onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Submission: On January 28 via api (January 28th 2022, 3:20:24 am UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 6 domains to perform 85 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2486.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on August 13th 2021. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	104.97.15.50 104.97.15.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.95.147.73 13.95.147.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	2a02:26f0:6c0... 2a02:26f0:6c00:2bc::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.109.32.63 52.109.32.63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	95.100.128.157 95.100.128.157	() ()
3	2.18.232.120 2.18.232.120	() ()
1	20.50.201.195 20.50.201.195	() ()
1	2a02:26f0:6b:... 2a02:26f0:6b:5ba::356e	() ()
85	11

3 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.97.15.50 (Haarlem, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-97-15-50.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.95.147.73 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a02:26f0:6c00:2bc::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-onenote-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onenote.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.32.63 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

officeclient.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.128.157 (None, )

ASN- ()

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.120 (None, )

ASN- ()

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.201.195 (None, )

ASN- ()

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6b:5ba::356e (None, )

ASN- ()

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	office.net c1-onenote-15.cdn.office.net — Cisco Umbrella Rank: 11092	3 MB
19	live.com onedrive.live.com — Cisco Umbrella Rank: 2486 onenote.officeapps.live.com — Cisco Umbrella Rank: 28845	132 KB
7	microsoft.com officeclient.microsoft.com — Cisco Umbrella Rank: 176 fs.microsoft.com browser.pipe.aria.microsoft.com www.microsoft.com	85 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 2629	315 KB
2	sharepointonline.com static2.sharepointonline.com	68 KB
2	sfx.ms p.sfx.ms — Cisco Umbrella Rank: 19232	12 KB
85	6

	Domain	Requested by
41	c1-onenote-15.cdn.office.net	onedrive.live.com onenote.officeapps.live.com c1-onenote-15.cdn.office.net
16	onenote.officeapps.live.com	c1-onenote-15.cdn.office.net onedrive.live.com onenote.officeapps.live.com
7	spoprod-a.akamaihd.net	onedrive.live.com
3	fs.microsoft.com	c1-onenote-15.cdn.office.net
3	onedrive.live.com	onedrive.live.com
2	static2.sharepointonline.com
2	officeclient.microsoft.com	c1-onenote-15.cdn.office.net
2	p.sfx.ms	onedrive.live.com
1	www.microsoft.com
1	browser.pipe.aria.microsoft.com	p.sfx.ms
85	10

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 01	`2021-08-13` - `2022-08-13`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
config.officeapps.live.com Microsoft RSA TLS CA 02	`2021-06-14` - `2022-06-14`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2021-12-12` - `2022-12-07`	a year	crt.sh
www.microsoft.com Microsoft RSA TLS CA 01	`2021-07-28` - `2022-07-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Frame ID: CC4F63748362CCCF760ACE012836F7E3
Requests: 19 HTTP requests in this frame

Frame: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Frame ID: 6634FF25E18B973787E6DB2EDAE27131
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LHTC'S SHARED FILE - Microsoft OneNote Online

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

92 %
HTTPS

30 %
IPv6

6
Domains

10
Subdomains

11
IPs

4
Countries

3340 kB
Transfer

14882 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 96 KB
32 KB 1935ms
1857ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a1cf22d2108253c60c208c45806490113961b70bd8a57ba6505a156bd097c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD0003FF9C195C
x-odwebserver: canadacentral1-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7ECCBF09752645B492E1BE22B60DCB22 Ref B: FRAEDGE1214 Ref C: 2022-01-28T03:20:17Z
date: Fri, 28 Jan 2022 03:20:18 GMT

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 136 KB
26 KB 120ms
15ms Stylesheet
text/css 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:19 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437FC5D3D3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a8bc4064-c01e-0088-53f3-c16324000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279652
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 85 KB
16 KB 119ms
14ms Stylesheet
text/css 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:19 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4379793342
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 76e13b56-e01e-006b-57f3-c101d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279629
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 169 KB
30 KB 122ms
18ms Stylesheet
text/css 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:19 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437A5D7B4E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d45927ba-801e-006d-62f3-c13266000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279610
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 106 KB
29 KB 128ms
127ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=Office&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1fe1fa7539a14d68af48ad61158f31c091081513d947f3f5355ba47b1f4bcf1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0003FF9C195C
x-content-type-options: nosniff
x-msedge-ref: Ref A: D7D3FA3ADB094F529BCF8067B538B256 Ref B: FRAEDGE1214 Ref C: 2022-01-28T03:20:19Z
x-odwebserver: canadacentral1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Fri, 28 Jan 2022 03:20:18 GMT
content-encoding: gzip
expires: Sat, 28 Jan 2023 03:20:19 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 428ms
427ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ca3f46e61178d11a9164a68307e1ecddc9491f0fe127c2237df29e2fe82bdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0003FFC98BBB
x-content-type-options: nosniff
x-msedge-ref: Ref A: D20ECDD1662C4B82966975AB0436C779 Ref B: FRAEDGE1214 Ref C: 2022-01-28T03:20:19Z
x-odwebserver: canadacentral1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Fri, 28 Jan 2022 03:20:18 GMT
content-encoding: gzip
expires: Sat, 28 Jan 2023 03:20:19 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 102ms
16ms Script
application/javascript 13.95.147.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:20:19 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 21:05:46 GMT
server: Microsoft-IIS/10.0
etag: "071bde3f6dbd71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: westeurope1-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF23D99B
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
130 B 15ms
15ms Image
image/gif 13.95.147.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:20:19 GMT
x-msnserver: RD0003FF23D99B
last-modified: Wed, 17 Nov 2021 21:05:20 GMT
server: Microsoft-IIS/10.0
etag: "0283ed4f6dbd71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope1-odwebp
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK onenote-boot.min.js Show response
c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/ 92 KB
25 KB 324ms
16ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/onenote-boot.min.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f63da5f88db88167fa69dabf0d482d4fb5a15e209b4daa7c7378d49dd1359713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8487cc3bceed81:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: DB5PEPF00008325
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 25233
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:53:13 GMT
X-OFFICEFD: DB5PEPF00008325
X-UserSessionId: 510346b7-8a4f-4166-99b6-b875a73e28df
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 510346b7-8a4f-4166-99b6-b875a73e28df
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx
onenote.officeapps.live.com/o/ 0
635 B 169ms
26ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/onenote-boot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000695E
x-officeversion: 16.0.14920.41026
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5696a1b8-4cac-4b48-bbdb-bbb1ee9383e9
x-officecluster: PNL1
x-usersessionid: 5696a1b8-4cac-4b48-bbdb-bbb1ee9383e9
date: Fri, 28 Jan 2022 03:20:19 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: FC13E38C8ACF4A69ADCDF80A40B52AE4 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
timing-allow-origin: *
x-officefe: AM4PEPF0000695E

POST
H2 200 onenoteframe.aspx Show response
onenote.officeapps.live.com/o/ Frame 6634 160 KB
48 KB 166ms
42ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&authkey=!AAhLgmDCkBkx1Ew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b0ea6bc914fb09cae9ad487597c1bb2c80fdd9bf91e2b517c525110611876e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Aq8ApbTsnK8lxoHFoGQlfXD5lggah+O8ZwFjtswkfRHxLcDdmMd0syPhcneNqm9E4tAhpOFVNHn8j6knJRk2MSEAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjQ1NDgyMTU2fQ==
x-officefe: AM4PEPF00006022
x-officeversion: 16.0.14920.41026
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /o/reportcsp.ashx
document-policy: js-profiling
x-officefd: AM4PEPF00006022
x-wacfrontend: AM4PEPF00006022
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: F39F74C1CD18411B9CCD37EFC65599DF Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
date: Fri, 28 Jan 2022 03:20:19 GMT

POST
H2 200 RemoteUls.ashx
onenote.officeapps.live.com/o/ 0
0 152ms
28ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&officeserverversion=16.0.14920.41026
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/onenote-boot.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK EditSurface.css
c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/1031/ Frame 6634 26 KB
5 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/1031/EditSurface.css

Requested by

Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

816a0f42a2bf473213a47be1dde62215811d54af1151a1e9916dc215df6ec776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "3f5d68fc69cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 4702
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Tue, 18 Jan 2022 12:50:35 GMT
X-OFFICEFD: AM4PEPF00006960
X-UserSessionId: 64f3b30f-b0d8-49aa-9410-91113c27cf35
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 64f3b30f-b0d8-49aa-9410-91113c27cf35
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNote.Refresh.css
c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/ Frame 6634 432 KB
53 KB 16ms
7ms Stylesheet
text/css 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/OneNote.Refresh.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

03bb8abc1b9a5dce76172346223fd8a4d1e50b79ff2f4b66e5a5fe2d3ed7baa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "24ac6a8978cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006959
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 53666
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 14:34:44 GMT
X-OFFICEFD: AM4PEPF00006959
X-MSEdge-Ref: Ref A: 1E2AE9FF9653473FB4B64CDB57107ADF Ref B: AMS04EDGE2007 Ref C: 2022-01-19T01:36:40Z
X-UserSessionId: 5096d04b-5a7c-4b97-955a-893b956fea1e
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 5096d04b-5a7c-4b97-955a-893b956fea1e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacBootNew.min.js Show response
c1-onenote-15.cdn.office.net/o/s/h07757BD4A5AB7D19_App_Scripts/ Frame 6634 50 KB
13 KB 27ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h07757BD4A5AB7D19_App_Scripts/wacBootNew.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07757bd4a5ab7d19c20024fbdf533333d1d83554c3508ec675b621f8dbdd1306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "37321d635bcd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 12695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 11:06:05 GMT
X-OFFICEFD: AM4PEPF0000695D
X-MSEdge-Ref: Ref A: 082004784CFD4640BE8D1A319CEE22A9 Ref B: AMS04EDGE1518 Ref C: 2022-01-19T02:00:03Z
X-UserSessionId: d7b3eb03-bdf8-43b4-90e8-a186fc487a7f
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d7b3eb03-bdf8-43b4-90e8-a186fc487a7f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteSyncNew.min.js Show response
c1-onenote-15.cdn.office.net/o/s/hDA9483E47A8473BE_App_Scripts/ Frame 6634 129 KB
34 KB 27ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hDA9483E47A8473BE_App_Scripts/onenoteSyncNew.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da9483e47a8473bebadc4460b608d9ef05aadc54cbde21fb10c62019647346ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "40119ce62cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006021
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 33530
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 11:53:49 GMT
X-OFFICEFD: AM4PEPF00006021
X-MSEdge-Ref: Ref A: 624A7669BF9D4278A37EDB67D6DD73E9 Ref B: AM3EDGE0511 Ref C: 2022-01-19T01:59:55Z
X-UserSessionId: ea470a43-80ae-4af3-add3-ad4e7d29d8ad
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ea470a43-80ae-4af3-add3-ad4e7d29d8ad
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjaxDS.js Show response
c1-onenote-15.cdn.office.net/o/s/hD8326BB4760631A8_App_Scripts/ Frame 6634 106 KB
24 KB 27ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "6eeb8dd278cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23628
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 14:36:47 GMT
X-OFFICEFD: AM4PEPF0000695A
X-MSEdge-Ref: Ref A: 9E12990D7CAA4C4296B21DC1A77BAA78 Ref B: AM3EDGE1017 Ref C: 2022-01-24T05:57:22Z
X-UserSessionId: 20a2e1db-d34d-4f10-9453-58cb10ac548c
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 20a2e1db-d34d-4f10-9453-58cb10ac548c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/h402995BEB250B9F3_App_Scripts/1031/ Frame 6634 139 KB
31 KB 28ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h402995BEB250B9F3_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffa41f782789935736960eef352dcc60a41b2d073f1dd3afa85816e01452643b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "33fb26d3de10d81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14920.41026
X-OfficeFE: AM4PEPF00006956
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 30196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 24 Jan 2022 04:57:01 GMT
X-OFFICEFD: AM4PEPF00006956
X-MSEdge-Ref: Ref A: 809DCCF2A1C243469F42052BDE43E379 Ref B: AMS04EDGE2318 Ref C: 2022-01-27T04:02:17Z
X-UserSessionId: 266cd95f-d4b4-4c94-9961-4892d266131b
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 266cd95f-d4b4-4c94-9961-4892d266131b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-onenote-15.cdn.office.net/o/s/hCBA89239522795D5_App_Scripts/ Frame 6634 6 KB
2 KB 27ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "52a94a1f70cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006958
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1373
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 13:34:30 GMT
X-OFFICEFD: AM4PEPF00006958
X-MSEdge-Ref: Ref A: 812C699B88A14E73AB7C438F917C718E Ref B: AM3EDGE1007 Ref C: 2022-01-19T02:14:19Z
X-UserSessionId: 2390f1fb-e5fa-41d4-9ba2-0e31a8455d06
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 2390f1fb-e5fa-41d4-9ba2-0e31a8455d06
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Box4Intl.js Show response
c1-onenote-15.cdn.office.net/o/s/h6F2F08F556D14712_App_Scripts/1031/ Frame 6634 83 KB
16 KB 17ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h6F2F08F556D14712_App_Scripts/1031/Box4Intl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e32e11cdb2898d51b5d1301ff66ca30d6991762856eb40448a5651bb39fc0fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d5ce92b62cd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006021
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 15480
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 11:53:44 GMT
X-OFFICEFD: AM4PEPF00006021
X-MSEdge-Ref: Ref A: 6E725DE920A5431DA339B7A0619FEB1B Ref B: AMS04EDGE1509 Ref C: 2022-01-19T01:37:21Z
X-UserSessionId: c5145c98-ff36-4fd6-b261-d5e5acb156fb
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c5145c98-ff36-4fd6-b261-d5e5acb156fb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WoncaIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/h28C8EB2FCB614776_App_Scripts/1031/ Frame 6634 32 KB
7 KB 13ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h28C8EB2FCB614776_App_Scripts/1031/WoncaIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

efabce8e84e323a0018d2c45fd7ce9960f17a71c15222075e2f131a2540cdd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "1df4125311d81:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14920.41026
X-OfficeFE: DB5PEPF00008323
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 6363
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Mon, 24 Jan 2022 09:17:01 GMT
X-OFFICEFD: DB5PEPF00008323
X-UserSessionId: b1a23c90-3dbd-45cc-a611-511dc4066281
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b1a23c90-3dbd-45cc-a611-511dc4066281
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteIntl.js Show response
c1-onenote-15.cdn.office.net/o/s/hC597D21BD520160D_App_Scripts/1031/ Frame 6634 37 KB
9 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hC597D21BD520160D_App_Scripts/1031/OneNoteIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b1d9fe56d0d16efbd138732b8e643af63654c9e7e7028a8cc8b04fb6e3e1456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "22b92de1ed10d81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14920.41026
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 7712
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 24 Jan 2022 06:44:47 GMT
X-OFFICEFD: AM4PEPF00006960
X-MSEdge-Ref: Ref A: 0E824D7AD3434730B73EC489D0526299 Ref B: AM3EDGE0213 Ref C: 2022-01-27T05:17:54Z
X-UserSessionId: d2ae1c92-a6e7-4e72-bb7e-113a9e9578a4
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d2ae1c92-a6e7-4e72-bb7e-113a9e9578a4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK OneNoteDs.js Show response
c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/ Frame 6634 3 MB
849 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cc787c190f40c7aa026ef13835cfb01e2ed2683379bad9d994a02dcf7b3552f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"4db4f92bcfed81:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: DB5PEPF00008324
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 868910
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:56 GMT
X-OFFICEFD: DB5PEPF00008324
X-UserSessionId: 26471d20-29c8-41e7-aaba-8ee6e24d9d6d
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 26471d20-29c8-41e7-aaba-8ee6e24d9d6d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jSanity.js Show response
c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/ Frame 6634 11 KB
4 KB 9ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "33207e22f410d81:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14920.41026
X-OfficeFE: DB5PEPF00008328
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3414
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Mon, 24 Jan 2022 07:29:34 GMT
X-OFFICEFD: DB5PEPF00008328
X-UserSessionId: 4bf24fd7-41b8-4efd-bdaf-25cd50511401
Date: Fri, 28 Jan 2022 03:20:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4bf24fd7-41b8-4efd-bdaf-25cd50511401
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
488 B 20ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006956
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4f28c0f9-7581-4801-8ca0-b6f19becb4f8
x-officefd: AM4PEPF00006956
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: EDA542DE628C4BF79CF69AE5B631E750 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
357 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":7,"Value":"https://c1-onenote-15.cdn.office.net:443/o/s/h816A0F42A2BF4732_resources/1031/EditSurface.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006961
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c2765df0-6147-4531-90d3-9ce93a8d4e0e
x-officefd: AM4PEPF00006961
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DAFF90A2544946A0A9B935A61529A128 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
timing-allow-origin: *

POST
H2 200 OneNote.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 208 KB
16 KB 2402ms
2401ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNote.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h07757BD4A5AB7D19_App_Scripts/wacBootNew.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e95065fcdf5dc596d9ead4ee0a30cfe849a54e9e3dc2acd6c8e1ee9ecda37644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-AccessToken: 4w6yqxzFXwrIQ7AbW-dx-vsTleVQUIum11o3UFU_uQUVVYCMRhhbwAUqrBxbB8fGFoKurGsOCiIV4Rr0jY6FAfPbIYpfoVzUzjHn7xuPhGUJJ6Hish5evBRHmw9czqdH7XEdCGDb4l1UGfnUeSIhojPg
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
X-ServerSideRendering: RenderingNoImages
X-OfficeVersion: 16.0.14920.41026
X-Key: jFqYbc+IiIykTu6OF/ZhX2bdO2D2Z51huEKfr8yMzbA=,637789368201970284
X-WacUserAgent: MSWACONSync
Content-Type: application/json; charset=UTF-8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-SessionStartDimensions: {"Application":"OneNote","Browser":"Chrome","BrowserMajorVersion":"97","BrowserVersion":"97.0.4692","Host":"OneDriveWOPI","IsSynthetic":"False","Os":"Windows","Ring":"5","RoutedVia":"AzureFrontDoor","SessionOrigin":"UNKNOWN","UiHost":"OneDrive","UserSessionApplicationMode":"View","WACDatacenter":"PNL1"}
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006020
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006020
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 15924
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5a9d29f4-e56a-4a0d-a8cc-856c99c7c270
x-officefd: AM4PEPF00006020
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:22 GMT
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: CD4FD791CD6940B2A4F33D160BABAB2F Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
282 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":44,"Value":"Making GetCells Request","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006959
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: b42c3e15-75c4-4442-8f6f-ffeb0f1afc32
x-officefd: AM4PEPF00006959
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: CBFC32A73ABF402CB699C2F9CC9A197D Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:20Z
timing-allow-origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c1-onenote-15.cdn.office.net/o/s/hE5C1E39EBD126206_App_Scripts/fonts/ Frame 6634 3 KB
4 KB 7ms
7ms Font
font/x-woff 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hE5C1E39EBD126206_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "3de1e339fb10d81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14920.41026
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2748
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 24 Jan 2022 08:20:20 GMT
X-OFFICEFD: AM4PEPF00006B52
X-MSEdge-Ref: Ref A: 2785E0D39DF94D619B989B6AC24BDBDE Ref B: AM3EDGE0810 Ref C: 2022-01-27T04:04:29Z
X-UserSessionId: 4e233d8f-c258-41ff-87cd-f1a188f333f2
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 4e233d8f-c258-41ff-87cd-f1a188f333f2
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
310 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":582,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF0000695E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9a9c7871-bd80-4c44-b25f-87c2c69b816f
x-officefd: AM4PEPF0000695E
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 09BC8DB59630433BB45255C1F97EBE46 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:21Z
timing-allow-origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 447 KB
110 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/common.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e798fcf12c76cea27aea6ec070143109f569c9528a81b148bbd8bd4ad86b16f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"1a19ae2ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006960
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 112097
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF00006960
X-MSEdge-Ref: Ref A: 35ABB4A96F7741D1B8C190A14B829A47 Ref B: AM3EDGE0220 Ref C: 2022-01-21T13:59:57Z
X-UserSessionId: 02bd38ee-486d-4728-adae-b59c36e822f2
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 02bd38ee-486d-4728-adae-b59c36e822f2
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-ribbon-intl.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/ Frame 6634 213 KB
39 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/onenote-ribbon-intl.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dca86a142c821909b58c7e435b559497a02cfaab44723e91eb46191180bf95f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"9e9f86d4dfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 39216
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 15:59:11 GMT
X-OFFICEFD: AM4PEPF0000695B
X-MSEdge-Ref: Ref A: 00CE78075183444E991AC64DFE5DE35D Ref B: AMS04EDGE1320 Ref C: 2022-01-21T15:59:11Z
X-UserSessionId: b9444e55-5766-40bc-b02f-bd8b56de1428
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b9444e55-5766-40bc-b02f-bd8b56de1428
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-intl-mlr.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/ Frame 6634 122 KB
23 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/onenote-intl-mlr.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ee78e059b5e2167d6281292f800f3c491a6e2218b70a1bb17566bacd5a8f1232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c615d2ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006022
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 22050
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF00006022
X-MSEdge-Ref: Ref A: A9AD2579438243028510B4DDFDCDC37A Ref B: AM3EDGE0418 Ref C: 2022-01-21T13:59:57Z
X-UserSessionId: eab98897-3fa1-494a-a83c-4442ead325e1
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: eab98897-3fa1-494a-a83c-4442ead325e1
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChrome.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 753 KB
140 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appChrome.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0d12672a2e37ec88b333b164319192ffe4a06565d2b7a67b4e1da5a9639f28e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"9e913183cfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 142000
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 14:02:22 GMT
X-OFFICEFD: AM4PEPF00006B53
X-MSEdge-Ref: Ref A: E363BFCD67D546DD9F7E2686D27807AE Ref B: AM3EDGE0809 Ref C: 2022-01-21T14:02:22Z
X-UserSessionId: d53476fa-b881-461c-9dc1-c81c802c8c49
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d53476fa-b881-461c-9dc1-c81c802c8c49
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui.woff
c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/ Frame 6634 22 KB
23 KB 8ms
7ms Font
font/x-woff 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/segoeui.woff

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/OneNote.Refresh.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-onenote-15.cdn.office.net/o/s/h03BB8ABC1B9A5DCE_resources/1031/OneNote.Refresh.css
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"a4f8cfd95dd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Thu, 20 Jan 2022 00:31:24 GMT
X-OFFICEFD: AM4PEPF0000695F
X-MSEdge-Ref: Ref A: 6DEA42190E004175A15F8690620F583E Ref B: AM3EDGE0619 Ref C: 2022-01-20T00:31:23Z
X-UserSessionId: 47b0019f-9d47-4f51-9e1d-b9a050426a7f
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 47b0019f-9d47-4f51-9e1d-b9a050426a7f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 40 KB
8 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "80f7a9a1e5ed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6762
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 16:40:43 GMT
X-OFFICEFD: AM4PEPF0000695B
X-MSEdge-Ref: Ref A: 898267402A554E4DA52960A1158153E1 Ref B: AMS04EDGE1518 Ref C: 2022-01-21T18:39:50Z
X-UserSessionId: c8d5f31b-2956-47bf-b34f-ea68c52b2b17
Date: Fri, 28 Jan 2022 03:20:21 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c8d5f31b-2956-47bf-b34f-ea68c52b2b17
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 OneNoteS2SHandler.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 189 B
566 B 241ms
241ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A%21186&access_token=4w6yqxzFXwrIQ7AbW%2Ddx%2DvsTleVQUIum11o3UFU%5FuQUVVYCMRhhbwAUqrBxbB8fGFoKurGsOCiIV4Rr0jY6FAfPbIYpfoVzUzjHn7xuPhGUJJ6Hish5evBRHmw9czqdH7XEdCGDb4l1UGfnUeSIhojPg&access_token_ttl=1645154419130

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006022
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14920.41026
X-Key: jFqYbc+IiIykTu6OF/ZhX2bdO2D2Z51huEKfr8yMzbA=,637789368201970284
X-WacUserAgent: MSWACONSync
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-IsCoauthSession: false
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006B53
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c06f4394-3386-4737-bbc7-f4780a409b37
x-officefd: AM4PEPF00006B53
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:21 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 96782C31D31D4258B9AE2C83E4F92507 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:21Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK onenote-navpane-strings.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/ Frame 6634 8 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/onenote-navpane-strings.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8768a067a00a018f8d4b5ad39bbc26ddcfb860bd3191ff8dbaf5f08d9f937a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7f68772ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2189
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF00006B53
X-MSEdge-Ref: Ref A: DD6CEF6260DC42B697E95A6A5BF9DF2C Ref B: AM3EDGE1019 Ref C: 2022-01-21T13:59:57Z
X-UserSessionId: 1b312eee-85b1-4dd4-a158-6643add638bc
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1b312eee-85b1-4dd4-a158-6643add638bc
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/ Frame 6634 6 KB
7 KB 8ms
8ms Image
image/png 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/wapsw.png?b=1601492041026

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"24ae9ac2e210d81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 24 Jan 2022 05:25:12 GMT
X-OFFICEFD: AM4PEPF0000695C
X-MSEdge-Ref: Ref A: 134BD0D251AD4C6DBA53471ADD959CCB Ref B: AMS04EDGE2006 Ref C: 2022-01-24T05:25:12Z
X-UserSessionId: b89b154a-b672-4713-8cf2-fd160cda4edf
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: b89b154a-b672-4713-8cf2-fd160cda4edf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/ Frame 6634 695 B
2 KB 7ms
7ms Image
image/gif 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "6dad9945d4ed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 14:36:27 GMT
X-OFFICEFD: AM4PEPF0000695C
X-MSEdge-Ref: Ref A: 9371E4E7A4944510AEE70F986E6AC0CC Ref B: AM3EDGE1005 Ref C: 2022-01-23T12:55:43Z
X-UserSessionId: cabbee69-2e29-4657-b9e7-c8ae6c490a32
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: cabbee69-2e29-4657-b9e7-c8ae6c490a32
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK box42.png
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/ Frame 6634 6 KB
7 KB 15ms
7ms Image
image/png 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/box42.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abc0fa95b72f082cf4fbb18267cdbd282f2909b65b1b479d7f339db41769946e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "24e98c17dbed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6336
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 15:25:16 GMT
X-OFFICEFD: AM4PEPF00006B53
X-MSEdge-Ref: Ref A: FBC9BC9C296D44E382B6119BBC1B3F3B Ref B: AMS04EDGE2319 Ref C: 2022-01-21T15:59:11Z
X-UserSessionId: ce7ac945-29fa-4c1b-b08f-5fc529fa72ff
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: ce7ac945-29fa-4c1b-b08f-5fc529fa72ff
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 132898a7-6265-4664-8ff6-1661c7da1139
https://onenote.officeapps.live.com/ Frame 6634 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onenote.officeapps.live.com/132898a7-6265-4664-8ff6-1661c7da1139
Requested by: Host: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1673199cf3769fde163a97497d9cfb89a043e58f5244a271d611bce675ddf1a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H/1.1 200
OK box43.png
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/ Frame 6634 2 KB
3 KB 8ms
7ms Image
image/png 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/box43.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7ad89a907bfe47019d905b92d0c203082aa75852d39b480e6fbe1718a8ea3647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"e61d242890fd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006959
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1922
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sat, 22 Jan 2022 13:01:23 GMT
X-OFFICEFD: AM4PEPF00006959
X-MSEdge-Ref: Ref A: 00BCD56CE39546EE8E10D21B6E17966F Ref B: AM3EDGE0417 Ref C: 2022-01-22T13:01:23Z
X-UserSessionId: 9d963e56-69bb-4732-a4b8-cc303962418e
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 9d963e56-69bb-4732-a4b8-cc303962418e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK navigation.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 438 KB
103 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

47553c93658ba4327fa35f33cb93b966240c425db79fa7104180e229efb02213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "a843a62ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B55
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 104437
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF00006B55
X-UserSessionId: de107dcb-e37a-45b1-919a-4d31f76f8c7b
Date: Fri, 28 Jan 2022 03:20:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: de107dcb-e37a-45b1-919a-4d31f76f8c7b
Accept-Ranges: bytes
Timing-Allow-Origin: *

OPTIONS
H2 204 config16
officeclient.microsoft.com/ Frame 0
0 272ms
21ms Preflight 52.109.32.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.ResourceService4Hidden&services=ResourceServiceEndpoint2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.32.63 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-office-application,x-office-platform,x-office-version
Origin: https://onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
vary: Origin
server: Microsoft-IIS/10.0
x-correlationid: 5e28d60a-03dd-448e-becb-26269471f336
x-officefe: ConfigFE_IN_1
x-officeversion: 16.0.14923.30525
x-officecluster: ukw-config.officeapps.live.com
x-content-type-options: nosniff
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-allow-headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,X-Ms-Diagnostics,odata-version,X-Office-AudienceGroup,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext,X-Office-IncrementalSync,SOAPAction,SubstrateBearer
access-control-expose-headers: X-CorrelationId,X-Ms-Diagnostics,X-OfficeCluster,Retry-After
timing-allow-origin: https://onenote.officeapps.live.com
access-control-allow-methods: GET, OPTIONS
access-control-max-age: 600
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 28 Jan 2022 03:20:22 GMT

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
432 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":2450,"Value":"Get cells response received:200","Type":"BootLogs"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006956
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f9856299-4500-4364-b280-d3b44003247d
x-officefd: AM4PEPF00006956
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:22 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A75A298C761A47418149321D019028FE Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:22Z
timing-allow-origin: *

GET
H/1.1 200
OK progress.gif
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/ Frame 6634 695 B
2 KB 9ms
9ms Image
image/gif 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/progress.gif

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "6dad9945d4ed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 14:36:27 GMT
X-OFFICEFD: AM4PEPF0000695C
X-MSEdge-Ref: Ref A: 9371E4E7A4944510AEE70F986E6AC0CC Ref B: AM3EDGE1005 Ref C: 2022-01-23T12:55:43Z
X-UserSessionId: cabbee69-2e29-4657-b9e7-c8ae6c490a32
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: cabbee69-2e29-4657-b9e7-c8ae6c490a32
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 config16 Show response
officeclient.microsoft.com/ Frame 6634 273 B
434 B 31ms
31ms XHR
application/xml 52.109.32.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://officeclient.microsoft.com/config16?flights=Client.ResourceService4Hidden&services=ResourceServiceEndpoint2

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.32.63 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd8480e9cf2dd634e33b7302f4d9761dd95e941844ed84494d38906f7b112c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-Office-Application: 132
Accept: application/xml
X-Office-Platform: Web
Referer: https://onenote.officeapps.live.com/
X-Office-Version: 16.0.14920.41026

Response headers

date: Fri, 28 Jan 2022 03:20:22 GMT
x-content-type-options: nosniff
x-officecluster: ukw-config.officeapps.live.com
x-aspnet-version: 4.0.30319
x-officeversion: 16.0.14923.30525
x-officefe: ConfigFE_IN_1
x-office-cachecleardate: 2009-01-01T00:00:00
content-length: 273
server: Microsoft-IIS/10.0
x-correlationid: 6e13f1f6-02af-44b2-a8e7-11c8c4d38a6d
x-office-cacheduration: 1440
x-powered-by: ASP.NET
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-CorrelationId,X-Ms-Diagnostics,X-OfficeCluster,Retry-After
cache-control: private, max-age=86400
timing-allow-origin: https://onenote.officeapps.live.com
access-control-allow-headers: Accept,Authorization,Content-Type,X-IDCRL_ACCEPTED,X-Ms-Diagnostics,odata-version,X-Office-AudienceGroup,X-Office-Application,X-Office-Platform,X-Office-UserType,X-Office-Version,Origin,X-CorrelationId,X-WOPI-SessionContext,X-Office-IncrementalSync,SOAPAction,SubstrateBearer

GET
H/1.1 200
OK ColumnSelect.cur
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/ Frame 6634 2 KB
3 KB 11ms
11ms Image
application/octet-stream 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/ColumnSelect.cur

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a9eb9d74ca2a1d3046ac2cb018629c9c1dc4f18433dc6def6ea8ae5e9d860c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "7d3e72757ffd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B54
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2238
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sat, 22 Jan 2022 11:01:51 GMT
X-OFFICEFD: AM4PEPF00006B54
X-MSEdge-Ref: Ref A: 7E884B3FAC4A4E33BBF8384E90C9C35D Ref B: AM3EDGE0709 Ref C: 2022-01-24T04:48:49Z
X-UserSessionId: a9ed4435-327e-40bc-90cd-b933311d5a5f
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CorrelationId: a9ed4435-327e-40bc-90cd-b933311d5a5f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Blank10x10.gif
c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/1031/ Frame 6634 49 B
1 KB 9ms
9ms Image
image/gif 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/1031/Blank10x10.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "8890617b7fcd81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 49
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 18 Jan 2022 15:24:27 GMT
X-OFFICEFD: AM4PEPF00006B53
X-MSEdge-Ref: Ref A: 1610F79A0654485F87B1AFED5E436E80 Ref B: AMS04EDGE1108 Ref C: 2022-01-19T13:25:45Z
X-UserSessionId: 4aad1b6d-1752-4ee6-8901-66ea69880434
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 4aad1b6d-1752-4ee6-8901-66ea69880434
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK one.png
c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/ Frame 6634 50 KB
51 KB 8ms
7ms Image
image/png 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_resources/1031/m2/one.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0900b8e31fe464fc334f329dd188809413ac8eac9dc815a8d1312014af7bef85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"5ad8c2ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 51067
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF0000695D
X-UserSessionId: 851b2018-9f09-4237-8834-93f0bc06c197
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 851b2018-9f09-4237-8834-93f0bc06c197
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
287 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":5,"MsSinceStart":2452,"Value":"Launching FastView from entry point WacBootGetCells","Type":"BootLogs"},{"Index":6,"MsSinceStart":2454,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006961
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2a8a5895-82af-484e-9f91-abc2b9f66fe8
x-officefd: AM4PEPF00006961
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:22 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7D34E121281E4AA0AE9B158E10FB6A7C Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:23Z
timing-allow-origin: *

GET GetImage.ashx
onenote.officeapps.live.com/o/ Frame 6634 0
0

GET
H2 200 GetImage.ashx
onenote.officeapps.live.com/o/ Frame 6634 1 KB
2 KB 706ms
706ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC77FC9D1A9B8CE9A%21188&access_token=4w36MRYx6YA%2DuNPrluBj9XR%2DyhBwL2Jpd0qmhz%2D5xceUmO3W2fOK%2Dmg0uW%5FykSykMdIRyex4J9%2DrAeM3Z%2DKpyHpSZKaPZZTU1QxX2wxMP%2DmL%5FMXjj3er1ef3FjdR18KnPOIcMiUHem8WXAHMTfSWJrGg&access_token_ttl=1645154419130&ObjectDataBlobId=%7B75069d20-2776-40c3-a5c3-f3f3223a4213%7D%7B1%7D&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&build=16.0.14920.41026&waccluster=PNL1&wdwacuseragent=MSWACONSync&DataUrlEnabled=true

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006022
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14920.41026
X-Key: jFqYbc+IiIykTu6OF/ZhX2bdO2D2Z51huEKfr8yMzbA=,637789368201970284
X-WacUserAgent: MSWACONSync
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-IsCoauthSession: true
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006022
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 944
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC77FC9D1A9B8CE9A%21188&access_token=4w36MRYx6YA%2DuNPrluBj9XR%2DyhBwL2Jpd0qmhz%2D5xceUmO3W2fOK%2Dmg0uW%5FykSykMdIRyex4J9%2DrAeM3Z%2DKpyHpSZKaPZZTU1QxX2wxMP%2DmL%5FMXjj3er1ef3FjdR18KnPOIcMiUHem8WXAHMTfSWJrGg&access_token_ttl=1645154419130{75069d20-2776-40c3-a5c3-f3f3223a4213}{1}"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4be21a4c-1818-4139-bd86-e5c86f772636
x-officefd: AM4PEPF00006022
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:23 GMT
x-download-options: noopen
content-type: text/plain; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 9C90E0B5C1914E0D821094A28C9D0EE4 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:23Z
timing-allow-origin: *
expires: Sat, 28 Jan 2023 03:20:23 GMT

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
221 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-BrowserUlsBeacon: [{"Index":7,"MsSinceStart":2840,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006B54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 388ffc0c-b99f-474b-b60f-f90c6717abd9
x-officefd: AM4PEPF00006B54
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:23 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 98EA2B2447F14C9081558DF0F3F3901A Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:23Z
timing-allow-origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/Feedback/latest/ Frame 6634 504 KB
97 KB 14ms
13ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

561c5ed544f49622b3a48ce24fc6cb4b9a7158491feecc79f349e017ba9aaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a57c962ccfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B52
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 98333
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:57 GMT
X-OFFICEFD: AM4PEPF00006B52
X-UserSessionId: 1fb02d84-daf7-48fa-9fec-402039f5a497
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1fb02d84-daf7-48fa-9fec-402039f5a497
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenote-ribbon-sprite-lazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/ Frame 6634 349 KB
43 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/onenote-ribbon-sprite-lazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd123e94a53fd8ee024bb9cb5b250ab3f10fd3da5c1771f566ace9207861082a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"65bb25d5dfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B53
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 42908
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 15:59:12 GMT
X-OFFICEFD: AM4PEPF00006B53
X-MSEdge-Ref: Ref A: 8F49D3CA03634AB09E163BC1D233E59E Ref B: AMS04EDGE1116 Ref C: 2022-01-21T15:59:12Z
X-UserSessionId: d3c47e0a-958d-4d4d-9636-5edaa53db229
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d3c47e0a-958d-4d4d-9636-5edaa53db229
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common50.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 1 MB
274 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/common50.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f1daff3668a665094dc4e0bed16f9376047dd0f3bb09c1e52b85cd76c3663e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"bbb93e2dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006962
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 279354
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:58 GMT
X-OFFICEFD: AM4PEPF00006962
X-MSEdge-Ref: Ref A: F1D555E8B871488B8C8837895C5E0A2B Ref B: AMS04EDGE1520 Ref C: 2022-01-21T13:59:58Z
X-UserSessionId: 0fc881ee-3f2f-4204-bdf6-1d375dca7932
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 0fc881ee-3f2f-4204-bdf6-1d375dca7932
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChromeLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 511 KB
113 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e9c9db2e04e7d7972e927bdeffd7beb39fe57b85bbe68879051d21f6538e7b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"1f3d3c2dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006961
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 114585
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:58 GMT
X-OFFICEFD: AM4PEPF00006961
X-MSEdge-Ref: Ref A: 735DB19EFB724E4E8DDF4D9762A48E23 Ref B: AM3EDGE0111 Ref C: 2022-01-21T13:59:58Z
X-UserSessionId: 66854505-d41c-457a-9710-70c7138538c8
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 66854505-d41c-457a-9710-70c7138538c8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appIconsLazy.min.js Show response
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 285 KB
62 KB 15ms
14ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appIconsLazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/appChrome.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2ded9490db9957e1784a66877d9e76e8940a33f21bcae92c2be7d0d41a8ca9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c37d362dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006021
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 62430
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:58 GMT
X-OFFICEFD: AM4PEPF00006021
X-UserSessionId: 652b98d5-3b1c-4c54-a22f-3159900fec85
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 652b98d5-3b1c-4c54-a22f-3159900fec85
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 6634 31 KB
32 KB 158ms
14ms Font
application/font-woff2 95.100.128.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.128.157 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 353bf99c-101e-0050-5e70-4d447d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=9469315
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 6634 35 KB
36 KB 145ms
29ms Font
application/font-woff2 95.100.128.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.128.157 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 0fb99425-901e-0013-7570-4da221000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=9469254
x-ms-version: 2009-09-19
content-length: 36344

POST
H2 200 RemoteTelemetry.ashx
onenote.officeapps.live.com/o/ 0
207 B 20ms
20ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteTelemetry.ashx

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/onenote-boot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000695E
x-officeversion: 16.0.14920.41026
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 09546264-b583-4b3e-a489-0cf8ba3fc282
x-officecluster: PNL1
x-usersessionid: 09546264-b583-4b3e-a489-0cf8ba3fc282
date: Fri, 28 Jan 2022 03:20:23 GMT
x-download-options: noopen
access-control-allow-origin: https://onedrive.live.com
cache-control: private
x-msedge-ref: Ref A: A56CDA26BAAD4DE08A7A8F420DC2D1DC Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:23Z
timing-allow-origin: *
x-officefe: AM4PEPF0000695E

POST
H2 200 RemoteUls.ashx Show response
onenote.officeapps.live.com/o/ Frame 6634 0
337 B 32ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.14920.41026&waccluster=PNL1

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00006022
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14920.41026
X-Key: jFqYbc+IiIykTu6OF/ZhX2bdO2D2Z51huEKfr8yMzbA=,637789368201970284
X-WacUserAgent: MSWACONSync
X-bULS-SuppressionETag: AB3F3391A0DFB145DF5D96111E19716E2381DD2B
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4w6yqxzFXwrIQ7AbW-dx-vsTleVQUIum11o3UFU_uQUVVYCMRhhbwAUqrBxbB8fGFoKurGsOCiIV4Rr0jY6FAfPbIYpfoVzUzjHn7xuPhGUJJ6Hish5evBRHmw9czqdH7XEdCGDb4l1UGfnUeSIhojPg
X-AccessTokenTtl: 1645154419130
X-UserSessionId: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=de-DE&rs=en-US&hid=AtuSI2SSUEGaY5LB4BCsiQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FC77FC9D1A9B8CE9A!186&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1643340017295&jsapi=1&jsapiver=v1&newsession=1&corrid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserType: WOPI
X-IsCoauthSession: true
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14920.41026
x-officefe: AM4PEPF00006B53
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: AB3F3391A0DFB145DF5D96111E19716E2381DD2B
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c9f79c3a-4139-4a37-a082-111dbd8a12ab
x-officefd: AM4PEPF00006B53
x-usersessionid: 9d243bc6-e2c4-442b-9625-d1e59d28e99e
date: Fri, 28 Jan 2022 03:20:23 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C5A31C95BDA842EE814B228F3F43B0A3 Ref B: AM3EDGE1016 Ref C: 2022-01-28T03:20:23Z
timing-allow-origin: *

GET
H/1.1 200
OK listAll.json
fs.microsoft.com/fs/4.17/ Frame 6634 371 KB
50 KB 273ms
7ms XHR
application/octet-stream 2.18.232.120

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.17/listAll.json
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 18:12:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "eed9e1844977d71:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=239415
Content-Length: 51201
Content-Disposition: attachment; filename=listAll.json
Connection: keep-alive
Accept-Ranges: bytes
X-CID: 2

POST
H2 200 RemoteUls.ashx
onenote.officeapps.live.com/o/ 0
0 26ms
26ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&officeserverversion=16.0.14920.41026
Requested by: Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hF63DA5F88DB88167_App_Scripts/onenote-boot.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://onedrive.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 141ms
18ms XHR
application/json 20.50.201.195

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.201.195 -, , ASN (),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 03:20:23 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 119
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 jquery-1.7.2-39eeb07e.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 92 KB
33 KB 52ms
15ms Script
application/javascript 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437EC0696D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bc28ceb7-701e-0034-30f3-c1b5e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279708
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-ff051758.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 337 KB
103 KB 54ms
18ms Script
application/javascript 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac_s_office-ff051758.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
content-encoding: gzip
content-md5: /wUXWPs2boNAV7GJJoVaSg==
content-length: 104834
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4385DEFF32
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e29753db-101e-006f-6df3-c18cde000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279677
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK OneNoteDS.box4.dll1.js
c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/ Frame 6634 2 MB
454 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDS.box4.dll1.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/hCC787C190F40C7AA_App_Scripts/OneNoteDs.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c32fb372d0ed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006956
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 464476
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 14:09:04 GMT
X-OFFICEFD: AM4PEPF00006956
X-UserSessionId: eeb72521-94dd-4a7b-bd8f-bba5dc29f131
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: eeb72521-94dd-4a7b-bd8f-bba5dc29f131
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 latest.woff2
www.microsoft.com/fonts/segoe-ui/west-european/normal/ Frame 6634 33 KB
34 KB 125ms
39ms Font
font/woff2 2a02:26f0:6b:5ba::356e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6b:5ba::356e -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:20:23 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
x-rtag: RT
etag: "588d483e9c7d51:0"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://onenote.officeapps.live.com
tls_version: tls1.3
cache-control: public, max-age=831250
accept-ranges: bytes
content-length: 34052

GET
H/1.1 200
OK oreonavpane.min.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 219 KB
45 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/oreonavpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"eab68a2dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 45445
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 13:59:59 GMT
X-OFFICEFD: AM4PEPF0000695C
X-UserSessionId: e398be76-45e0-4e8f-8eee-55e7c477bf52
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e398be76-45e0-4e8f-8eee-55e7c477bf52
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreolazy.min.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 60 KB
15 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/oreolazy.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"11fbf183cfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006B54
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14149
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 14:02:24 GMT
X-OFFICEFD: AM4PEPF00006B54
X-MSEdge-Ref: Ref A: 7BA562ADE2DC49FFB467FF41A68A11F0 Ref B: AM3EDGE0707 Ref C: 2022-01-21T14:02:24Z
X-UserSessionId: e0604857-e9d0-4f23-ad93-a9f53fb2b105
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e0604857-e9d0-4f23-ad93-a9f53fb2b105
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK onenoteloadingspinner.min.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 17 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/onenoteloadingspinner.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"58cb1a84cfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1555
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 21 Jan 2022 14:02:24 GMT
X-OFFICEFD: AM4PEPF0000695E
X-UserSessionId: fc729220-69eb-4cee-b2fd-1213f5ea4ff0
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: fc729220-69eb-4cee-b2fd-1213f5ea4ff0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreonotebookpane.min.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 3 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/oreonotebookpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"589fe52dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF00006962
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1059
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:59 GMT
X-OFFICEFD: AM4PEPF00006962
X-MSEdge-Ref: Ref A: 98AF0FBDD68E4727A3AF4CE3935F1C31 Ref B: AM3EDGE0819 Ref C: 2022-01-21T13:59:59Z
X-UserSessionId: a74d6154-2cd7-4971-b00c-7e5727ce5146
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a74d6154-2cd7-4971-b00c-7e5727ce5146
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK oreosearchpane.min.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 58 KB
16 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2bc::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/oreosearchpane.min.js

Requested by

Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/navigation.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"4deee22dcfed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14911.41007
X-OfficeFE: AM4PEPF0000695C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 15401
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 21 Jan 2022 13:59:59 GMT
X-OFFICEFD: AM4PEPF0000695C
X-MSEdge-Ref: Ref A: EA8CD70B27FB45BE9B016B70B851AB3C Ref B: AM3EDGE1015 Ref C: 2022-01-21T13:59:59Z
X-UserSessionId: 1f8d1bcf-80ee-499c-a5c8-c3cd209ab8d0
Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1f8d1bcf-80ee-499c-a5c8-c3cd209ab8d0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 6634 899 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 wac2-bf8b3319.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 310 KB
107 KB 16ms
15ms Script
application/javascript 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
content-encoding: gzip
content-md5: v4szGe0O1pyqsqnSLW8nTQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 109104
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4385D64B0E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e297626b-101e-006f-20f3-c18cde000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279688
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac0-efa56458.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 15 KB
0 18ms
18ms Script
application/javascript 104.97.15.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=C77FC9D1A9B8CE9A!186&wdo=2&authkey=!AAhLgmDCkBkx1Ew
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 104.97.15.50 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-97-15-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Jan 2022 03:20:23 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F43857098E0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 381a701a-601e-0028-51f3-c1e785000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22279668
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET wac1-cdc297b4.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 0
0

GET
H/1.1 200
OK 36796050726
fs.microsoft.com/fs/4.17/rawguids/ Frame 6634 128 KB
0 13ms
13ms Font
application/octet-stream 2.18.232.120

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.17/rawguids/36796050726
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9357a7dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=219119
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=36796050726
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.17/rawguids/ Frame 6634 128 KB
0 14ms
14ms Font
application/octet-stream 2.18.232.120

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.17/rawguids/44327025345
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 03:20:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=241956
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
DATA 200
OK truncated
/ Frame 6634 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onenote.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6634 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://onenote.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/font-woff

GET OneNoteSimplified.Wac.TellMeModel.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/ Frame 6634 0
0

GET OneNoteSimplified.Wac.TellMeSuggestionModel.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 0
0

GET osfruntime_ono.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 0
0

GET OfficeExtension.WacRuntime.js
c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/ Frame 6634 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onenote.officeapps.live.com
URL: https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC77FC9D1A9B8CE9A%21188&access_token=4w36MRYx6YA%2DuNPrluBj9XR%2DyhBwL2Jpd0qmhz%2D5xceUmO3W2fOK%2Dmg0uW%5FykSykMdIRyex4J9%2DrAeM3Z%2DKpyHpSZKaPZZTU1QxX2wxMP%2DmL%5FMXjj3er1ef3FjdR18KnPOIcMiUHem8WXAHMTfSWJrGg&access_token_ttl=1645154419130&ObjectDataBlobId=%7B5ffe9309-fdae-4f90-877e-581047bb3a60%7D%7B1%7D&usid=9d243bc6-e2c4-442b-9625-d1e59d28e99e&build=16.0.14920.41026&waccluster=PNL1&wdwacuseragent=MSWACONSync&DataUrlEnabled=true

Domain: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac1-cdc297b4.js

Domain: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/1031/OneNoteSimplified.Wac.TellMeModel.js

Domain: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js

Domain: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/osfruntime_ono.js

Domain: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/161492041026_App_Scripts/OfficeExtension.WacRuntime.js

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: xid Value: ed2a2789-621c-4d25-869f-3b56e03cde04&&RD0003FF9C195C&60
.live.com/	1970-01-20 00:39:04	Name: wla42 Value:
.live.com/	1970-01-20 09:14:24	Name: mkt Value: de-DE
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1969-12-31 23:59:59	Name: E Value: P:imLZHA3i2Yg=:YYSpfIfFur34WIggtYCrwBGWncf96D5LJZe6fMBOsJM=:F
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: 8e39a3d6-e50c-ae7f-8d7b-7b4bc0bb4fa3
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1643340019694
onenote.officeapps.live.com/	1970-01-20 02:38:32	Name: DcLcid Value: ui=1031&data=1033
onenote.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.pipe.aria.microsoft.com
c1-onenote-15.cdn.office.net
fs.microsoft.com
officeclient.microsoft.com
onedrive.live.com
onenote.officeapps.live.com
p.sfx.ms
spoprod-a.akamaihd.net
static2.sharepointonline.com
www.microsoft.com
c1-onenote-15.cdn.office.net
onenote.officeapps.live.com
spoprod-a.akamaihd.net
104.97.15.50
13.107.42.13
13.95.147.73
2.18.232.120
20.50.201.195
2620:1ec:a92::171
2a02:26f0:6b:5ba::356e
2a02:26f0:6c00:2bc::4b36
52.109.32.63
95.100.128.157
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
03bb8abc1b9a5dce76172346223fd8a4d1e50b79ff2f4b66e5a5fe2d3ed7baa2
07757bd4a5ab7d19c20024fbdf533333d1d83554c3508ec675b621f8dbdd1306
0900b8e31fe464fc334f329dd188809413ac8eac9dc815a8d1312014af7bef85
0d12672a2e37ec88b333b164319192ffe4a06565d2b7a67b4e1da5a9639f28e4
1673199cf3769fde163a97497d9cfb89a043e58f5244a271d611bce675ddf1a7
18e28f7de99d5044500b5387f3573e3d93dbcbe9ce8482566a8319fb38184b73
1fe1fa7539a14d68af48ad61158f31c091081513d947f3f5355ba47b1f4bcf1f
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2b1d9fe56d0d16efbd138732b8e643af63654c9e7e7028a8cc8b04fb6e3e1456
2ded9490db9957e1784a66877d9e76e8940a33f21bcae92c2be7d0d41a8ca9b1
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
47553c93658ba4327fa35f33cb93b966240c425db79fa7104180e229efb02213
561c5ed544f49622b3a48ce24fc6cb4b9a7158491feecc79f349e017ba9aaecb
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
7ad89a907bfe47019d905b92d0c203082aa75852d39b480e6fbe1718a8ea3647
816a0f42a2bf473213a47be1dde62215811d54af1151a1e9916dc215df6ec776
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
8768a067a00a018f8d4b5ad39bbc26ddcfb860bd3191ff8dbaf5f08d9f937a39
8ca3f46e61178d11a9164a68307e1ecddc9491f0fe127c2237df29e2fe82bdbd
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9a1cf22d2108253c60c208c45806490113961b70bd8a57ba6505a156bd097c5b
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a9eb9d74ca2a1d3046ac2cb018629c9c1dc4f18433dc6def6ea8ae5e9d860c18
abc0fa95b72f082cf4fbb18267cdbd282f2909b65b1b479d7f339db41769946e
b0ea6bc914fb09cae9ad487597c1bb2c80fdd9bf91e2b517c525110611876e1b
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
cc787c190f40c7aa026ef13835cfb01e2ed2683379bad9d994a02dcf7b3552f1
cd123e94a53fd8ee024bb9cb5b250ab3f10fd3da5c1771f566ace9207861082a
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
da9483e47a8473bebadc4460b608d9ef05aadc54cbde21fb10c62019647346ea
dca86a142c821909b58c7e435b559497a02cfaab44723e91eb46191180bf95f7
dd8480e9cf2dd634e33b7302f4d9761dd95e941844ed84494d38906f7b112c8a
e32e11cdb2898d51b5d1301ff66ca30d6991762856eb40448a5651bb39fc0fd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
e798fcf12c76cea27aea6ec070143109f569c9528a81b148bbd8bd4ad86b16f3
e95065fcdf5dc596d9ead4ee0a30cfe849a54e9e3dc2acd6c8e1ee9ecda37644
e9c9db2e04e7d7972e927bdeffd7beb39fe57b85bbe68879051d21f6538e7b7b
ee78e059b5e2167d6281292f800f3c491a6e2218b70a1bb17566bacd5a8f1232
efabce8e84e323a0018d2c45fd7ce9960f17a71c15222075e2f131a2540cdd75
f1daff3668a665094dc4e0bed16f9376047dd0f3bb09c1e52b85cd76c3663e2b
f63da5f88db88167fa69dabf0d482d4fb5a15e209b4daa7c7378d49dd1359713
ffa41f782789935736960eef352dcc60a41b2d073f1dd3afa85816e01452643b

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

92 %HTTPS

30 %IPv6

6 Domains

10 Subdomains

11 IPs

4 Countries

3340 kBTransfer

14882 kBSize

9 Cookies

1 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

92 %
HTTPS

30 %
IPv6

6
Domains

10
Subdomains

11
IPs

4
Countries

3340 kB
Transfer

14882 kB
Size

9
Cookies

85 HTTP transactions
3 data transactions