Submitted URL: http://onenote.new/
Effective URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Submission: On May 18 via manual from US

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 39 HTTP transactions. The main IP is 52.109.88.2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com.
TLS certificate: Issued by Microsoft IT TLS CA 4 on February 4th 2020. Valid for: 2 years.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.76.4.15 8075 (MICROSOFT...)
1 6 52.109.88.2 8075 (MICROSOFT...)
2 152.199.19.160 15133 (EDGECAST)
25 23.37.58.89 16625 (AKAMAI-AS)
1 40.90.23.153 8075 (MICROSOFT...)
1 20.190.129.160 8075 (MICROSOFT...)
2 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 52.109.76.5 8075 (MICROSOFT...)
39 8
Domain Requested by
25 site-cdn.onenote.net www.onenote.com
6 www.onenote.com 1 redirects site-cdn.onenote.net
2 uhf.microsoft.com www.onenote.com
2 ajax.aspnetcdn.com www.onenote.com
1 odc.officeapps.live.com site-cdn.onenote.net
1 login.microsoftonline.com site-cdn.onenote.net
1 login.live.com site-cdn.onenote.net
1 onenote.new 1 redirects
39 8
Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft IT TLS CA 4
2020-02-04 -
2022-02-04
2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2020-03-18 -
2022-03-18
2 years crt.sh
site-cdn.onenote.net
Microsoft IT TLS CA 4
2020-03-09 -
2022-03-09
2 years crt.sh
login.live.com
Microsoft IT TLS CA 1
2019-11-05 -
2021-11-05
2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 1
2020-05-11 -
2022-05-11
2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5
2019-04-30 -
2021-04-30
2 years crt.sh
odc.officeapps.live.com
Microsoft IT TLS CA 5
2020-03-09 -
2022-03-09
2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Frame ID: AB8882BF202285619033BFA7AC92C026
Requests: 36 HTTP requests in this frame

Frame: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=1&nf=1
Frame ID: AF38547F2095FAE24A559131F03480E0
Requests: 1 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Frame ID: 2EE5BC3AE7EABCDC1BCB9784B796D94C
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: 36F80A26822B83127064662309BB262C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://onenote.new/ HTTP 307
    https://onenote.new/ HTTP 301
    https://www.onenote.com/notebooks?ms.url=onenote.new HTTP 302
    https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true Page URL
  2. https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks Page URL

Page Statistics

39
Requests

95 %
HTTPS

13 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

259 kB
Transfer

853 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onenote.new/ HTTP 307
    https://onenote.new/ HTTP 301
    https://www.onenote.com/notebooks?ms.url=onenote.new HTTP 302
    https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true Page URL
  2. https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://onenote.new/ HTTP 307
  • https://onenote.new/ HTTP 301
  • https://www.onenote.com/notebooks?ms.url=onenote.new HTTP 302
  • https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
signin
www.onenote.com/
Redirect Chain
  • http://onenote.new/
  • https://onenote.new/
  • https://www.onenote.com/notebooks?ms.url=onenote.new
  • https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
21 KB
3 KB
Document
General
Full URL
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
21efb3b69755b40c078886ceabc2ad5567fd03b935674af36dd16c27060a1f5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.skype.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.onenote.com
:scheme
https
:path
/signin?wdorigin=ondcnotebooks&showHrd=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Treatment1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-routingsessionid
35d72253-559c-4c79-8366-25f910e0593f
x-routingcorrelationid
a87ec074-7733-48ad-a5fc-6be6ed5f7b8f
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Treatment1; expires=Wed, 18-May-2022 21:48:38 GMT; path=/; secure; HttpOnly AuthSess=06383a4c-e2e9-47a1-86a1-e90507465829; domain=www.onenote.com; path=/; samesite=none; secure; HttpOnly AADNonce=e064a935-e31e-4aa0-9e9d-7dc5b7d655be.637254353180461651; domain=onenote.com; path=/; samesite=none; secure; HttpOnly
x-correlationid
a87ec074-7733-48ad-a5fc-6be6ed5f7b8f
x-usersessionid
35d72253-559c-4c79-8366-25f910e0593f
x-officefe
SiteFrontEnd_IN_2
x-officeversion
16.0.12913.31559
x-officecluster
weu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.skype.com
x-xss-protection
1; mode=block
x-content-type-options
nosniff nosniff
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 18 May 2020 21:48:37 GMT
content-length
3020

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
location
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-routingsessionid
20052053-592d-4c05-9e60-a6d1004de06c
x-routingcorrelationid
44500b73-a75c-4c8f-8aaf-ef715259e283
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Treatment1; expires=Wed, 18-May-2022 21:48:37 GMT; path=/; secure; HttpOnly
x-correlationid
44500b73-a75c-4c8f-8aaf-ef715259e283
x-usersessionid
20052053-592d-4c05-9e60-a6d1004de06c
x-officefe
SiteFrontEnd_IN_3
x-officeversion
16.0.12913.31559
x-officecluster
weu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.skype.com
x-xss-protection
1; mode=block
x-content-type-options
nosniff nosniff
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 18 May 2020 21:48:37 GMT
content-length
161
jquery-1.12.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/
95 KB
33 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F76) /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 21:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4422007
x-cache
HIT
status
200
content-length
33920
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:51 GMT
server
ECAcc (paa/6F76)
etag
"804fc05cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bodymovin.min.js
site-cdn.onenote.net/libraries/bodymovin/4.13.0/
248 KB
59 KB
Script
General
Full URL
https://site-cdn.onenote.net/libraries/bodymovin/4.13.0/bodymovin.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:38 GMT
Content-Encoding
gzip
X-OfficeCluster
weu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
60057
Cache-Control
public, max-age=19131161
Last-Modified
Mon, 16 Dec 2019 21:36:34 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
546edbb1-dd0d-4235-afc5-4d2176788dd0
ETag
"05d3fe358b4d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
546edbb1-dd0d-4235-afc5-4d2176788dd0
Accept-Ranges
bytes
X-OfficeVersion
16.0.12416.31557
CommonDiagnostics.js
site-cdn.onenote.net/161291331559_Scripts/
30 KB
10 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
751b6bfa0fd621331411e5e9e3ac1c2c555b61bcd4acc9cb30f29e79432bd86a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9503
Cache-Control
public, max-age=31197177
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
8e969703-02c1-43b7-859c-cb1cf3744541
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
8e969703-02c1-43b7-859c-cb1cf3744541
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
Common.js
site-cdn.onenote.net/161291331559_Scripts/
46 KB
10 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/Common.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c8735ffc4986a4ba9d927c72525d60af2d17e2aad6dc3b70af780996976e10f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9981
Cache-Control
public, max-age=31197087
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
068b862b-6831-48ed-9792-875509f1ea36
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
068b862b-6831-48ed-9792-875509f1ea36
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
DefaultSignIn.min.js
site-cdn.onenote.net/161291331559_Scripts/
16 KB
4 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3461
Cache-Control
public, max-age=31197090
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
e945e2bb-eb8a-4cf2-9658-9863324892cb
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
e945e2bb-eb8a-4cf2-9658-9863324892cb
Accept-Ranges
bytes
X-OfficeVersion
16.0.12912.31550
Default2SignIn.js
site-cdn.onenote.net/161291331559_Scripts/
14 KB
5 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/Default2SignIn.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36b856901555080132e473c163ffd7c91cd074d4b2fc1bc4f13d19f99bd124f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
4451
Cache-Control
public, max-age=31197148
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
96fe8ebc-2f13-4f62-8cd3-f1ecfe396174
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
96fe8ebc-2f13-4f62-8cd3-f1ecfe396174
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
RemoteUls.ashx
www.onenote.com/
0
157 B
XHR
General
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
X-UserSessionId
35d72253-559c-4c79-8366-25f910e0593f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 May 2020 21:48:38 GMT
x-content-type-options
nosniff, nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.12913.31559
x-officefe
SiteFrontEnd_IN_2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-correlationid
8cf13a7b-0672-41b1-b76a-6aecf971f960
x-officecluster
weu-000.site.onenote.com
x-usersessionid
35d72253-559c-4c79-8366-25f910e0593f
x-powered-by
ASP.NET
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
8cf13a7b-0672-41b1-b76a-6aecf971f960
cache-control
private
x-routingsessionid
35d72253-559c-4c79-8366-25f910e0593f
x-routingofficecluster
weu-000.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/
0
130 B
XHR
General
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
X-UserSessionId
35d72253-559c-4c79-8366-25f910e0593f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 May 2020 21:48:38 GMT
x-content-type-options
nosniff, nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.12913.31559
x-officefe
SiteFrontEnd_IN_4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-correlationid
90436dd0-0ea8-4b17-9bd9-065ec0a3fa5a
x-officecluster
neu-000.site.onenote.com
x-usersessionid
35d72253-559c-4c79-8366-25f910e0593f
x-powered-by
ASP.NET
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
90436dd0-0ea8-4b17-9bd9-065ec0a3fa5a
cache-control
private
x-routingsessionid
35d72253-559c-4c79-8366-25f910e0593f
x-routingofficecluster
weu-000.reverseproxy.onenote.com
Me.srf
login.live.com/ Frame AF38
0
0
Document
General
Full URL
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=1&nf=1
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.90.23.153 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
login.live.com
:scheme
https
:path
/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=1&nf=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Mon, 18 May 2020 21:47:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
set-cookie
uaid=1bbb323fb16b460298e7f64232149e44; domain=login.live.com; Secure; path=/; HttpOnly MSPRequ=id=N&lt=1589838518&co=1; domain=login.live.com; Secure; path=/; HttpOnly
referrer-policy
strict-origin-when-cross-origin
x-ms-request-id
97279137-8900-4225-921a-63f69372b502
ppserver
PPV: 30 H: BL02PF6B2F0B86C V: 0
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
date
Mon, 18 May 2020 21:48:38 GMT
content-length
4315
Cookie set savedusers
login.microsoftonline.com/ Frame 2EE5
0
0
Document
General
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.129.160 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
x-ms-request-id
a8b86c95-b09e-4e40-9436-012df884b100
x-ms-ests-server
2.1.10519.18 - DUB2 ProdSlices
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
fpc=AiOMZt0gBRBHuzsq0gdFExI; expires=Wed, 17-Jun-2020 21:48:38 GMT; path=/; secure; HttpOnly esctx=AQABAAAAAAAm-06blBE1TpVMil8KPQ415mut0kxGB4qGzM_4QBlapl1tY1Xfp-xRZ_DY_ANBpA-Z2HWs1PH62Hzyd1se-griaA8sDKjbUqnfz6HP9wuZmDzGKF1d4w6bvGorMUl5DourOmz-wGH11MxeOMHcApokZvXm5rKlty1CQy8uM1xFw8s3ZWb2YpWmOyJCAaNyzLMgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=prod; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
Referrer-Policy
strict-origin-when-cross-origin
Date
Mon, 18 May 2020 21:48:38 GMT
Content-Length
900
Primary Request hrd
www.onenote.com/
19 KB
6 KB
Document
General
Full URL
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/Default2SignIn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
60b47784081ae273df44e548df50390786af3fa7c31b7fa78b3afa70015d9231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.onenote.com
:scheme
https
:path
/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-routingsessionid
f37dd8fb-fa5b-4a08-bdcf-33d8be1701b4
x-routingcorrelationid
130cd09e-d508-4621-b325-10f860d59c81
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Treatment1; expires=Wed, 18-May-2022 21:48:43 GMT; path=/; secure; HttpOnly AuthSess=da6ff22d-249f-450d-8d53-9933dffbd31e; domain=www.onenote.com; path=/; samesite=none; secure; HttpOnly AADNonce=55590ccc-69ab-42dc-8afc-5f7dcf690d47.637254353235260951; domain=onenote.com; path=/; samesite=none; secure; HttpOnly
x-correlationid
130cd09e-d508-4621-b325-10f860d59c81
x-usersessionid
f37dd8fb-fa5b-4a08-bdcf-33d8be1701b4
x-officefe
SiteFrontEnd_IN_0
x-officeversion
16.0.12913.31559
x-officecluster
weu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff nosniff
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 18 May 2020 21:48:42 GMT
content-length
5127
RemoteUls.ashx
www.onenote.com/
0
0

RemoteUls.ashx
www.onenote.com/
0
119 B
XHR
General
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondcnotebooks&showHrd=true
X-UserSessionId
35d72253-559c-4c79-8366-25f910e0593f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 May 2020 21:48:42 GMT
x-content-type-options
nosniff, nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.12913.31559
x-officefe
SiteFrontEnd_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_12
x-routingofficeversion
16.0.12913.31553
x-correlationid
b87e4ebe-4ab4-4d02-8773-d11ea1c12bba
x-officecluster
weu-000.site.onenote.com
x-usersessionid
35d72253-559c-4c79-8366-25f910e0593f
x-powered-by
ASP.NET
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
b87e4ebe-4ab4-4d02-8773-d11ea1c12bba
cache-control
private
x-routingsessionid
35d72253-559c-4c79-8366-25f910e0593f
x-routingofficecluster
weu-000.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/
0
0

mscc-0.4.2.min.js
uhf.microsoft.com/mscc/statics/
4 KB
2 KB
Script
General
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:280::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 18 May 2020 21:48:43 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
AO6kLOW8s6NiicKEPl74tA==
status
200
etag
0x8D795E59EC908A0
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
19444eb6-301e-0073-77fd-c7635b000000
x-ms-version
2009-09-19
content-length
2017
mscc-0.4.2.min.css
uhf.microsoft.com/mscc/statics/
1 KB
939 B
Stylesheet
General
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:280::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 18 May 2020 21:48:43 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QLyM0qNPDXd6ayzd1iIoLA==
status
200
etag
0x8D795E5A424E059
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
12ad0bfa-b01e-000f-1afd-c7fe6e000000
x-ms-version
2009-09-19
content-length
626
SharedHeader.css
site-cdn.onenote.net/161291331559_Styles/en-US/
10 KB
3 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/SharedHeader.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2849
Cache-Control
public, max-age=31197180
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
988b4e8b-6f43-4c07-9ae8-d4f9d686384c
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
988b4e8b-6f43-4c07-9ae8-d4f9d686384c
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
OfficeBrowserFeedback.css
site-cdn.onenote.net/161291331559_Styles/en-US/
13 KB
3 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/OfficeBrowserFeedback.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2023
Cache-Control
public, max-age=31449467
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
52b75f2a-b912-458b-ac18-9c78b220bfc4
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
52b75f2a-b912-458b-ac18-9c78b220bfc4
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
ondchome_cluster.css
site-cdn.onenote.net/161291331559_Styles/en-US/
4 KB
2 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/ondchome_cluster.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
936
Cache-Control
public, max-age=31449404
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
d0800858-c56e-4b4d-a791-6495685ed178
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
d0800858-c56e-4b4d-a791-6495685ed178
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
SiteIntl.css
site-cdn.onenote.net/161291331559_Styles/en-US/
71 KB
7 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/SiteIntl.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6365
Cache-Control
public, max-age=31197112
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
58e3f7e1-6458-4e7d-95fe-302800ee7c85
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
58e3f7e1-6458-4e7d-95fe-302800ee7c85
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
Shared.css
site-cdn.onenote.net/161291331559_Styles/en-US/
14 KB
3 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/Shared.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2851
Cache-Control
public, max-age=31197141
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
f83373e0-c819-452c-a4d3-76e327d8e784
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
f83373e0-c819-452c-a4d3-76e327d8e784
Accept-Ranges
bytes
X-OfficeVersion
16.0.12912.31550
Hrd.css
site-cdn.onenote.net/161291331559_Styles/en-US/
1023 B
1 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/Hrd.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
453
Cache-Control
public, max-age=31449439
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
198ae748-8d56-4c3a-88ff-43b1fde5583a
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
198ae748-8d56-4c3a-88ff-43b1fde5583a
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
SharedHeaderOverrides.css
site-cdn.onenote.net/161291331559_Styles/en-US/
1 KB
1 KB
Stylesheet
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/SharedHeaderOverrides.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
546
Cache-Control
public, max-age=31197108
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
d0a44652-b9ca-4b9a-908c-f64872f93cd6
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
d0a44652-b9ca-4b9a-908c-f64872f93cd6
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
App_Switcher_Waffle.50x50x32.png
site-cdn.onenote.net/161291331559_Images/en-US/
203 B
883 B
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/en-US/App_Switcher_Waffle.50x50x32.png?b=1601281310000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
203
Cache-Control
public, max-age=31197071
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
4e102726-3c8a-43a3-9acf-b9bf89a6accb
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
4e102726-3c8a-43a3-9acf-b9bf89a6accb
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
odc_onenoteheaderlogo.135x40x32.png
site-cdn.onenote.net/161291331559_Images/en-US/
1 KB
2 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/en-US/odc_onenoteheaderlogo.135x40x32.png?b=1601281310000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1356
Cache-Control
public, max-age=31197074
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
89e3927a-3b5a-4e3c-a435-4dfb8d504d6d
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
89e3927a-3b5a-4e3c-a435-4dfb8d504d6d
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
OneNoteLogoMobile2.22x22.png
site-cdn.onenote.net/161291331559_Images/
706 B
1 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/OneNoteLogoMobile2.22x22.png?
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
706
Cache-Control
public, max-age=31197193
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
f8b3f81d-3265-418e-943b-bf51d8ee12bf
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
f8b3f81d-3265-418e-943b-bf51d8ee12bf
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
feedback.png
site-cdn.onenote.net/161291331559_Images/
804 B
1 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/feedback.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
804
Cache-Control
public, max-age=31197065
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
d7770d5f-4fb9-41ea-8f9c-f74dc984289f
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
d7770d5f-4fb9-41ea-8f9c-f74dc984289f
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
wapsw.png
site-cdn.onenote.net/161291331559_Images/en-US/
6 KB
6 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/en-US/wapsw.png?b=1601281310000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5884
Cache-Control
public, max-age=31449440
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
28576acb-f2d6-4970-9cdb-bc65b13939c9
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
28576acb-f2d6-4970-9cdb-bc65b13939c9
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
Globe_Light.20x20x32.png
site-cdn.onenote.net/161291331559_Images/en-US/
504 B
1 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Images/en-US/Globe_Light.20x20x32.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
504
Cache-Control
public, max-age=31197084
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
49cd1124-f397-42e1-9107-338e966c6e00
ETag
"024c6418229d61:0"
Content-Type
image/png
X-CorrelationId
49cd1124-f397-42e1-9107-338e966c6e00
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
jquery-1.12.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/
95 KB
33 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F76) /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 21:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4422012
x-cache
HIT
status
200
content-length
33920
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:51 GMT
server
ECAcc (paa/6F76)
etag
"804fc05cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
CommonDiagnostics.js
site-cdn.onenote.net/161291331559_Scripts/
30 KB
10 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
751b6bfa0fd621331411e5e9e3ac1c2c555b61bcd4acc9cb30f29e79432bd86a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9503
Cache-Control
public, max-age=31197172
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
8e969703-02c1-43b7-859c-cb1cf3744541
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
8e969703-02c1-43b7-859c-cb1cf3744541
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
DefaultSignIn.min.js
site-cdn.onenote.net/161291331559_Scripts/
16 KB
4 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3461
Cache-Control
public, max-age=31197085
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
e945e2bb-eb8a-4cf2-9658-9863324892cb
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
e945e2bb-eb8a-4cf2-9658-9863324892cb
Accept-Ranges
bytes
X-OfficeVersion
16.0.12912.31550
home.js
site-cdn.onenote.net/161291331559_Scripts/
23 KB
7 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/home.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76d4225989e5ab3460b54ed02ef77eb7e61530a2bb239d6120f841b5fea1df65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6313
Cache-Control
public, max-age=31197216
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
e95141b6-c0df-478e-95f2-965efbbf29db
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
e95141b6-c0df-478e-95f2-965efbbf29db
Accept-Ranges
bytes
X-OfficeVersion
16.0.12912.31550
Hrd.js
site-cdn.onenote.net/161291331559_Scripts/
46 KB
11 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/Hrd.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
10024
Cache-Control
public, max-age=31197112
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
41852124-e593-439f-bcf4-f5411f25ffc7
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
41852124-e593-439f-bcf4-f5411f25ffc7
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
cookiecompliance.js
site-cdn.onenote.net/161291331559_Scripts/
725 B
1 KB
Script
General
Full URL
https://site-cdn.onenote.net/161291331559_Scripts/cookiecompliance.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
357
Cache-Control
public, max-age=31197137
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
c0b2566e-39c5-4bc2-88db-eb73435c589e
ETag
"024c6418229d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
c0b2566e-39c5-4bc2-88db-eb73435c589e
Accept-Ranges
bytes
X-OfficeVersion
16.0.12912.31550
segoeuil.woff
site-cdn.onenote.net/161291331559_Styles/
22 KB
22 KB
Font
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/segoeuil.woff
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://site-cdn.onenote.net/161291331559_Styles/en-US/SiteIntl.css
Origin
https://www.onenote.com

Response headers

Date
Mon, 18 May 2020 21:48:43 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22204
Cache-Control
public, max-age=31197123
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
b93a6d7a-7d6d-4b62-9c9e-cf45eab90f95
ETag
"024c6418229d61:0"
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://www.onenote.com
X-CorrelationId
b93a6d7a-7d6d-4b62-9c9e-cf45eab90f95
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559
hrd
odc.officeapps.live.com/odc/v2.0/ Frame 36F8
0
0
Document
General
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161291331559_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
odc.officeapps.live.com
:scheme
https
:path
/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/10.0
x-correlationid
b4366bcc-a2dd-422a-b4fd-71c4dd6b739e
x-usersessionid
b4366bcc-a2dd-422a-b4fd-71c4dd6b739e
x-officefe
OdcFrontEnd_IN_199
x-officeversion
16.0.12908.30554
x-officecluster
neu-odc.officeapps.live.com
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-ua-compatible
IE=11
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Mon, 18 May 2020 21:48:43 GMT
content-length
9886
progress.gif
site-cdn.onenote.net/161291331559_Styles/en-US/
695 B
1 KB
Image
General
Full URL
https://site-cdn.onenote.net/161291331559_Styles/en-US/progress.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.58.89 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-58-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://site-cdn.onenote.net/161291331559_Styles/en-US/SharedHeader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 21:48:44 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-000.site.onenote.com
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Cache-Control
public, max-age=31197174
Last-Modified
Wed, 13 May 2020 23:57:28 GMT
Server
Microsoft-IIS/10.0
X-UserSessionId
fbbc52a8-2916-4d83-ab4e-d289540f146f
ETag
"024c6418229d61:0"
Content-Type
image/gif
X-CorrelationId
fbbc52a8-2916-4d83-ab4e-d289540f146f
Accept-Ranges
bytes
X-OfficeVersion
16.0.12913.31559

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.onenote.com
URL
https://www.onenote.com/RemoteUls.ashx
Domain
www.onenote.com
URL
https://www.onenote.com/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mscc string| SessionId string| CorrelationId string| NotebooksIndexURL function| calculatePageLoadTime function| $ function| jQuery function| Type function| $6 object| Sys object| Diag string| g_msaReturnUrl string| g_orgIdReturnUrl string| g_signupUrl string| g_msaPasswordResetUrl string| g_msaLoginUrl string| g_hrdIframeUrl string| g_orgIdLoginUrl string| g_authType string| g_fullScreenHrd object| g_hrdOverride boolean| g_useNewRedirectUrlOverride number| g_preferredIdpForDefaultSignIn string| g_appId boolean| g_defaultSignInEnabled boolean| g_defaultSignInFixEnabled string| g_defaultSignInAadHost string| OrigRefCookieName string| OrigRefCookieValue object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog boolean| msaFedEnabled function| getAccount function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader string| g_rootDomain function| DismissPopupBanner function| GetRootDomain function| CreateCookie undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp boolean| g_persistentDialog object| g_hrdTimeout function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn object| g_defaultSignInTimeout function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| SetWarmupFrameUrl number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml object| Feedback object| OfficeBrowserFeedback function| GetOSPlatform function| InitializeUls function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| LogElapsedTimeOnPage function| InsertAdditionalBeforeUnloadFunction function| OnUnloadingPage function| FlushBrowserUls function| FlushUlsAsynchronous function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| SaveOrigRefThenShowSignInControl object| Utils object| OSPlatform string| _osPlatform undefined| ClipperIndexURL object| Common function| __extends string| TelemetryClickableClass object| TheUlsHost number| furthestScrollDepthPercentage function| RecordPageLoadTime number| PageStartLoadTime string| ulsCategoryStringSetInCshtml object| additionalBeforeUnloadFunctions undefined| _onBeforePageUnloadCalled object| jQuery112007788589304704994 string| CookieBanner function| getCookieBanner function| addCookieComplianceBanner function| adjustHeaderHeight

4 Cookies

Domain/Path Name / Value
.onenote.com/ Name: AADNonce
Value: 55590ccc-69ab-42dc-8afc-5f7dcf690d47.637254353235260951
.www.onenote.com/ Name: AuthSess
Value: da6ff22d-249f-450d-8d53-9933dffbd31e
www.onenote.com/ Name: OrigRef
Value: Uri=https%3a%2f%2fwww.onenote.com%2fhrd%3fwdorigin%3dondcauth2%26wdorigin%3dondcnotebooks
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Treatment1

3 Console Messages

Source Level URL
Text
console-api log URL: https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Validation of configurations options finished successfully.
console-api log URL: https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Data received from MSA PostMessage: {"error":"8004100C","userList":[],"postLogoutRedirectUriValid":false,"performance":{"idp":"msa","timing":{"connectStart":1589838518513,"navigationStart":1589838518504,"loadEventEnd":1589838519122,"domLoading":1589838518914,"secureConnectionStart":1589838518541,"fetchStart":1589838518505,"domContentLoadedEventStart":1589838518923,"responseStart":1589838518910,"responseEnd":1589838518911,"domInteractive":1589838518923,"domainLookupEnd":1589838518513,"redirectStart":0,"requestStart":1589838518775,"unloadEventEnd":0,"unloadEventStart":0,"domComplete":1589838519122,"domainLookupStart":1589838518506,"loadEventStart":1589838519122,"domContentLoadedEventEnd":1589838518923,"redirectEnd":0,"connectEnd":1589838518775},"entries":[{"name":"https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondcnotebooks&auth=1&nf=1","entryType":"navigation","startTime":0,"duration":617.9700000211596,"initiatorType":"navigation","nextHopProtocol":"h2","workerStart":0,"redirectStart":0,"redirectEnd":0,"fetchStart":1.3949999120086432,"domainLookupStart":2.1849998738616705,"domainLookupEnd":9.210000047460198,"connectStart":9.210000047460198,"connectEnd":270.530000096187,"secureConnectionStart":37.3299999628216,"requestStart":270.65499988384545,"responseStart":405.90499993413687,"responseEnd":406.78999992087483,"transferSize":4817,"encodedBodySize":4315,"decodedBodySize":10262,"serverTiming":[],"workerTiming":[],"unloadEventStart":0,"unloadEventEnd":0,"domInteractive":418.7199999578297,"domContentLoadedEventStart":418.7350000720471,"domContentLoadedEventEnd":418.73999987728894,"domComplete":617.5549998879433,"loadEventStart":617.5649999640882,"loadEventEnd":617.9700000211596,"type":"navigate","redirectCount":0},{"name":"https://logincdn.msauth.net/16.000/js/MeControl_qJaZCEsU3IVU5J-4gu9NOg2.js","entryType":"resource","startTime":418.45500003546476,"duration":195.4799999948591,"initiatorType":"script","nextHopProtocol":"h2","workerStart":0,"redirectStart":0,"redirectEnd":0,"fetchStart":418.45500003546476,"domainLookupStart":0,"domainLookupEnd":0,"connectStart":0,"connectEnd":0,"secureConnectionStart":0,"requestStart":0,"responseStart":0,"responseEnd":613.9350000303239,"transferSize":0,"encodedBodySize":0,"decodedBodySize":0,"serverTiming":[],"workerTiming":[]}]}}
console-api log URL: https://site-cdn.onenote.net/161291331559_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Time taken to Msa user data: 623

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.skype.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
login.live.com
login.microsoftonline.com
odc.officeapps.live.com
onenote.new
site-cdn.onenote.net
uhf.microsoft.com
www.onenote.com
www.onenote.com
152.199.19.160
20.190.129.160
23.37.58.89
2a02:26f0:f1:280::2b57
40.76.4.15
40.90.23.153
52.109.76.5
52.109.88.2
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
21efb3b69755b40c078886ceabc2ad5567fd03b935674af36dd16c27060a1f5a
36b856901555080132e473c163ffd7c91cd074d4b2fc1bc4f13d19f99bd124f6
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
60b47784081ae273df44e548df50390786af3fa7c31b7fa78b3afa70015d9231
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
751b6bfa0fd621331411e5e9e3ac1c2c555b61bcd4acc9cb30f29e79432bd86a
76d4225989e5ab3460b54ed02ef77eb7e61530a2bb239d6120f841b5fea1df65
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
9c8735ffc4986a4ba9d927c72525d60af2d17e2aad6dc3b70af780996976e10f
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855