E467A8 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4849%26IR%3D1%26EX%3D0%26L.h%3D810%26L.bc%3D857%26L.ac%3D857%26L.f%3D874%26L.sjs%3D4693%26L.ttg%3D2881%26C.st%3D1626193732818%26N.jsPlt%3D1584%26N.domIn%3D874%26N.dns%3D17%26N.tcp%3D45%26N.req%3D631%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.8816644673456766&CtsSyncId=62E5378AC8954C9497FD15E5EE194171&MUID=26DDF7AFF1E463B73534E7DCF5E467A8

Request Chain 109

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1626193738048 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1626193739&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

134 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 91 KB
30 KB 683ms
620ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

153f159acbf21c3812c3a7587a33fcde3860ed4bc1b10e87e2ea99f22c54f2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:nv2VTRtG2Yg=:YUc6SHZfV0PWksexOiXvwvZZNNwUBMeMIk8PYnvGXvk=:F; domain=.live.com; path=/ xid=382b85f9-d4b4-457e-b219-0ada2fb8084f&&RD00155D997BBC&237; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 13-Jul-2021 14:48:52 GMT; path=/ wla42=; domain=live.com; expires=Tue, 20-Jul-2021 16:28:53 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D997BBC
x-odwebserver: eastus1-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 89430ADFC8B244C08FF770D198682B29 Ref B: ZRHEDGE0813 Ref C: 2021-07-13T16:28:52Z
date: Tue, 13 Jul 2021 16:28:52 GMT

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002// 136 KB
26 KB 76ms
30ms Stylesheet
text/css 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:53 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D86C1F26D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f7daa10a-201e-0029-6a7a-64b859000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148573
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002// 85 KB
16 KB 65ms
19ms Stylesheet
text/css 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:53 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D7FFB052C
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7a566392-001e-00a8-4d7a-641883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148534
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002// 169 KB
30 KB 86ms
40ms Stylesheet
text/css 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:53 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:43:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D80D8E30E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e36cb08d-301e-0078-7b7a-6425d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148587
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 91 KB
25 KB 136ms
135ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.680.0514.2004&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

313803ce9dec8e759b5f830c1e76a4bc10d8778d9383626bff7d2cb254d249d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.680.0514.2004&useRequiresJs=False
pragma: no-cache
cookie: E=P:nv2VTRtG2Yg=:YUc6SHZfV0PWksexOiXvwvZZNNwUBMeMIk8PYnvGXvk=:F; xid=382b85f9-d4b4-457e-b219-0ada2fb8084f&&RD00155D997BBC&237; xidseq=1; wla42=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 8CB31921E2014D0DA395A6E8FD9552B5 Ref B: ZRHEDGE0813 Ref C: 2021-07-13T16:28:53Z
x-odwebserver: eastus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 13 Jul 2021 16:28:52 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Wed, 13-Jul-2022 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 13-Jul-2021 14:48:53 GMT; path=/ E=P:TVv1TRtG2Yg=:cn2JOT27Pc/6mQmSVJsyLi9JBCYVed0PBgTEvbj/I7c=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Tue, 20-Jul-2021 16:28:53 GMT; path=/
x-msnserver: RD00155D997BBC
expires: Wed, 13 Jul 2022 16:28:53 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 133ms
132ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.680.0514.2004&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e4a6870814b2274025d89f9e9fab4480351a0cd3870b53e37ea9275614e02a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.680.0514.2004&useRequiresJs=False
pragma: no-cache
cookie: E=P:nv2VTRtG2Yg=:YUc6SHZfV0PWksexOiXvwvZZNNwUBMeMIk8PYnvGXvk=:F; xid=382b85f9-d4b4-457e-b219-0ada2fb8084f&&RD00155D997BBC&237; xidseq=1; wla42=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: F167D6FEA4394DBD8DE0ECC959AE1CCF Ref B: ZRHEDGE0813 Ref C: 2021-07-13T16:28:53Z
x-odwebserver: eastus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 13 Jul 2021 16:28:52 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Wed, 13-Jul-2022 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 13-Jul-2021 14:48:53 GMT; path=/ E=P:ZQv2TRtG2Yg=:k2u+JKYuHS7+ZPCwMHDGKp4pn8CYQYK7P8WgZ6x3X5A=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Tue, 20-Jul-2021 16:28:53 GMT; path=/
x-msnserver: RD00155D997028
expires: Wed, 13 Jul 2022 16:28:53 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 98ms
31ms Script
application/javascript 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:28:53 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 18:49:43 GMT
server: Microsoft-IIS/10.0
etag: "80bd50dcf269d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF1DBB81
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
131 B 30ms
30ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:28:53 GMT
x-msnserver: RD0003FF1DBB81
last-modified: Fri, 25 Jun 2021 18:49:42 GMT
server: Microsoft-IIS/10.0
etag: "e18845dcf269d71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK onenote-boot.min.js Show response
c1-onenote-15.cdn.office.net/o/s/App_Scripts/ 81 KB
22 KB 29ms
9ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3663dbf01bd31a26f0cdeeb4cf8a215944820438082cd87815d2896da79001a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "414e9b444267d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 21831
Cache-Control: public, max-age=3600
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 08:40:34 GMT
X-OFFICEFD: AM4PEPF000068B9
X-MSEdge-Ref: Ref A: E0A39B9482964EA5B859D86A1391DAA8 Ref B: AM3EDGE0805 Ref C: 2021-07-08T08:35:49Z
X-UserSessionId: 54021746-bd6a-4f47-a82e-2254fcbbc6e7
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 54021746-bd6a-4f47-a82e-2254fcbbc6e7
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 08 Jul 2021 09:35:49 GMT

POST
H2 200 RemoteTelemetry.ashx
onenote.officeapps.live.com/o/ 0
641 B 66ms
34ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DB5PEPF00008329
x-officeversion: 16.0.14228.41006
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: ab15253e-9910-4976-9660-d1c83e466cb6
x-officecluster: PIE1
x-usersessionid: ab15253e-9910-4976-9660-d1c83e466cb6
date: Tue, 13 Jul 2021 16:28:53 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: E113938F3ADC4DF3A177CAA13380459C Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:53Z
timing-allow-origin: *
x-officefe: DB5PEPF00008329

POST
H2 200 onenoteframe.aspx Show response
onenote.officeapps.live.com/o/ Frame 2274 147 KB
45 KB 71ms
54ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b43fce626b3bf7639d04334c4550da447f123be9a405fef0641a7c4aeedc43f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: onenote.officeapps.live.com
:scheme: https
:path: /o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
content-length: 1481
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=382b85f9-d4b4-457e-b219-0ada2fb8084f&&RD00155D997BBC&237; wla42=; mkt=en-US; xidseq=2; E=P:TVv1TRtG2Yg=:cn2JOT27Pc/6mQmSVJsyLi9JBCYVed0PBgTEvbj/I7c=:F
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Wed, 13-Oct-2021 16:28:53 GMT; path=/; samesite=none; secure; HttpOnly DcLcid=ui=1033&data=1033; expires=Wed, 13-Oct-2021 16:28:53 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid: 214043fe-c4bb-4290-8419-65b94ef0fd38
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: DB5PEPF00008328
x-officeversion: 16.0.14228.41006
x-officecluster: PIE1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /o/reportcsp.ashx
origin-trial: Au4zhK5JVMb0jrGWoC/nSFX17KhgFgS9nCdRcMtWy7tARQA0jPaVfF3zzCT4DaZq4448HkzVzqI80llMvhQrbA4AAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJFeHBlcmltZW50YWxKU1Byb2ZpbGVyIiwiZXhwaXJ5IjoxNjEzMzkzNTg3fQ== Arrz952Yxnelyt7ahmUhv/aFLxoVtZgV2sT0LiYNhRgGugeJ8zwea4uy5Wo6TS1LzTpZWx8roBGDr6QYEcWWZgkAAACAeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjA1MDUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
document-policy: js-profiling
x-officefd: DB5PEPF00008328
x-wacfrontend: DB5PEPF00008328
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 2F510ED4DB144BD980DD416E3FF329A0 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:53Z
date: Tue, 13 Jul 2021 16:28:53 GMT

POST
H2 200 RemoteUls.ashx
onenote.officeapps.live.com/o/ 0
0 53ms
36ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=214043fe-c4bb-4290-8419-65b94ef0fd38&officeserverversion=16.0.14217.41013
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onedrive.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags

GET
H/1.1 200
OK EditSurface.css
c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/1033/ Frame 2274 26 KB
6 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css

Requested by

Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

816a0f42a2bf473213a47be1dde62215811d54af1151a1e9916dc215df6ec776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "5fe6a51a5167d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4702
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 10:26:46 GMT
X-OFFICEFD: AM4PEPF000068B3
X-MSEdge-Ref: Ref A: 367352836DBD4982B697E4C3F3F79DAB Ref B: AMS04EDGE1118 Ref C: 2021-07-01T19:39:00Z
X-UserSessionId: db995834-8f58-4282-97ad-26830c7f687b
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: db995834-8f58-4282-97ad-26830c7f687b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.Refresh.css
c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/ Frame 2274 427 KB
53 KB 17ms
8ms Stylesheet
text/css 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/OneNote.Refresh.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b6fed88ce59927be9d9e17dd088acf26e62311a7ceb2b1038eb6b5dd8a1fa935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"f0979017b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 53005
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:28 GMT
X-OFFICEFD: AM4PEPF000068C4
X-MSEdge-Ref: Ref A: 06A536CD8DD4467192B053E41B03B54C Ref B: AMS04EDGE1618 Ref C: 2021-07-09T04:29:28Z
X-UserSessionId: 0e4cf372-a3d8-4be3-917f-01e9a3116af4
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 0e4cf372-a3d8-4be3-917f-01e9a3116af4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/hB744C66492427301_App_Scripts/ Frame 2274 431 KB
103 KB 34ms
13ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hB744C66492427301_App_Scripts/common.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b744c6649242730154b171aa2b95e7321a498f9380471c1bbf4a562884e92827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"43a9fb17b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006958
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 104866
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:29 GMT
X-OFFICEFD: AM4PEPF000068A8
X-MSEdge-Ref: Ref A: B35B886B1AE44C2B8810B1131A8CDDD5 Ref B: AM3EDGE0608 Ref C: 2021-07-09T04:29:29Z
X-UserSessionId: 1607e684-db87-430f-9794-4126b7b9fecd
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1607e684-db87-430f-9794-4126b7b9fecd
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacBoot.min.js Show response
c1-onenote-15.cdn.office.net/o/s/h46DC57A63CA47BFD_App_Scripts/ Frame 2274 48 KB
12 KB 35ms
14ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h46DC57A63CA47BFD_App_Scripts/wacBoot.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

46dc57a63ca47bfd0c1212a554d30b57a5f5259c12ce3fa807f5d114b64cde40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"fae2e917b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 11366
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:29 GMT
X-OFFICEFD: AM4PEPF000068B8
X-MSEdge-Ref: Ref A: 6E64937E7E1C4DD88319E5B8D99D1F2E Ref B: AMS04EDGE1414 Ref C: 2021-07-09T04:29:29Z
X-UserSessionId: 322d5291-c8cf-46bd-916c-7dc06b65db4b
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 322d5291-c8cf-46bd-916c-7dc06b65db4b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteSync.min.js Show response
c1-onenote-15.cdn.office.net/o/s/h59153778561F077B_App_Scripts/ Frame 2274 121 KB
31 KB 32ms
11ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h59153778561F077B_App_Scripts/onenoteSync.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

59153778561f077b47f488bfd47d73da51a5a946ddc0e1e21c75f1e2517f46dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"659ff117b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006957
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 30689
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:29 GMT
X-OFFICEFD: AM4PEPF0000689F
X-MSEdge-Ref: Ref A: 36EEF2366826435F97420133B0AD7511 Ref B: AM3EDGE0916 Ref C: 2021-07-09T04:29:29Z
X-UserSessionId: 94580bfb-7e66-4a9a-9297-620537b5b071
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 94580bfb-7e66-4a9a-9297-620537b5b071
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame 2274 106 KB
24 KB 52ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "fd98fbb84c67d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23714
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 09:55:24 GMT
X-OFFICEFD: AM4PEPF0000689D
X-MSEdge-Ref: Ref A: 61F66A7DF91C4E26826B21B36E81599F Ref B: AMS04EDGE1615 Ref C: 2021-07-01T19:36:00Z
X-UserSessionId: adc6400b-2fab-4ecd-b7e7-d6cc7f81fcbe
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: adc6400b-2fab-4ecd-b7e7-d6cc7f81fcbe
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-officeapps-15.cdn.office.net/o/s/h3840EF99B4A2DB1D_App_Scripts/1033/ Frame 2274 101 KB
24 KB 52ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/h3840EF99B4A2DB1D_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3840ef99b4a2db1de26128275fabb24e027c54ecd322a101afad6aa0cbf01bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"402727b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23173
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:29 GMT
X-OFFICEFD: AM4PEPF000068B4
X-MSEdge-Ref: Ref A: 2D933E58821B4BE3A73EEE3001A1F5D2 Ref B: AMS04EDGE1415 Ref C: 2021-07-09T04:29:29Z
X-UserSessionId: 17177452-783b-48df-869e-86759aae04fb
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 17177452-783b-48df-869e-86759aae04fb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/ Frame 2274 6 KB
2 KB 43ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "a7a1f0273d67d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B55
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 08:03:59 GMT
X-OFFICEFD: AM4PEPF000068BD
X-MSEdge-Ref: Ref A: C4D63FA915A444B2B4060141E649725C Ref B: AMS04EDGE1308 Ref C: 2021-07-01T19:36:37Z
X-UserSessionId: 44873fd0-a141-4027-b630-797e60aed05e
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 44873fd0-a141-4027-b630-797e60aed05e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Box4Intl.js Show response
c1-onenote-15.cdn.office.net/o/s/h843B79E00F5EF700_App_Scripts/1033/ Frame 2274 75 KB
18 KB 39ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h843B79E00F5EF700_App_Scripts/1033/Box4Intl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

843b79e00f5ef7003033ff421adef595c2de12c25970e857aadaff2296cb81e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"df331ee47574d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006959
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 16908
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 03:52:51 GMT
X-OFFICEFD: AM4PEPF000068A6
X-MSEdge-Ref: Ref A: 3EBB80C67C1640B688A53E6D58405BA7 Ref B: AMS04EDGE1209 Ref C: 2021-07-09T03:52:51Z
X-UserSessionId: ceb82804-97c9-45fe-9521-e7fd53ae3fd8
Date: Tue, 13 Jul 2021 16:28:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ceb82804-97c9-45fe-9521-e7fd53ae3fd8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WoncaIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/h29DB8AD8C3F08967_App_Scripts/1033/ Frame 2274 29 KB
7 KB 52ms
16ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

29db8ad8c3f0896786480626880dc28d2d26860119d93fe2919fdba45d3a0c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "a97c42844667d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006957
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6569
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 09:10:59 GMT
X-OFFICEFD: AM4PEPF000068B0
X-MSEdge-Ref: Ref A: 15A33065F6044F3AB3E0404810340567 Ref B: AMS04EDGE1110 Ref C: 2021-07-01T19:37:08Z
X-UserSessionId: faa96678-056f-44b4-bd60-823efa275baa
Date: Tue, 13 Jul 2021 16:28:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: faa96678-056f-44b4-bd60-823efa275baa
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/hF22878783B5945D1_App_Scripts/1033/ Frame 2274 32 KB
7 KB 59ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hF22878783B5945D1_App_Scripts/1033/OneNoteIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f22878783b5945d1c2bb891876dcf9cd027efc265dce899af167b96ca15ea00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "e53378abae6dd71:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.14228.41006
X-OfficeFE: AM4PEPF00006A50
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5881
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 30 Jun 2021 12:51:39 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: 7DDC4E7AE134484B8FB7FC155C458757 Ref B: AMS04EDGE1505 Ref C: 2021-07-01T19:36:01Z
X-UserSessionId: a7428ec2-045f-428a-bba1-86d5617760a5
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a7428ec2-045f-428a-bba1-86d5617760a5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.js Show response
c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/ Frame 2274 3 MB
688 KB 58ms
11ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

20ee243128380a7c5208e8ac8afa2044c733555ed9606f25b21c943e907bfaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"1c1f3a67b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 703947
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:36 GMT
X-OFFICEFD: AM4PEPF000068B3
X-MSEdge-Ref: Ref A: 621D203A1ECE426A9211F8136AEDC626 Ref B: AMS04EDGE1118 Ref C: 2021-07-09T04:29:36Z
X-UserSessionId: 796dea03-0a07-405c-afa2-91ac527b41b7
Date: Tue, 13 Jul 2021 16:28:53 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 796dea03-0a07-405c-afa2-91ac527b41b7
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jSanity.js Show response
c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/ Frame 2274 11 KB
5 KB 40ms
6ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "8c5345344267d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4312
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 08:40:07 GMT
X-OFFICEFD: AM4PEPF000068B4
X-MSEdge-Ref: Ref A: 584A4EE5DE7B42CD82F29AB01454A970 Ref B: AM3EDGE0617 Ref C: 2021-07-01T19:37:08Z
X-UserSessionId: faa96678-056f-44b4-bd60-823efa275baa
Date: Tue, 13 Jul 2021 16:28:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: faa96678-056f-44b4-bd60-823efa275baa
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
470 B 33ms
33ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008320
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 12a4c272-586c-4709-82fc-e1e78c2eb6fa
x-officefd: DB5PEPF00008320
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 66976671DF7B4ECEAB1ECF408B643D49 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:53Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
360 B 44ms
27ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":7,"Value":"https://c1-onenote-15.cdn.office.net:443/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00006499
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: be56ccf9-7993-4058-bc3f-ca38dbb2fb04
x-officefd: DB5PEPF00006499
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C4CD1E672E04478F9EC9EC632D52EB30 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:53Z
timing-allow-origin: *

POST
H2 200 OneNote.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 161 KB
14 KB 1049ms
1048ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNote.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h46DC57A63CA47BFD_App_Scripts/wacBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

06e58435a41ff2b86fccc892c3030539b4056f8a7438cd220b3d3d3c858687eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-AccessToken: 4wZDYErUT_wG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2-Qd-LZCfsF7O8PbH-AQZybr57kK9-H4a7ImR0de9XuVixX-YRLN3_GfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
X-ServerSideRendering: RenderingNoImages
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-SessionStartDimensions: {"Application":"OneNote","Browser":"Chrome","BrowserMajorVersion":"89","BrowserVersion":"89.0.4389","Host":"OneDriveWOPI","IsSynthetic":"False","Os":"Windows","Ring":"5","RoutedVia":"AzureFrontDoor","SessionOrigin":"UNKNOWN","UiHost":"OneDrive","UserSessionApplicationMode":"View","WACDatacenter":"PIE1"}
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00006499
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00006499
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 14012
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 66589cfc-3a56-45f5-82c0-a3f2db1b7cba
x-officefd: DB5PEPF00006499
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:54 GMT
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: 892031B17E904324AEB68842BF0ECBBC Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:53Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
216 B 34ms
32ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":176,"Value":"Making GetCells Request","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008328
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d49e9472-34da-4001-9d63-9c62d4d04cc7
x-officefd: DB5PEPF00008328
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A10104EC2A6B4594B1319FADB6142592 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:54Z
timing-allow-origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c1-onenote-15.cdn.office.net/o/s/h89EDB66D2A189EF4_App_Scripts/fonts/ Frame 2274 2 KB
3 KB 14ms
9ms Font
font/x-woff 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h89EDB66D2A189EF4_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "86a443a44667d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006962
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2472
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 09:11:53 GMT
X-OFFICEFD: AM4PEPF000068B8
X-MSEdge-Ref: Ref A: 89D26751960B48C18C33410F1803EBA0 Ref B: AMS04EDGE1722 Ref C: 2021-07-01T19:36:46Z
X-UserSessionId: eb21282e-2ebc-4c3c-b0da-9891cc647638
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: eb21282e-2ebc-4c3c-b0da-9891cc647638
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
192 B 38ms
35ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":709,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF0000649B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 50fb5f39-67a7-4aee-a37d-15759327dddb
x-officefd: DB5PEPF0000649B
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:54 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7B52AD3A95804BD89D2608E5AFD62E14 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:54Z
timing-allow-origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 431 KB
103 KB 10ms
9ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/common.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b744c6649242730154b171aa2b95e7321a498f9380471c1bbf4a562884e92827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"fd894577b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006959
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 104866
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068AD
X-MSEdge-Ref: Ref A: E89FF4BBF5BD422EB907F13EC9E7D3BC Ref B: AM3EDGE0714 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: dc45b96c-5bec-4e10-ba87-8c47c5f5894b
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: dc45b96c-5bec-4e10-ba87-8c47c5f5894b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-ribbon-intl.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 167 KB
32 KB 9ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/onenote-ribbon-intl.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d3a0124bc7f4637017cf6c1299cdddfff01365f4e1e7809814479cc614845f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7beb4377b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 31906
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068B9
X-MSEdge-Ref: Ref A: 494F56F8FCB94BEA92ADB4DC92067B6A Ref B: AMS04EDGE1422 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 5b51ba98-6f96-48de-a8c2-98e032655f3d
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5b51ba98-6f96-48de-a8c2-98e032655f3d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-intl-mlr.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 109 KB
20 KB 11ms
10ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/onenote-intl-mlr.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cdb2827563c30332e42992367e83d42dc29164177135443f45cd79f79f482aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"21a04c77b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006020
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 19048
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068B2
X-MSEdge-Ref: Ref A: CF8A38BA11964EA096539247D10960FE Ref B: AMS04EDGE1111 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 763b9990-1694-494b-9e5b-ded59094dea3
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 763b9990-1694-494b-9e5b-ded59094dea3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChrome.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 712 KB
127 KB 19ms
18ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChrome.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

288305e91cea42232fef9166d871f62829f2e80167e6820f6969c074b5fd2ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d1b44777b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B54
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 129393
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068B3
X-MSEdge-Ref: Ref A: 371D50492122427CA429ABB8B2F31428 Ref B: AMS04EDGE1112 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 320fe939-30e4-4434-b372-3351a28c204c
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 320fe939-30e4-4434-b372-3351a28c204c
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
255 B 36ms
33ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DB5PEPF00008329
x-officeversion: 16.0.14228.41006
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: ceefea41-d8f2-4dd7-9ba8-f8b7c49b79fb
x-officecluster: PIE1
x-usersessionid: ceefea41-d8f2-4dd7-9ba8-f8b7c49b79fb
date: Tue, 13 Jul 2021 16:28:54 GMT
x-download-options: noopen
access-control-allow-origin: https://onenote.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 0A939DA686B24A2ABFB3D1A842AF2C66 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:54Z
timing-allow-origin: *
x-officefe: DB5PEPF00008329

GET
H/1.1 200
OK segoeui.woff
c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/ Frame 2274 22 KB
23 KB 7ms
7ms Font
font/x-woff 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/segoeui.woff

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/OneNote.Refresh.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/OneNote.Refresh.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "931b3a8b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 22720
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 09 Jul 2021 06:24:15 GMT
X-OFFICEFD: AM4PEPF000068A6
X-UserSessionId: 3fc680e2-e036-490c-9c01-1acd60b36c71
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 3fc680e2-e036-490c-9c01-1acd60b36c71
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 40 KB
7 KB 18ms
15ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"22ed4977b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068C7
X-MSEdge-Ref: Ref A: 115CF74AF98B4F41AD64F14BFC8AB4C5 Ref B: AMS04EDGE1310 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 4a46ab0d-bc96-4563-b641-0d4e6412eef1
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4a46ab0d-bc96-4563-b641-0d4e6412eef1
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 OneNoteS2SHandler.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 189 B
559 B 224ms
223ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA%21143&access_token=4wZDYErUT%5FwG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2%2DQd%2DLZCfsF7O8PbH%2DAQZybr57kK9%2DH4a7ImR0de9XuVixX%2DYRLN3%5FGfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA&access_token_ttl=1628008133404

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008328
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008323
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 42c27e74-4eae-4cdd-831d-960f9acb99ee
x-officefd: DB5PEPF00008323
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:54 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 718B704949414EE28D339DB9B740EE6A Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:54Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK onenote-navpane-strings.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 7 KB
3 KB 9ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/onenote-navpane-strings.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cdfa4d3936c319e4ee7c19bba90c49dac5f76b82c44865dd8fff250528afc716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "bffab03c7a74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1519
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:23:58 GMT
X-OFFICEFD: AM4PEPF000068AD
X-MSEdge-Ref: Ref A: 137158432672457AA9D2B6B38ABCD212 Ref B: AMS04EDGE1421 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 8282ec16-2e51-4ff3-8286-918afe350e35
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8282ec16-2e51-4ff3-8286-918afe350e35
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 6 KB
7 KB 31ms
9ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/wapsw.png?b=1601422841006

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"bc21c8e17f74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 05:04:22 GMT
X-OFFICEFD: AM4PEPF000068B1
X-MSEdge-Ref: Ref A: 73A084FA8EF34F3B998EA82C19FC765E Ref B: AMS04EDGE1622 Ref C: 2021-07-09T05:04:22Z
X-UserSessionId: dd00634c-37f9-4f32-aba7-8638fd3d4052
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: dd00634c-37f9-4f32-aba7-8638fd3d4052
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 695 B
2 KB 30ms
9ms Image
image/gif 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"5cc23afc7c74d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: DB5PEPF00006499
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wordcapacity_2_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:43:38 GMT
X-OFFICEFD: DB5PEPF000082C9
X-MSEdge-Ref: Ref A: C42D35EC79384CB1A389E3703F4F1FDC Ref B: AMS04EDGE1206 Ref C: 2021-07-09T04:43:38Z
X-UserSessionId: 838c3141-e4e3-4840-a44a-820c81320a3b
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 838c3141-e4e3-4840-a44a-820c81320a3b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 6 KB
7 KB 13ms
12ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/box42.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abc0fa95b72f082cf4fbb18267cdbd282f2909b65b1b479d7f339db41769946e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"df859077b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006956
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6336
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF0000EA54
X-MSEdge-Ref: Ref A: 79795479BDFF46FFAAB3530EDBFCFBCA Ref B: AM3EDGE0407 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: ed689a13-a8e2-4e25-aecb-152b800e00ba
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: ed689a13-a8e2-4e25-aecb-152b800e00ba
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 3997a71e-718d-4814-ad83-c7588ef49c23
https://onenote.officeapps.live.com/ Frame 2274 221 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onenote.officeapps.live.com/3997a71e-718d-4814-ad83-c7588ef49c23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3417cf834869a77156a34f0d19df88d29bb7d3ae324259647ad5887910f568bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 221
Content-Type: application/javascript

GET
H/1.1 200
OK box43.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 2 KB
3 KB 8ms
7ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/box43.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7ad89a907bfe47019d905b92d0c203082aa75852d39b480e6fbe1718a8ea3647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"4ad5b6fc7c74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1922
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:43:39 GMT
X-OFFICEFD: AM4PEPF000068C4
X-MSEdge-Ref: Ref A: 94B74BF43D9A4817B062FC8300781AB5 Ref B: AM3EDGE0109 Ref C: 2021-07-09T04:43:39Z
X-UserSessionId: a954f020-c57e-403e-8a62-6758eb442ea0
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a954f020-c57e-403e-8a62-6758eb442ea0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK navigation.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 438 KB
103 KB 13ms
12ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

679455dad68c768db76e2252af78ff327e2aeede50fc7348dcc6497ca83b13f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"3aec9077b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006022
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 104064
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF0000601B
X-MSEdge-Ref: Ref A: 0875E2C4B3484D2FBAA514D48FC161E0 Ref B: AM3EDGE0713 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 1b7e2a19-61c0-47b8-84ff-73d520cb7608
Date: Tue, 13 Jul 2021 16:28:54 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1b7e2a19-61c0-47b8-84ff-73d520cb7608
Accept-Ranges: bytes
Timing-Allow-Origin: *

OPTIONS
H2 204 config16
officeclient.microsoft.com/ Frame 0
0 90ms
27ms Preflight 52.109.88.177
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.RedirectResourceService4Hidden&services=ResourceServiceEndpoint2

Protocol

Server

52.109.88.177 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-office-application,x-office-platform,x-office-version
Origin: https://onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
vary: Origin
server: Microsoft-IIS/10.0
x-correlationid: 2fd6dd61-ace1-4a6e-b459-3f8e2843fc7f
x-officefe: ConfigFE_IN_42
x-officeversion: 16.0.14312.30525
x-officecluster: weu-config.officeapps.live.com
x-content-type-options: nosniff
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-allow-headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,X-Ms-Diagnostics,odata-version,X-Office-AudienceGroup,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext,X-Office-IncrementalSync,SOAPAction,SubstrateBearer
access-control-expose-headers: X-CorrelationId,X-Ms-Diagnostics,X-OfficeCluster,Retry-After
timing-allow-origin: https://onenote.officeapps.live.com
access-control-allow-methods: GET, OPTIONS
access-control-max-age: 600
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 13 Jul 2021 16:28:55 GMT

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
340 B 31ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1229,"Value":"Get cells response received:200","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00006499
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c4b623d4-64c7-4f56-b612-493c3dcfd0a9
x-officefd: DB5PEPF00006499
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:54 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4C634547DA0B4F35861828A3DCDA56E0 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:55Z
timing-allow-origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 695 B
2 KB 7ms
7ms Image
image/gif 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_resources/1033/progress.gif

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"5cc23afc7c74d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: DB5PEPF00006499
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wordcapacity_2_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:43:38 GMT
X-OFFICEFD: DB5PEPF000082C9
X-MSEdge-Ref: Ref A: C42D35EC79384CB1A389E3703F4F1FDC Ref B: AMS04EDGE1206 Ref C: 2021-07-09T04:43:38Z
X-UserSessionId: 838c3141-e4e3-4840-a44a-820c81320a3b
Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 838c3141-e4e3-4840-a44a-820c81320a3b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 config16 Show response
officeclient.microsoft.com/ Frame 2274 273 B
434 B 37ms
37ms XHR
application/xml 52.109.88.177
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.RedirectResourceService4Hidden&services=ResourceServiceEndpoint2

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.177 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

66b1c99b974eb91c99e692e50a1c791c61c2a81e6a040221cd0bd82dfa3f5b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-Office-Application: 132
Accept: application/xml
X-Office-Platform: Web
Referer: https://onenote.officeapps.live.com/
X-Office-Version: 16.0.14228.41006
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Jul 2021 16:28:55 GMT
x-content-type-options: nosniff
x-officecluster: weu-config.officeapps.live.com
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.14312.30525
x-officefe: ConfigFE_IN_42
x-office-cachecleardate: 2009-01-01T00:00:00
content-length: 273
server: Microsoft-IIS/10.0
x-correlationid: 5b047251-1228-41d7-b6a2-26c684a859c5
x-office-cacheduration: 1440
x-powered-by: ASP.NET
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-CorrelationId,X-Ms-Diagnostics,X-OfficeCluster,Retry-After
cache-control: private, max-age=86400
timing-allow-origin: https://onenote.officeapps.live.com
access-control-allow-headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,X-Ms-Diagnostics,odata-version,X-Office-AudienceGroup,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext,X-Office-IncrementalSync,SOAPAction,SubstrateBearer

GET
H/1.1 200
OK ColumnSelect.cur
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 2 KB
3 KB 7ms
7ms Image
application/octet-stream 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ColumnSelect.cur

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a9eb9d74ca2a1d3046ac2cb018629c9c1dc4f18433dc6def6ea8ae5e9d860c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "f6392e58074d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2238
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 09 Jul 2021 05:05:22 GMT
X-OFFICEFD: AM4PEPF000068BA
X-UserSessionId: 73292854-1f4e-44f7-9e55-4d3d94ee22ba
Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CorrelationId: 73292854-1f4e-44f7-9e55-4d3d94ee22ba
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Blank10x10.gif
c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/1033/ Frame 2274 49 B
1 KB 8ms
8ms Image
image/gif 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/1033/Blank10x10.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "a08ede363d67d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B55
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 49
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 22 Jun 2021 08:04:24 GMT
X-OFFICEFD: AM4PEPF0000689F
X-MSEdge-Ref: Ref A: 9C5A1FB0CB7D43D39CB13952F5877B48 Ref B: AMS04EDGE1706 Ref C: 2021-07-01T19:37:59Z
X-UserSessionId: b8d731df-0ec8-43f7-a680-8f26be82c5ae
Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: b8d731df-0ec8-43f7-a680-8f26be82c5ae
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 2274 1016 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9327c22197a0b127d46288396af5efcb07e109cec776382d0bf7bad3a787cf1

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 49 KB
50 KB 8ms
7ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/one.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d3c0600a40ed08b8ded267c5bac1f4a2736349badbf1f8a05743ecf6c582b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"772aa77b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 50179
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068C1
X-MSEdge-Ref: Ref A: 040FC23445364E57AEB7AC714BC42818 Ref B: AMS04EDGE1618 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 436b6914-4756-4a05-adfc-c335e96dbd17
Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 436b6914-4756-4a05-adfc-c335e96dbd17
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
440 B 54ms
53ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":5,"MsSinceStart":1230,"Value":"Launching FastView from entry point WacBootGetCells","Type":"BootLogs"},{"Index":6,"MsSinceStart":1232,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008328
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: dbfc6822-289f-4585-807b-7ead52ca41a9
x-officefd: DB5PEPF00008328
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9C4F668FEE6444C5ACE5AF1C3898E933 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:55Z
timing-allow-origin: *

GET
H2 200 GetImage.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 1 KB
2 KB 510ms
509ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF956A0E4D4C28AFA%21145&access_token=4wvDYEjrxxX9gFk5EyolZoW1DVWWBi9uqbEBPFrUwB2foXQzPdyUdtJZBNKnLCCV6Ts0iU2ZQ8EZEgNyXwyx%5FPr1uheUsrQLt2UbRGOSjElT2Sqludlan03IJlNE2y2TjsSC8WkqbF9QuJYuwi2EjskQ&access_token_ttl=1628008133404&ObjectDataBlobId=%7Bbef0494b-02ef-4dde-a412-3c482a96ff7c%7D%7B1%7D&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&build=16.0.14228.41006&waccluster=PIE1&wdwacuseragent=MSWACONSync&DataUrlEnabled=true

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

567d35e6c31fc848e8b9d9eaf86c48e831b44920c8facb66d8809a8444edf005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008328
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008328
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1072
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FF956A0E4D4C28AFA%21145&access_token=4wvDYEjrxxX9gFk5EyolZoW1DVWWBi9uqbEBPFrUwB2foXQzPdyUdtJZBNKnLCCV6Ts0iU2ZQ8EZEgNyXwyx%5FPr1uheUsrQLt2UbRGOSjElT2Sqludlan03IJlNE2y2TjsSC8WkqbF9QuJYuwi2EjskQ&access_token_ttl=1628008133404{bef0494b-02ef-4dde-a412-3c482a96ff7c}{1}"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1b667f04-2855-4c88-8eac-4050cdb82cc6
x-officefd: DB5PEPF00008328
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:56 GMT
x-download-options: noopen
content-type: text/plain; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 412DAA8C3B8449C2AB258CB7FD51D37D Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:55Z
timing-allow-origin: *
expires: Wed, 13 Jul 2022 16:28:56 GMT

GET
H/1.1 200
OK listAll.json Show response
fs.microsoft.com/fs/4.16/ Frame 2274 269 KB
37 KB 110ms
32ms XHR
application/octet-stream 23.218.208.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.16/listAll.json
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d49ded217077c3b9b5766551a366d0ed972eeffa7b2ad33db78372380e2843a2

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Apr 2021 17:43:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "bf63e5de83dd71:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=137619
Content-Length: 37294
Content-Disposition: attachment; filename=listAll.json
Connection: keep-alive
Accept-Ranges: bytes
X-CID: 2

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
240 B 34ms
33ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":7,"MsSinceStart":1879,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF0000649B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8cd2801f-0aef-4595-9f3a-c944ad342a98
x-officefd: DB5PEPF0000649B
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 442025A3D74A4F90AD3C16A317396A40 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:55Z
timing-allow-origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/ Frame 2274 483 KB
94 KB 10ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c78dd16c262ea812246dee5ed0ee686bd0b5b151e1ba7c2769b96a3533542610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"50f9a77b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006956
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 95209
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF0000601B
X-MSEdge-Ref: Ref A: BB87D1C12A0E4057AD4DFAD8916B026E Ref B: AMS04EDGE1410 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 1043b508-578f-4a3d-aad4-5674e59ee3c5
Date: Tue, 13 Jul 2021 16:28:55 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1043b508-578f-4a3d-aad4-5674e59ee3c5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-ribbon-sprite-lazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 243 KB
35 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

646ad4632b87d39b7f28571e0623290b8d35e6bccfb4489650f8958d587fbb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"e610e577b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B54
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34425
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:39 GMT
X-OFFICEFD: AM4PEPF000068A8
X-MSEdge-Ref: Ref A: 1720091FE061428EA92654E2305FE7E9 Ref B: AM3EDGE0614 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: eedefbbb-0759-4c50-a618-f92c688d210e
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: eedefbbb-0759-4c50-a618-f92c688d210e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common50.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 2 MB
402 KB 9ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/common50.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

127c4718dbb3f6e27fcf9b3d38e10c4a9e574dfc81186c03cbb30a04d7bde89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b0ae877b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006958
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 411103
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:39 GMT
X-OFFICEFD: AM4PEPF0000EA55
X-MSEdge-Ref: Ref A: AFEB00216BF4497DA272D4C7C0D5A5D7 Ref B: AM3EDGE0208 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: a4c4913d-302a-4c22-bf8d-fb962083034f
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a4c4913d-302a-4c22-bf8d-fb962083034f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChromeLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 496 KB
109 KB 9ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3fa35f002ed86f72334480230bd012bce36fe97143291b6c0d6bf3f1685af80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "b21b669f7774d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B54
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 110998
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:05:15 GMT
X-OFFICEFD: AM4PEPF000068A2
X-MSEdge-Ref: Ref A: 6694E28EB21C472997224FBFAAFD753C Ref B: AMS04EDGE1506 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: 9a4b1d77-57d0-413c-aef7-79d7ef3d5911
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 9a4b1d77-57d0-413c-aef7-79d7ef3d5911
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appIconsLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 285 KB
62 KB 9ms
9ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appIconsLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c7a69d2f142a62a1f2cc4392d2266377a61da799351d9cba6e687f733a53768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "9117e78a7a74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 62457
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:26:09 GMT
X-OFFICEFD: AM4PEPF0000601C
X-MSEdge-Ref: Ref A: AA5715E0694A41139A737378C6C3AFEE Ref B: AMS04EDGE1516 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: e670fa2b-c3a1-419f-abb1-8471ecd18f05
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e670fa2b-c3a1-419f-abb1-8471ecd18f05
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2274 31 KB
32 KB 65ms
20ms Font
application/font-woff2 23.79.129.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.129.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-177.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: c1048e30-d01e-004f-681f-75f779000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30978925
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2274 35 KB
36 KB 80ms
35ms Font
application/font-woff2 23.79.129.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.129.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-177.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: c1048d61-d01e-004f-3c1f-75f779000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30978944
x-ms-version: 2009-09-19
content-length: 36344

POST
H2 200 RemoteTelemetry.ashx
onenote.officeapps.live.com/o/ 0
213 B 33ms
33ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DB5PEPF00008329
x-officeversion: 16.0.14228.41006
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: e63f1bdc-221f-4768-832f-e4b7c4714af8
x-officecluster: PIE1
x-usersessionid: e63f1bdc-221f-4768-832f-e4b7c4714af8
date: Tue, 13 Jul 2021 16:28:55 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: DA26EDCF54FA415BB202AA4F445DBD75 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:56Z
timing-allow-origin: *
x-officefe: DB5PEPF00008329

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
219 B 40ms
39ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF00008328
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wZDYErUT_wG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2-Qd-LZCfsF7O8PbH-AQZybr57kK9-H4a7ImR0de9XuVixX-YRLN3_GfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserType: WOPI
X-AccessTokenTtl: 1628008133404
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008320
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 876e36ed-6ffc-4e24-b727-653be99e8385
x-officefd: DB5PEPF00008320
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 34A6A585CC1743E2926887881D48E318 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:56Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx
onenote.officeapps.live.com/o/ 0
0 36ms
36ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=214043fe-c4bb-4290-8419-65b94ef0fd38&officeserverversion=16.0.14217.41013
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onedrive.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/ 92 KB
33 KB 82ms
44ms Script
application/javascript 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D859B65BA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cf294e6c-901e-00aa-227a-64a63b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148663
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-b64f5dcf.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/ 334 KB
102 KB 55ms
18ms Script
application/javascript 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac_s_office-b64f5dcf.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d4971e79bad84f7809a23dacb8be10b1508b0f80f9573a95a73dfd5ae3b81f27

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
content-encoding: gzip
content-md5: tk9dz2jMhh2evUzjoBNg0g==
content-length: 104176
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D8D578E81
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d422d58-201e-0016-187a-6470fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148620
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK OneNote.box4.dll1.js Show response
c1-onenote-15.cdn.office.net/o/s/h951908169C0A1023_App_Scripts/ Frame 2274 2 MB
438 KB 12ms
12ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h951908169C0A1023_App_Scripts/OneNote.box4.dll1.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

951908169c0a1023a20910c0843febb62d973f194789f5973210fc4f7de979b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b3b6b177b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 447766
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068BF
X-MSEdge-Ref: Ref A: D0C2D8B472E242F08C01908BA9FCA704 Ref B: AM3EDGE0713 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: cb76b27d-9692-4396-a271-7ab001494025
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: cb76b27d-9692-4396-a271-7ab001494025
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedback.css
c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/ Frame 2274 17 KB
4 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"9c1f4e87b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006020
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2613
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:39 GMT
X-OFFICEFD: AM4PEPF000068C7
X-MSEdge-Ref: Ref A: 00310BE25ECD468599FF4FC9E07F0162 Ref B: AMS04EDGE1721 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: cf72e0ea-6541-4ba7-a677-f9b0f3150d2b
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: cf72e0ea-6541-4ba7-a677-f9b0f3150d2b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/Intl/en/ Frame 2274 2 KB
2 KB 7ms
6ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a0194b87b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 722
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:39 GMT
X-OFFICEFD: AM4PEPF000068AE
X-MSEdge-Ref: Ref A: 9721878F49CE4BFBB4B592D6F71293C2 Ref B: AMS04EDGE1419 Ref C: 2021-07-09T04:29:39Z
X-UserSessionId: 5c3cf592-87a1-4d1b-8a6d-d3e618b9d2d2
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5c3cf592-87a1-4d1b-8a6d-d3e618b9d2d2
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK 36796050726
fs.microsoft.com/fs/4.16/rawguids/ Frame 2274 1 MB
601 KB 38ms
38ms Font
application/octet-stream 23.218.208.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.16/rawguids/36796050726
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5802737795e427edef6224d56cf32f9641f938adf6c919dc829ce4f748d9afab

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9357a7dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=227221
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=36796050726
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
482 B 31ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF00008328
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wZDYErUT_wG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2-Qd-LZCfsF7O8PbH-AQZybr57kK9-H4a7ImR0de9XuVixX-YRLN3_GfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserType: WOPI
X-AccessTokenTtl: 1628008133404
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00006499
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: e3400bba-59c6-428e-a9e4-ceacceda5187
x-officefd: DB5PEPF00006499
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:56 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 42EED9704F8A40F8AA441AD65E2AE0D8 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:56Z
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2274 31 KB
32 KB 20ms
20ms Font
application/font-woff2 23.79.129.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.129.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-177.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: c1048e30-d01e-004f-681f-75f779000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30978925
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2274 35 KB
36 KB 25ms
24ms Font
application/font-woff2 23.79.129.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.129.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-177.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: c1048d61-d01e-004f-3c1f-75f779000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30978944
x-ms-version: 2009-09-19
content-length: 36344

GET
H/1.1 200
OK oreonavpane.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 208 KB
43 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/oreonavpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ceaf9661fa5102c56a6ba9eb7c3207dc78eb1e002b2ce6352436e8e6ff7f8fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"fbc0e487b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 43327
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF000068A0
X-MSEdge-Ref: Ref A: 955CFFD00D3E40FB96980F034B18302C Ref B: AM3EDGE0916 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: ada06fb6-a7c2-4046-ae57-50254f66475e
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ada06fb6-a7c2-4046-ae57-50254f66475e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreolazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 60 KB
15 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/oreolazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aca73c18adffdfb8aca3a8c8df98c20f54d936a9ae09d4f54a67a188f32197fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d4f9e987b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14164
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF000068C0
X-MSEdge-Ref: Ref A: D54EAAA1296E4DA5B60975C2EFB8C9AF Ref B: AM3EDGE0721 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: 0164b4ea-7e59-466c-b976-8e8d4a5380db
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 0164b4ea-7e59-466c-b976-8e8d4a5380db
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 wac2-bf8b3319.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/ 310 KB
107 KB 20ms
20ms Script
application/javascript 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac2-bf8b3319.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
content-encoding: gzip
content-md5: v4szGe0O1pyqsqnSLW8nTQ==
content-length: 109104
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D8D3819E2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f420cdef-801e-0020-077a-64fd8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148709
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/ 15 KB
6 KB 24ms
24ms Script
application/javascript 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D8CE46C6F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d3549ff7-d01e-0094-037a-643144000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148560
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/ 47 KB
14 KB 24ms
24ms Script
application/javascript 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:56 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:44:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D8CFDC56C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ba754fa6-801e-000f-237a-64f041000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148683
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK OneNoteSimplified.Wac.TellMeModel.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 207 KB
89 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c03bb47d79572a534c18e9a6468926449cc8b1135e8fdd55850d021495b06502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"9c716987b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 90210
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_excelslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF000068AD
X-MSEdge-Ref: Ref A: D008048C30354B33A3307EBBF99CE178 Ref B: AMS04EDGE1205 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: d635e22c-9f5f-43a9-abb0-66ef4bd54b36
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d635e22c-9f5f-43a9-abb0-66ef4bd54b36
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteSimplified.Wac.TellMeSuggestionModel.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 124 KB
34 KB 9ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a7e848ac47f8c13e04a1922a6ff4de3aa701ede06f023150ab125fcfde30b0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7c7c5f87b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 33861
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF000068C3
X-MSEdge-Ref: Ref A: 78736D88520C4386A60BBF654A0D810A Ref B: AMS04EDGE1112 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: bb19ff4c-8465-413d-b746-d8d3e9a7e48b
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: bb19ff4c-8465-413d-b746-d8d3e9a7e48b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OsfRuntimeOneNoteWAC.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 555 KB
105 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OsfRuntimeOneNoteWAC.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e782053ab6a91dbaaf498a0b3bb18b298324b87133deedf6714a983953ea96b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"2de15e87b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006959
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 106332
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_excelslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF0000601B
X-MSEdge-Ref: Ref A: C7D69AD9207E407D98AABB4445E386B2 Ref B: AMS04EDGE1516 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: 99eca2d0-a171-40c9-8ed3-2ad3acd1e9ad
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 99eca2d0-a171-40c9-8ed3-2ad3acd1e9ad
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OfficeExtension.WacRuntime.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 172 KB
17 KB 9ms
9ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OfficeExtension.WacRuntime.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8b536587b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 16640
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF000068C4
X-MSEdge-Ref: Ref A: AA3BD2529DE5459586B945C1B2599946 Ref B: AMS04EDGE1712 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: 5beb076c-0f92-4f18-9bf3-861f7afdb0cb
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5beb076c-0f92-4f18-9bf3-861f7afdb0cb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 Acl1033.js Show response
onenote.officeapps.live.com/o/App_Scripts/Acl/ Frame 2274 19 KB
6 KB 36ms
36ms XHR
application/javascript 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

609fad38751f633572b2c9d463963d017ca5162f6541cf32727c8eebbe2b7c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

haep: 1
X-AccessToken: 4wZDYErUT_wG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2-Qd-LZCfsF7O8PbH-AQZybr57kK9-H4a7ImR0de9XuVixX-YRLN3_GfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA
X-WacFrontEnd: DB5PEPF00008328
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1628008133404
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "8045218073d4d61:0"
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF0000649B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5979
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 17 Dec 2020 12:52:39 GMT
x-officefd: DB5PEPF0000649B
x-msedge-ref: Ref A: F669202D9257441FB9A206A6F0C6A1B2 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:56Z
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:56 GMT
vary: Accept-Encoding
content-type: application/javascript
x-correlationid: dc0b6287-87f4-464f-8114-50f6d5b45dbf
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 49 KB
50 KB 8ms
7ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/one.png

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d3c0600a40ed08b8ded267c5bac1f4a2736349badbf1f8a05743ecf6c582b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"772aa77b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 50179
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068C1
X-MSEdge-Ref: Ref A: 040FC23445364E57AEB7AC714BC42818 Ref B: AMS04EDGE1618 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 436b6914-4756-4a05-adfc-c335e96dbd17
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 436b6914-4756-4a05-adfc-c335e96dbd17
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui-semilight-final.woff
c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/ Frame 2274 25 KB
26 KB 13ms
12ms Font
font/x-woff 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/segoeui-semilight-final.woff

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/OneNote.Refresh.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://c1-onenote-15.cdn.office.net/o/s/hB6FED88CE59927BE_resources/1033/OneNote.Refresh.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"9119b6f57f74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006957
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 25997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 05:04:56 GMT
X-OFFICEFD: AM4PEPF0000EA54
X-MSEdge-Ref: Ref A: C6BAF4EA08AA48A2A070D181856B5186 Ref B: AM3EDGE0109 Ref C: 2021-07-09T05:04:56Z
X-UserSessionId: dab387e4-0333-410e-a667-64ffdeb93877
Date: Tue, 13 Jul 2021 16:28:56 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: dab387e4-0333-410e-a667-64ffdeb93877
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK shellstrings.json Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/strings/en/ Frame 2274 14 KB
5 KB 7ms
7ms XHR
application/json 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/strings/en/shellstrings.json

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ed46219555f4077f169c6da2e93da15c9f5c3f823ea629f83de0eb1310d6397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80e8e887b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006022
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4434
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF0000689F
X-MSEdge-Ref: Ref A: D1169820BF4946FEA8D1D5FD519C787C Ref B: AMS04EDGE1610 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: 547348dc-19cd-4003-b5ef-e284194a6963
Date: Tue, 13 Jul 2021 16:28:57 GMT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
X-CorrelationId: 547348dc-19cd-4003-b5ef-e284194a6963
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteloadingspinner.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 17 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/onenoteloadingspinner.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a466c999f58cb98897d27aa8ba63d2a3f67efc149d7cf9c432286650fafc60ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"70636b97b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006022
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1555
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF000068A8
X-MSEdge-Ref: Ref A: DA2E0866321D4FAAB08A76FC298628DB Ref B: AM3EDGE0721 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: 19dd2624-2fbd-4402-bd21-6bb09ec3ecf8
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 19dd2624-2fbd-4402-bd21-6bb09ec3ecf8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreonotebookpane.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 3 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/oreonotebookpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6c99ef295556266f0c13aba5640c685c9e154ee543703e1134b05cfa530dfc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"66717197b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006958
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1066
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF0000689E
X-MSEdge-Ref: Ref A: DF1F6FDB2C034F848A90979AE3145A27 Ref B: AM3EDGE0514 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: 1cb0c4ff-7825-4593-b487-c2a01ae34976
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1cb0c4ff-7825-4593-b487-c2a01ae34976
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreosearchpane.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 57 KB
16 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/oreosearchpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

054a69efd1a48b9a2a4c13a6b02fbda1d8b7175a0978d3c76353013f1f65092c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c4fc6a97b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006956
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 15115
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF000068BA
X-MSEdge-Ref: Ref A: 60C0377639BB48948067FF42018D50A7 Ref B: AMS04EDGE1315 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: 3d11bf0d-a6d5-4840-9793-e0f84d600f7c
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 3d11bf0d-a6d5-4840-9793-e0f84d600f7c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK suiteux.shell.consappdata.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/ Frame 2274 7 KB
3 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d9bd85a2252fbbf46d87693c52a01b15771eb3f7709565abf7b74ee397abe904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"882744408174d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1998
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 05:14:10 GMT
X-OFFICEFD: AM4PEPF0000601C
X-MSEdge-Ref: Ref A: 6C59F5AFDDE3442BA8F4EF039B287CC5 Ref B: AM3EDGE0114 Ref C: 2021-07-09T05:14:10Z
X-UserSessionId: f080c00c-9acc-48a2-8688-ae51624fb06a
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f080c00c-9acc-48a2-8688-ae51624fb06a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 2274 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1 200
OK suiteux.shell.core.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/ Frame 2274 261 KB
68 KB 8ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a27dc13c5195133e3c855015179e36b430792d12db798de74b8ecef4d85a0965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a5eee97b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 68935
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF000068C2
X-MSEdge-Ref: Ref A: B90171FBDC824AAFB611063827296768 Ref B: AMS04EDGE1620 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: a0eeb579-37fa-41a1-b641-325ff65d4c13
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a0eeb579-37fa-41a1-b641-325ff65d4c13
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 proxy Show response
skyapi.onedrive.live.com/api/ Frame 08E7 448 B
556 B 1491ms
1408ms Document
text/html 13.104.208.165
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://skyapi.onedrive.live.com/api/proxy?v=3

Requested by

Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac_s_office-b64f5dcf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.104.208.165 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: skyapi.onedrive.live.com
:scheme: https
:path: /api/proxy?v=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: public
content-length: 295
content-type: text/html
content-encoding: gzip
expires: Wed, 13 Jul 2022 16:28:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver: DB3PPF35B017E3E
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: lGRPzXR82E+1ifCl69ougg.0
x-asmversion: UNKNOWN; 19.710.628.2003
date: Tue, 13 Jul 2021 16:28:57 GMT

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 31ms
30ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac2-bf8b3319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:28:57 GMT
x-msnserver: RD0003FF1DBB81
last-modified: Fri, 25 Jun 2021 18:49:42 GMT
server: Microsoft-IIS/10.0
etag: "e18845dcf269d71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 2274 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba5ca10fff72564466dd2825dd7da9540547338a171785a4e2decb05ba0fa96

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2274 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7381f2e6b26afba3a9fd6835c1aff21249af3984edfe10f5b7a3acbea1f422c5

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 2274 0
397 B 686ms
171ms XHR
application/json 168.62.200.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/161422841006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.200.169 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:57 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 589
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 102 KB
28 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/otelFullNext.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8287897b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006962
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27938
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF000068AE
X-MSEdge-Ref: Ref A: 555E56468ED341029E997161D516D340 Ref B: AMS04EDGE1516 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: 1d5c43c6-acce-4801-b37d-55a3254b9254
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1d5c43c6-acce-4801-b37d-55a3254b9254
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002// 8 KB
8 KB 22ms
22ms Image
text/css 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002//filesbucket3-5286f09d.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:57 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:43:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D7F0F4224
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 120e0b48-601e-0038-517a-6422ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148615
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
256 B

49ms
49ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4849%26IR%3D1%26EX%3D0%26L.h%3D810%26L.bc%3D857%26L.ac%3D857%26L.f%3D874%26L.sjs%3D4693%26L.ttg%3D2881%26C.st%3D1626193732818%26N.jsPlt%3D1584%26N.domIn%3D874%26N.dns%3D17%26N.tcp%3D45%26N.req%3D631%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.8816644673456766&CtsSyncId=62E5378AC8954C9497FD15E5EE194171&MUID=26DDF7AFF1E463B73534E7DCF5E467A8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jul 2021 16:28:57 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Jul 2021 16:28:57 GMT
x-msedge-ref: Ref A: 30E4B29AF39A4B2EAC3ED6202463881A Ref B: FRAEDGE1506 Ref C: 2021-07-13T16:28:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=382b85f9-d4b4-457e-b219-0ada2fb8084f&reqid=001113dde58&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997BBC%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D4849%26IR%3D1%26EX%3D0%26L.h%3D810%26L.bc%3D857%26L.ac%3D857%26L.f%3D874%26L.sjs%3D4693%26L.ttg%3D2881%26C.st%3D1626193732818%26N.jsPlt%3D1584%26N.domIn%3D874%26N.dns%3D17%26N.tcp%3D45%26N.req%3D631%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.8816644673456766&CtsSyncId=62E5378AC8954C9497FD15E5EE194171&MUID=26DDF7AFF1E463B73534E7DCF5E467A8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK OneNote.box4.dll2.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/ Frame 2274 1 MB
276 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OneNote.box4.dll2.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c115411d2f9aab0b6848ff96c1b2ea2e6211978cfd47c5af30af39a788c75dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"462bcf87b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 281918
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_excelslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:40 GMT
X-OFFICEFD: AM4PEPF000068B1
X-MSEdge-Ref: Ref A: 200712218160485EA23B221379C03941 Ref B: AMS04EDGE1618 Ref C: 2021-07-09T04:29:40Z
X-UserSessionId: 13d5b66a-fe7f-4132-8e39-9b51d95d3c32
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 13d5b66a-fe7f-4132-8e39-9b51d95d3c32
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 618ms
172ms XHR
application/json 168.62.200.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.200.169 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:57 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 523
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 2274 27 KB
9 KB 30ms
7ms Script
application/javascript 2620:1ec:46::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suiteshell

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b61095173f20174bd32a44e74e727af79b69bba2c1b4817df13b945d096bd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0TnXtYAAAAADCJPxtvdG5SYanD2MWj/twTE9OMjFFREdFMTUxNABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 13 Jul 2021 16:28:57 GMT
x-azure-ref: 0Sb/tYAAAAACUZLmPnL9vR6WvuL3BDV1ARlJBRURHRTEwMTIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Tue, 13 Jul 2021 14:10:35 GMT

GET
H/1.1 200
OK suiteux.shell.plus.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/ Frame 2274 276 KB
59 KB 10ms
9ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a01f10846f4e3fe36085032647c49d4e06dbac2ed2f861d8cff52f4de2bd3777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "151afa17774d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006020
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 59531
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:05:19 GMT
X-OFFICEFD: AM4PEPF000068B0
X-MSEdge-Ref: Ref A: 8EA4E574835E45B0811512D7C9F5EA37 Ref B: AMS04EDGE1111 Ref C: 2021-07-09T04:29:42Z
X-UserSessionId: a0679c49-062c-4e4f-a59e-12dd69048488
Date: Tue, 13 Jul 2021 16:28:57 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a0679c49-062c-4e4f-a59e-12dd69048488
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002// 8 KB
3 KB 23ms
17ms Stylesheet
text/css 2.16.106.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac2-bf8b3319.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-112.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Jul 2021 16:28:57 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Mon, 14 Jun 2021 21:43:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D92F7D7F0F4224
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 120e0b48-601e-0038-517a-6422ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29148615
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 2274 4 B
331 B 426ms
104ms XHR
application/json 52.114.132.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.132.91 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:57 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1626193738048
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1626193739&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

139ms
137ms

Image
text/html

20.190.159.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1626193739&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.159.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB3PPF35B017E3E
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.710.628.2003
date: Tue, 13 Jul 2021 16:28:59 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1626193739&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: Sr6Y/ZzxEkmQaNF7tSV7eg.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
DATA 200
OK truncated
/ Frame 2274 17 KB
17 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0225b2fd4c0dd7b6bf19366ceff48779ffb7a4d6c024a219689263d7124312c0

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 0
395 B 41ms
40ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14228.41006&waccluster=PIE1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF00008328
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wZDYErUT_wG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2-Qd-LZCfsF7O8PbH-AQZybr57kK9-H4a7ImR0de9XuVixX-YRLN3_GfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserType: WOPI
X-AccessTokenTtl: 1628008133404
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008320
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: a2e59104-cb8e-4f4b-af77-ab01f70c531d
x-officefd: DB5PEPF00008320
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:58 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5055F1AF207B42E7926BDC2EB366F8A2 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:58Z
timing-allow-origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/ Frame 2274 49 KB
50 KB 7ms
7ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/m2/one.png

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h20EE243128380A7C_App_Scripts/OneNote.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d3c0600a40ed08b8ded267c5bac1f4a2736349badbf1f8a05743ecf6c582b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"772aa77b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 50179
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:38 GMT
X-OFFICEFD: AM4PEPF000068C1
X-MSEdge-Ref: Ref A: 040FC23445364E57AEB7AC714BC42818 Ref B: AMS04EDGE1618 Ref C: 2021-07-09T04:29:38Z
X-UserSessionId: 436b6914-4756-4a05-adfc-c335e96dbd17
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 436b6914-4756-4a05-adfc-c335e96dbd17
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK osfruntime_strings.js Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/ Frame 2274 9 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/1033/osfruntime_strings.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

361772393cf73435244ddfe5ceecc2357ddf8a8f739ee3cdc9204e2bfde2f720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://onenote.officeapps.live.com
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d8f53397b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1865
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:41 GMT
X-OFFICEFD: AM4PEPF0000EA55
X-MSEdge-Ref: Ref A: 6ED4DD4A6446449599240A44ED2A61DD Ref B: AM3EDGE0720 Ref C: 2021-07-09T04:29:41Z
X-UserSessionId: f9fb42fe-4841-4847-8319-c5d65e608ed9
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f9fb42fe-4841-4847-8319-c5d65e608ed9
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Meetings_manifest.xml Show response
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 88 KB
15 KB 7ms
7ms XHR
text/xml 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/Meetings_manifest.xml

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

18383dbcd156d0238e42b78a69bfcd7ef8fcbe72d9548001e1bb599532558db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0ad9107d74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14378
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:43:46 GMT
X-OFFICEFD: AM4PEPF000068C5
X-MSEdge-Ref: Ref A: ADA636C872914A998EBD864482EE5071 Ref B: AM3EDGE0609 Ref C: 2021-07-09T04:43:46Z
X-UserSessionId: 2c0269e6-4d19-4efd-90f7-3ece0f9777cd
Date: Tue, 13 Jul 2021 16:28:58 GMT
Vary: Accept-Encoding
Content-Type: text/xml
Access-Control-Allow-Origin: *
X-CorrelationId: 2c0269e6-4d19-4efd-90f7-3ece0f9777cd
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 403 AddinServiceHandler.ashx Show response
onenote.officeapps.live.com/o/ Frame 2274 1 KB
1 KB 34ms
34ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-US&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA%21143&access_token=4wZDYErUT%5FwG23fD0gTP5R1mMWGNe4airA1uEwetDLcBakLgCqyt6l2%2DQd%2DLZCfsF7O8PbH%2DAQZybr57kK9%2DH4a7ImR0de9XuVixX%2DYRLN3%5FGfztgcAuwj8oFJCEOVPHkTQPtZmbLMM7XXoeUuwKWFjA&access_token_ttl=1628008133404

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008328
X-UserSessionId: 214043fe-c4bb-4290-8419-65b94ef0fd38
X-OfficeVersion: 16.0.14228.41006
X-Key: bJT/hX3N9ge9jfgBu7x+b1lqRTpBfxC0IczO+JkHzrA=,637617905337597829
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=5O8x94GVP0CHbsgEXoY3pQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FF956A0E4D4C28AFA!143&wde=com&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1626193732818&jsapi=1&jsapiver=v1&newsession=1&corrid=214043fe-c4bb-4290-8419-65b94ef0fd38&usid=214043fe-c4bb-4290-8419-65b94ef0fd38&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-officefd: DB5PEPF00008328
x-officeversion: 16.0.14228.41006
x-officefe: DB5PEPF00008328
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1233
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 35552bb3-1a8e-4ac6-b535-cf42d71487c8
x-officecluster: PIE1
x-usersessionid: 214043fe-c4bb-4290-8419-65b94ef0fd38
date: Tue, 13 Jul 2021 16:28:58 GMT
content-type: text/html
cache-control: private
x-msedge-ref: Ref A: 911440763F974D64B77B91E402B44F99 Ref B: AMS04EDGE1219 Ref C: 2021-07-13T16:28:58Z
timing-allow-origin: *

GET
H/1.1 200
OK moeerrorux.css
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 10 KB
2 KB 17ms
17ms Stylesheet
text/css 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/moeerrorux.css

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"e5bd9197b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1475
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:29:42 GMT
X-OFFICEFD: AM4PEPF000068A9
X-MSEdge-Ref: Ref A: AEEDC067BBA248DCB08F1BEEB7FCFF85 Ref B: AM3EDGE0514 Ref C: 2021-07-09T04:29:42Z
X-UserSessionId: 9fbecdb5-79e0-4ed4-b695-382b5f945e41
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 9fbecdb5-79e0-4ed4-b695-382b5f945e41
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 / Show response
www.onenote.com/officeaddins/learningtools/ Frame D496 2 KB
1 KB 95ms
38ms Document
text/html 52.109.88.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onenote.com/officeaddins/learningtools/?et=

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/OsfRuntimeOneNoteWAC.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

92b7a04d1c3375cb27c07c157c28e3466da3312a532f4f0362724bd05da0b0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.onenote.com
:scheme: https
:path: /officeaddins/learningtools/?et=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onenote.officeapps.live.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-routingofficecluster: weu-000.reverseproxy.onenote.com
x-routingofficefe: ReverseProxyFrontEnd_IN_23
x-routingofficeversion: 16.0.14311.40450
x-routingsessionid: 58fe2948-3d16-44fd-b65b-43d76c7e9101
x-routingcorrelationid: e9e2b5db-297e-4fad-a8a2-7363d57f4603
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="P3P is not supported anymore; see: https://msdn.microsoft.com/en-us/library/mt146424%28v=vs.85%29.aspx"
x-correlationid: e9e2b5db-297e-4fad-a8a2-7363d57f4603
x-usersessionid: 58fe2948-3d16-44fd-b65b-43d76c7e9101
x-officefe: AgavesFrontEnd_IN_3
x-officeversion: 16.0.14311.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Tue, 13 Jul 2021 16:28:57 GMT
content-length: 798

GET
H/1.1 200
OK progress.gif
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 695 B
2 KB 12ms
10ms Image
image/gif 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "d96610ee7b74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:36:05 GMT
X-OFFICEFD: AM4PEPF000068BC
X-MSEdge-Ref: Ref A: 57E8E35DF5BF474F82C3889E004B9FF8 Ref B: AMS04EDGE1411 Ref C: 2021-07-09T05:05:50Z
X-UserSessionId: 24246e21-20d7-4fb8-8f00-58000e1754ca
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 24246e21-20d7-4fb8-8f00-58000e1754ca
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK moe_status_icons.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 6 KB
7 KB 18ms
7ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/moe_status_icons.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "f0de1b28074d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF00006021
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6140
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 05:10:13 GMT
X-OFFICEFD: AM4PEPF000068C3
X-MSEdge-Ref: Ref A: 04EF700E07AB468EA7C7CE14136B6CB1 Ref B: AMS04EDGE1707 Ref C: 2021-07-09T05:32:42Z
X-UserSessionId: 730f1c02-d35b-40d3-8c68-f7fd6b1e021a
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 730f1c02-d35b-40d3-8c68-f7fd6b1e021a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK agavedefaulticon96x96.png
c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/ Frame 2274 1 KB
2 KB 19ms
8ms Image
image/png 2a02:26f0:7100:487::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161422841006_resources/1033/agavedefaulticon96x96.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"10f0db17d74d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14217.41013
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1115
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 09 Jul 2021 04:43:48 GMT
X-OFFICEFD: AM4PEPF0000601C
X-MSEdge-Ref: Ref A: BEB67C58BBAD4E0C8EAEF4AB188D17E6 Ref B: AM3EDGE0708 Ref C: 2021-07-09T04:43:48Z
X-UserSessionId: e1870b97-2a0d-41a7-9eb5-d1b6a05f1ddc
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: e1870b97-2a0d-41a7-9eb5-d1b6a05f1ddc
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonDiagnostics.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ Frame D496 33 KB
11 KB 30ms
8ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/CommonDiagnostics.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d02a69eb707375d5b575411b04b616c0948cb40779c12c7eab0e65ffc12695b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: ef0d8fda-6bcc-4e4a-b4e7-674b9ed1b700
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10369
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_16
X-RoutingOfficeVersion: 16.0.14311.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 99c0a465-03e5-4599-b324-86d3dc4b4527
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31476842
X-RoutingSessionId: 99c0a465-03e5-4599-b324-86d3dc4b4527
X-RoutingCorrelationId: ef0d8fda-6bcc-4e4a-b4e7-674b9ed1b700
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK BrowserUls.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ Frame D496 2 KB
2 KB 30ms
8ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/BrowserUls.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

2882bf4b22d0ad63e6f8877eb5c22353921e8c87b197911462933b7d1a7a44b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: d21ebeda-d785-48ef-a8fb-4ab37eaa5745
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_15
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 739
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_16
X-RoutingOfficeVersion: 16.0.14311.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 78560f4f-2f01-4eeb-b0bf-83c95c5fb42c
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31473797
X-RoutingSessionId: 78560f4f-2f01-4eeb-b0bf-83c95c5fb42c
X-RoutingCorrelationId: d21ebeda-d785-48ef-a8fb-4ab37eaa5745
Accept-Ranges: bytes
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com

GET
H2 200 jquery-2.1.3.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame D496 82 KB
37 KB 89ms
24ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C23) /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23142570
x-cache: HIT
content-length: 37723
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:05 GMT
server: ECAcc (mil/6C23)
etag: "b3b729ecc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK js-cookie.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ExternalResources/ Frame D496 4 KB
2 KB 30ms
8ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/ExternalResources/js-cookie.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

365009220d893f07b356c7f253cecd5a9f7e06d6207a3dd7a148fc73812b4fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: a0177407-8ce1-4eed-9050-06c534628b9e
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_14
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1459
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_4
X-RoutingOfficeVersion: 16.0.14311.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: da50c43c-a5f9-4169-8038-17af960de859
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31476824
X-RoutingSessionId: da50c43c-a5f9-4169-8038-17af960de859
X-RoutingCorrelationId: a0177407-8ce1-4eed-9050-06c534628b9e
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK pickadate.min.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ Frame D496 20 KB
8 KB 27ms
6ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/pickadate.min.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

7337ed6220111758e61f3be5060ae9a807d83edf05d5f7cc92b0b85e34a5fef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 96f7b3b4-4d54-43e7-bbb7-4e90740d5b36
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_11
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 7064
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.14308.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 2fe8573a-8bc4-4f3c-ab03-816be0db4f3a
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31473830
X-RoutingSessionId: 2fe8573a-8bc4-4f3c-ab03-816be0db4f3a
X-RoutingCorrelationId: 96f7b3b4-4d54-43e7-bbb7-4e90740d5b36
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK Instrumentation.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ Frame D496 3 KB
2 KB 30ms
9ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/Instrumentation.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5d5b6a8449df6bada967ee227f79a9a8e8e1dcebf3367eb23292971e6e822eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 3808086e-8b7a-4de7-9aae-73d6be8bd8b7
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_19
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 983
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_18
X-RoutingOfficeVersion: 16.0.14308.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 8b7d25ff-137e-44bc-8979-2bdbf89b77d8
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31473885
X-RoutingSessionId: 8b7d25ff-137e-44bc-8979-2bdbf89b77d8
X-RoutingCorrelationId: 3808086e-8b7a-4de7-9aae-73d6be8bd8b7
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK aria-web-telemetry-2.9.0.min.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/ Frame D496 53 KB
14 KB 31ms
9ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/aria-web-telemetry-2.9.0.min.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c459ec1608d98a847ab4c83723e1c4b2dc6e58a7006d5566c529a93113c2ee62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: c4fdf078-4883-454a-b45f-b401f7269bcf
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 13498
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_16
X-RoutingOfficeVersion: 16.0.14311.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 4e772de5-1be4-41fc-b4ff-9c6ece058039
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31476833
X-RoutingSessionId: 4e772de5-1be4-41fc-b4ff-9c6ece058039
X-RoutingCorrelationId: c4fdf078-4883-454a-b45f-b401f7269bcf
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK office.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/ Frame D496 57 KB
17 KB 73ms
28ms Script
application/javascript 23.79.131.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js
Requested by: Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-103.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6201e743be72435555d1afedc230a6660b2990db706482c8dffd75cea266cb2e

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 13:16:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08b62a4566bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16776

GET
H/1.1 200
OK LearningTools.js Show response
cdn.onenote.net/officeaddins/161431140450_Scripts/LearningTools/ Frame D496 19 KB
7 KB 39ms
7ms Script
application/javascript 2a02:26f0:7100:484::611
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onenote.net/officeaddins/161431140450_Scripts/LearningTools/LearningTools.js

Requested by

Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:7100:484::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ASP.NET

Resource Hash

b9667ebbd8cb1c9f5ac673b2a7988597e810d79c5bf07b717307a8403204107e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 2d5b162e-319c-444b-bcf9-e364b5178026
Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14311.40450
X-OfficeFE: AgavesFrontEnd_IN_3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6528
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_9
X-RoutingOfficeVersion: 16.0.14308.40450
Last-Modified: Sun, 11 Jul 2021 15:54:08 GMT
X-OfficeCluster: neu-000.appsforoffice.onenote.com
X-UserSessionId: 9ae4c022-d81d-4297-9da2-22ae446fb9e6
X-Powered-By: ASP.NET
ETag: "05093fb6c76d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.onenote.com
Cache-Control: public, max-age=31473850
X-RoutingSessionId: 9ae4c022-d81d-4297-9da2-22ae446fb9e6
X-RoutingCorrelationId: 2d5b162e-319c-444b-bcf9-e364b5178026
Accept-Ranges: bytes
X-RoutingOfficeCluster: neu-000.reverseproxy.onenote.com

GET
H/1.1 200
OK onenote-web-16.00.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/ Frame D496 675 KB
118 KB 21ms
21ms Script
application/javascript 23.79.131.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js
Requested by: Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-103.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b5c8cd82517fa9faeba00878ad67c7bc3846b6f4cd06588373121cd6c8fc5ac3

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:02:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0895b03661d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=20206
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119994

GET
H/1.1 200
OK office_strings.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/en-us/ Frame D496 20 KB
6 KB 57ms
19ms Script
application/javascript 23.79.131.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js
Requested by: Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-103.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0947c0aec3a96f12cd2e8160e0d771b148b48249504c1e0474f489279d8becd7

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 13:16:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08b62a4566bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=36510
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5402

GET
H/1.1 200
OK oteljs_agave.js Show response
appsforoffice.microsoft.com/lib/1.1/hosted/telemetry/ Frame D496 72 KB
19 KB 24ms
23ms Script
application/javascript 23.79.131.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/telemetry/oteljs_agave.js
Requested by: Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.131.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-131-103.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f452e6287dafd3b632cbff8533ed5dfc2f6f476c8672b468cf6dcfe321b8c889

Request headers

Origin: https://www.onenote.com
Referer: https://www.onenote.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 13:16:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08b62a4566bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=34856
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19004

POST
H2 200 RemoteUls.ashx Show response
www.onenote.com/officeaddins/ Frame D496 0
197 B 32ms
31ms XHR
text/plain 52.109.88.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onenote.com/officeaddins/RemoteUls.ashx

Requested by

Host: cdn.onenote.net
URL: https://cdn.onenote.net/officeaddins/161431140450_Scripts/CommonDiagnostics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://www.onenote.com/officeaddins/learningtools/?et=
X-UserSessionId: 58fe2948-3d16-44fd-b65b-43d76c7e9101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Jul 2021 16:28:58 GMT
x-content-type-options: nosniff, nosniff
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.14311.40450
x-officefe: AgavesFrontEnd_IN_3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
content-disposition: attachment
x-buls-suppressedtags
content-length: 0
x-routingofficefe: ReverseProxyFrontEnd_IN_23
x-routingofficeversion: 16.0.14311.40450
x-correlationid: 1312060b-3f5d-49df-89d0-7dfe2c98cdef
x-officecluster: weu-000.appsforoffice.onenote.com
x-usersessionid: 58fe2948-3d16-44fd-b65b-43d76c7e9101
x-powered-by: ASP.NET
x-download-options: noopen
content-type: text/plain
x-routingcorrelationid: 1312060b-3f5d-49df-89d0-7dfe2c98cdef
cache-control: private
x-routingsessionid: 58fe2948-3d16-44fd-b65b-43d76c7e9101
x-routingofficecluster: weu-000.reverseproxy.onenote.com

GET
H2 200 jquery-1.7.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame 08E7 93 KB
42 KB 22ms
22ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

Requested by

Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/api/proxy?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BBC) /

Resource Hash

e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skyapi.onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 16:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3756465
x-cache: HIT
content-length: 42690
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:59 GMT
server: ECAcc (mil/6BBC)
etag: "5c0a5acc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 2274 25 B
379 B 700ms
371ms XHR
application/json 52.114.132.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,1705ef36a51840648341da866d62baf8-ddbcd60b-4ce4-48da-96be-ad5f28b48954-8035,31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063,db334b301e7b474db5e0f02f07c51a47-a1b5bc36-1bbe-482f-a64a-c2d9cb606706-7439&upload-time=1626193739993&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.132.91 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f96a7bd74f75af4c190b6bc9639e94ba8b6418fe4291b6fe4fa4e3205b1f8bd4

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 13 Jul 2021 16:28:59 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 459
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 25

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 2274 0
396 B 183ms
182ms XHR
application/json 168.62.200.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.6&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1626193740043&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.200.169 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 16:28:59 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 75
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 Plt.mvc
onedrive.live.com/Handlers/ 42 B
508 B 116ms
116ms Image
image/gif 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /Handlers/Plt.mvc?bicild=&v=0.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: onedrive.live.com
referer: https://onedrive.live.com/redir?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY&page=View&wd=target%28Quick%20Notes.one%7C4b08dce7-a3e8-49ac-a9c7-638935b4370b%2FPERISHABLE%20SALES%20INC%7C873d3cb0-e3c2-4d69-b3bd-c17156d993c0%2F%29
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/redir?resid=F956A0E4D4C28AFA%21143&authkey=%21ABz6Ur6z97wcnKY&page=View&wd=target%28Quick%20Notes.one%7C4b08dce7-a3e8-49ac-a9c7-638935b4370b%2FPERISHABLE%20SALES%20INC%7C873d3cb0-e3c2-4d69-b3bd-c17156d993c0%2F%29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 8DB3D0FEC54443EEADDB1CA6CAD54EC8 Ref B: ZRHEDGE0813 Ref C: 2021-07-13T16:29:02Z
x-odwebserver: eastus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: private, max-age=31536000
date: Tue, 13 Jul 2021 16:29:01 GMT
set-cookie: xid=4964b890-c724-4439-8dce-af6723e4694d&&RD00155D997BBC&237; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ E=P:V3xrUxtG2Yg=:J723qcyw5QCRFB1k8Ot0kEB2ng+jPkax9VySaHTmuKQ=:F; domain=.live.com; path=/ pltmode=1; domain=.live.com; expires=Tue, 13-Jul-2021 16:29:12 GMT; path=/ wla42=; domain=live.com; expires=Tue, 20-Jul-2021 16:29:02 GMT; path=/
x-msnserver: RD00155D997BBC
expires: Wed, 13 Jul 2022 16:29:02 GMT

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onenote.officeapps.live.com/	1970-01-19 21:55:42	Name: DcLcid Value: ui=1033&data=1033
.live.com/	1969-12-31 23:59:59	Name: E Value: P:TVv1TRtG2Yg=:cn2JOT27Pc/6mQmSVJsyLi9JBCYVed0PBgTEvbj/I7c=:F
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1970-01-20 04:27:50	Name: mkt Value: en-US
.live.com/	1970-01-19 19:53:18	Name: wla42 Value:
onenote.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: xid Value: 382b85f9-d4b4-457e-b219-0ada2fb8084f&&RD00155D997BBC&237

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://c1-onenote-15.cdn.office.net/o/s/161422841006_App_Scripts/common.min.js(Line 48) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: HintBarEllipses_20, CommonControlChevronDown_8, CommonControlChevronDownGlyph_12, CommonControlChevronUp_8, CommonControlChevronRight_12, CommonControlChevronRight_16, CommonControlChevronLeft_16, CommonControlCheckboxCheck_16, CheckmarkWithDynamicColor_16, CommonControlDialogLauncher_8 (+ 10 more)
console-api	debug	URL: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js(Line 1) Message: OSF_Outil_getQueryStringParamValue: The parameter is not found.
console-api	log	URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js(Line 5) Message: OSF_Outil_getQueryStringParamValue: The parameter is not found.
console-api	debug	URL: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js(Line 1) Message: Registered WOPICatalog Exception details: null
console-api	log	URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js(Line 5) Message: Registered WOPICatalog Exception details: null
console-api	debug	URL: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js(Line 1) Message: Fail to parse the JSON string of specified Approved Addins for Host Exception details: {}
console-api	log	URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js(Line 5) Message: Fail to parse the JSON string of specified Approved Addins for Host Exception details: {}
console-api	debug	URL: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js(Line 1) Message: Fail to parse JSON string of Host Install Addins. Exception details: {}
console-api	log	URL: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js(Line 5) Message: Fail to parse JSON string of Host Install Addins. Exception details: {}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
amcdn.msftauth.net
appsforoffice.microsoft.com
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-officeapps-15.cdn.office.net
c1-onenote-15.cdn.office.net
cdn.onenote.net
fs.microsoft.com
login.live.com
officeclient.microsoft.com
onedrive.live.com
onenote.officeapps.live.com
p.sfx.ms
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
www.onenote.com
13.104.208.165
13.107.42.13
13.81.118.91
152.199.19.160
168.62.200.169
2.16.106.112
20.190.159.132
23.218.208.56
23.79.129.177
23.79.131.103
2620:1ec:46::42
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:7100:484::611
2a02:26f0:7100:487::4b36
52.109.88.177
52.109.88.2
52.114.132.91
52.142.114.2
0225b2fd4c0dd7b6bf19366ceff48779ffb7a4d6c024a219689263d7124312c0
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
054a69efd1a48b9a2a4c13a6b02fbda1d8b7175a0978d3c76353013f1f65092c
06e58435a41ff2b86fccc892c3030539b4056f8a7438cd220b3d3d3c858687eb
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
0947c0aec3a96f12cd2e8160e0d771b148b48249504c1e0474f489279d8becd7
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
127c4718dbb3f6e27fcf9b3d38e10c4a9e574dfc81186c03cbb30a04d7bde89a
153f159acbf21c3812c3a7587a33fcde3860ed4bc1b10e87e2ea99f22c54f2a7
18383dbcd156d0238e42b78a69bfcd7ef8fcbe72d9548001e1bb599532558db8
18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73
1d3c0600a40ed08b8ded267c5bac1f4a2736349badbf1f8a05743ecf6c582b0e
20ee243128380a7c5208e8ac8afa2044c733555ed9606f25b21c943e907bfaf3
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2882bf4b22d0ad63e6f8877eb5c22353921e8c87b197911462933b7d1a7a44b8
288305e91cea42232fef9166d871f62829f2e80167e6820f6969c074b5fd2ec0
29db8ad8c3f0896786480626880dc28d2d26860119d93fe2919fdba45d3a0c5a
313803ce9dec8e759b5f830c1e76a4bc10d8778d9383626bff7d2cb254d249d1
3417cf834869a77156a34f0d19df88d29bb7d3ae324259647ad5887910f568bc
361772393cf73435244ddfe5ceecc2357ddf8a8f739ee3cdc9204e2bfde2f720
365009220d893f07b356c7f253cecd5a9f7e06d6207a3dd7a148fc73812b4fe6
3663dbf01bd31a26f0cdeeb4cf8a215944820438082cd87815d2896da79001a5
3840ef99b4a2db1de26128275fabb24e027c54ecd322a101afad6aa0cbf01bb5
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3b61095173f20174bd32a44e74e727af79b69bba2c1b4817df13b945d096bd2b
3ba5ca10fff72564466dd2825dd7da9540547338a171785a4e2decb05ba0fa96
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3fa35f002ed86f72334480230bd012bce36fe97143291b6c0d6bf3f1685af80c
43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f
46dc57a63ca47bfd0c1212a554d30b57a5f5259c12ce3fa807f5d114b64cde40
47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638
4c7a69d2f142a62a1f2cc4392d2266377a61da799351d9cba6e687f733a53768
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
567d35e6c31fc848e8b9d9eaf86c48e831b44920c8facb66d8809a8444edf005
5802737795e427edef6224d56cf32f9641f938adf6c919dc829ce4f748d9afab
59153778561f077b47f488bfd47d73da51a5a946ddc0e1e21c75f1e2517f46dc
5d5b6a8449df6bada967ee227f79a9a8e8e1dcebf3367eb23292971e6e822eba
5ed46219555f4077f169c6da2e93da15c9f5c3f823ea629f83de0eb1310d6397
609fad38751f633572b2c9d463963d017ca5162f6541cf32727c8eebbe2b7c44
6201e743be72435555d1afedc230a6660b2990db706482c8dffd75cea266cb2e
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
646ad4632b87d39b7f28571e0623290b8d35e6bccfb4489650f8958d587fbb8d
66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b
66b1c99b974eb91c99e692e50a1c791c61c2a81e6a040221cd0bd82dfa3f5b3c
679455dad68c768db76e2252af78ff327e2aeede50fc7348dcc6497ca83b13f9
6c99ef295556266f0c13aba5640c685c9e154ee543703e1134b05cfa530dfc45
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771
7337ed6220111758e61f3be5060ae9a807d83edf05d5f7cc92b0b85e34a5fef3
7381f2e6b26afba3a9fd6835c1aff21249af3984edfe10f5b7a3acbea1f422c5
77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd
7ad89a907bfe47019d905b92d0c203082aa75852d39b480e6fbe1718a8ea3647
7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395
816a0f42a2bf473213a47be1dde62215811d54af1151a1e9916dc215df6ec776
843b79e00f5ef7003033ff421adef595c2de12c25970e857aadaff2296cb81e6
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
92b7a04d1c3375cb27c07c157c28e3466da3312a532f4f0362724bd05da0b0f9
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
951908169c0a1023a20910c0843febb62d973f194789f5973210fc4f7de979b1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d
a01f10846f4e3fe36085032647c49d4e06dbac2ed2f861d8cff52f4de2bd3777
a27dc13c5195133e3c855015179e36b430792d12db798de74b8ecef4d85a0965
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a466c999f58cb98897d27aa8ba63d2a3f67efc149d7cf9c432286650fafc60ea
a7e848ac47f8c13e04a1922a6ff4de3aa701ede06f023150ab125fcfde30b0ff
a9eb9d74ca2a1d3046ac2cb018629c9c1dc4f18433dc6def6ea8ae5e9d860c18
abc0fa95b72f082cf4fbb18267cdbd282f2909b65b1b479d7f339db41769946e
aca73c18adffdfb8aca3a8c8df98c20f54d936a9ae09d4f54a67a188f32197fd
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b43fce626b3bf7639d04334c4550da447f123be9a405fef0641a7c4aeedc43f0
b5c8cd82517fa9faeba00878ad67c7bc3846b6f4cd06588373121cd6c8fc5ac3
b6fed88ce59927be9d9e17dd088acf26e62311a7ceb2b1038eb6b5dd8a1fa935
b744c6649242730154b171aa2b95e7321a498f9380471c1bbf4a562884e92827
b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d
b9667ebbd8cb1c9f5ac673b2a7988597e810d79c5bf07b717307a8403204107e
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c03bb47d79572a534c18e9a6468926449cc8b1135e8fdd55850d021495b06502
c115411d2f9aab0b6848ff96c1b2ea2e6211978cfd47c5af30af39a788c75dbc
c459ec1608d98a847ab4c83723e1c4b2dc6e58a7006d5566c529a93113c2ee62
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c78dd16c262ea812246dee5ed0ee686bd0b5b151e1ba7c2769b96a3533542610
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cdb2827563c30332e42992367e83d42dc29164177135443f45cd79f79f482aa1
cdfa4d3936c319e4ee7c19bba90c49dac5f76b82c44865dd8fff250528afc716
ceaf9661fa5102c56a6ba9eb7c3207dc78eb1e002b2ce6352436e8e6ff7f8fc4
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
d02a69eb707375d5b575411b04b616c0948cb40779c12c7eab0e65ffc12695b3
d3a0124bc7f4637017cf6c1299cdddfff01365f4e1e7809814479cc614845f89
d4971e79bad84f7809a23dacb8be10b1508b0f80f9573a95a73dfd5ae3b81f27
d49ded217077c3b9b5766551a366d0ed972eeffa7b2ad33db78372380e2843a2
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d9bd85a2252fbbf46d87693c52a01b15771eb3f7709565abf7b74ee397abe904
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e4a6870814b2274025d89f9e9fab4480351a0cd3870b53e37ea9275614e02a34
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
e782053ab6a91dbaaf498a0b3bb18b298324b87133deedf6714a983953ea96b2
e9327c22197a0b127d46288396af5efcb07e109cec776382d0bf7bad3a787cf1
f22878783b5945d1c2bb891876dcf9cd027efc265dce899af167b96ca15ea00b
f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130
f452e6287dafd3b632cbff8533ed5dfc2f6f476c8672b468cf6dcfe321b8c889
f96a7bd74f75af4c190b6bc9639e94ba8b6418fe4291b6fe4fa4e3205b1f8bd4

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

134 Requests

99 %HTTPS

26 %IPv6

11 Domains

21 Subdomains

19 IPs

4 Countries

5150 kBTransfer

20472 kBSize

7 Cookies

1 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

99 %
HTTPS

26 %
IPv6

11
Domains

21
Subdomains

19
IPs

4
Countries

5150 kB
Transfer

20472 kB
Size

7
Cookies

134 HTTP transactions
5 data transactions