urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
2620:1ec:bdf::60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.onenote.com/officeaddins/learningtools/?et=
Effective URL: https://www.onenote.com/officeaddins/learningtools/?et=
Submission: On September 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2620:1ec:bdf::60, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com. The Cisco Umbrella rank of the primary domain is 6746.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on July 30th 2024. Valid for: a year.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2620:1ec:bdf::60 8075 (MICROSOFT...)
7 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
2 2620:1ec:bdf::44 8075 (MICROSOFT...)
14 5
Apex Domain
Subdomains		 Transfer
7 onenote.net
cdn.onenote.net — Cisco Umbrella Rank: 1513
50 KB
4 onenote.com
www.onenote.com — Cisco Umbrella Rank: 6746
46 KB
2 microsoft.com
appsforoffice.microsoft.com — Cisco Umbrella Rank: 3779
58 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
39 KB
0 oaspapps.com Failed
telemetryservice.firstpartyapps.oaspapps.com Failed
14 5
Domain Requested by
7 cdn.onenote.net www.onenote.com
4 www.onenote.com 1 redirects cdn.onenote.net
2 appsforoffice.microsoft.com www.onenote.com
appsforoffice.microsoft.com
1 ajax.aspnetcdn.com www.onenote.com
0 telemetryservice.firstpartyapps.oaspapps.com Failed appsforoffice.microsoft.com
14 5

This site contains no links.

Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-07-30 -
2025-07-25		 a year crt.sh
cdn.onenote.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-09 -
2025-04-04		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
appsforoffice.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-13 -
2025-06-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.onenote.com/officeaddins/learningtools/?et=
Frame ID: FC63B5BF621FDF6C886D56E5E9ACB2D3
Requests: 13 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: 0DBBA77FB9150F3338FA26BD645195FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.onenote.com/officeaddins/learningtools/?et= HTTP 307
    https://www.onenote.com/officeaddins/learningtools/?et= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

192 kB
Transfer

502 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.onenote.com/officeaddins/learningtools/?et= HTTP 307
    https://www.onenote.com/officeaddins/learningtools/?et= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.onenote.com/favicon.ico HTTP 302
  • https://www.onenote.com/?404&public=1

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.onenote.com/officeaddins/learningtools/
Redirect Chain
  • http://www.onenote.com/officeaddins/learningtools/?et=
  • https://www.onenote.com/officeaddins/learningtools/?et=
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6fa9066c86a9d62c3c14005c357eed8558399bab17dfcb6f68c4472d4b56bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
private
content-encoding
gzip
content-length
821
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 04:52:45 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="P3P is not supported anymore; see: https://msdn.microsoft.com/en-us/library/mt146424%28v=vs.85%29.aspx"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240904T045245Z-166b9c58d6c5tpkv4k6qbfdqdg00000007e000000000bw14
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
bd97ffa8-da19-465a-bbb5-216d1d45e05a
x-officecluster
weu-000.appsforoffice.onenote.com
x-officefe
AgavesFrontEnd_IN_7
x-officeversion
16.0.18025.40450
x-partitioning-enabled
true
x-routingcorrelationid
bd97ffa8-da19-465a-bbb5-216d1d45e05a
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_21
x-routingofficeversion
16.0.18026.40455
x-routingsessionid
b4fdd288-b87f-4d19-b6bf-a7088c0def91
x-usersessionid
b4fdd288-b87f-4d19-b6bf-a7088c0def91

Redirect headers

Location
https://www.onenote.com/officeaddins/learningtools/?et=
Non-Authoritative-Reason
HttpsUpgrades
CommonDiagnostics.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18022.40452
x-officefe
AgavesFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
12330
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
b2cf050b-25f6-444f-969c-16c1d1018499
x-usersessionid
eb9845e1-fa80-4ef2-a086-cfc664165471
x-officecluster
neu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c9547r8xwxp738931gr800000002gg00000000tyx7
Content-Type
application/javascript
X-RoutingCorrelationId
b2cf050b-25f6-444f-969c-16c1d1018499
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825867
X-RoutingSessionId
eb9845e1-fa80-4ef2-a086-cfc664165471
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
BrowserUls.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/BrowserUls.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2882bf4b22d0ad63e6f8877eb5c22353921e8c87b197911462933b7d1a7a44b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18022.40452
x-officefe
AgavesFrontEnd_IN_13
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
739
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_8
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
bc9171c1-3429-4a79-944e-0abe7a1adcd6
x-usersessionid
3718eff4-2083-43fd-8ac8-b1b477a44b47
x-officecluster
neu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c95477lzr2wedvxc2ak400000002h000000000qss2
Content-Type
application/javascript
X-RoutingCorrelationId
bc9171c1-3429-4a79-944e-0abe7a1adcd6
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825857
X-RoutingSessionId
3718eff4-2083-43fd-8ac8-b1b477a44b47
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 04:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14173573
x-cache
HIT
content-length
39744
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 15:26:14 GMT
server
ECAcc (frc/4CDC)
etag
"c844f287112d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
js-cookie.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ExternalResources/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/ExternalResources/js-cookie.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
365009220d893f07b356c7f253cecd5a9f7e06d6207a3dd7a148fc73812b4fe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18022.40452
x-officefe
AgavesFrontEnd_IN_17
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1459
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_11
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
1433cb4c-f5dc-4c37-8c0c-d6adbf900497
x-usersessionid
bca002c9-222a-4511-84e0-c4573cfcffb1
x-officecluster
weu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c9547t5ckje1c50a4tmn00000002cg00000000eu8y
Content-Type
application/javascript
X-RoutingCorrelationId
1433cb4c-f5dc-4c37-8c0c-d6adbf900497
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825783
X-RoutingSessionId
bca002c9-222a-4511-84e0-c4573cfcffb1
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
pickadate.min.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/pickadate.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7337ed6220111758e61f3be5060ae9a807d83edf05d5f7cc92b0b85e34a5fef3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18022.40452
x-officefe
AgavesFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
7064
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
46ef42e7-0c16-45dd-bc22-f3fa35bad137
x-usersessionid
a3ac43b9-6f2a-43bf-8d08-bf3974ebcae3
x-officecluster
neu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c9547h9cn5zsrmrkkhz400000002tg00000000tkg6
Content-Type
application/javascript
X-RoutingCorrelationId
46ef42e7-0c16-45dd-bc22-f3fa35bad137
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825867
X-RoutingSessionId
a3ac43b9-6f2a-43bf-8d08-bf3974ebcae3
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
Instrumentation.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/Instrumentation.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd0dd2b15855be52cba496cc6e8f0ff65fbba6addba92282e53ceca6b27bfcc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18022.40452
x-officefe
AgavesFrontEnd_IN_17
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1077
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_11
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
bf39dd9c-ceb7-41bc-b0a8-45eecf98c79a
x-usersessionid
0214680d-afc9-4b56-a962-6f1c9f182b1b
x-officecluster
weu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c9547dfhcd0hu30qvmgn00000002hg000000005nu7
Content-Type
application/javascript
X-RoutingCorrelationId
bf39dd9c-ceb7-41bc-b0a8-45eecf98c79a
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825844
X-RoutingSessionId
0214680d-afc9-4b56-a962-6f1c9f182b1b
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
aria-web-telemetry-2.9.0.min.js
cdn.onenote.net/officeaddins/161802540450_Scripts/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/aria-web-telemetry-2.9.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c459ec1608d98a847ab4c83723e1c4b2dc6e58a7006d5566c529a93113c2ee62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18025.40450
x-officefe
AgavesFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
13498
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_3
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
c3e5c16a-48a7-48d6-b22e-e97f926a6261
x-usersessionid
fc446e9c-490f-4c4c-8e9c-2599223b1b8a
x-officecluster
jpe-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240827T001309Z-r1bf48c9547wcx84fnvn6awdcg00000002sg00000000dkfx
Content-Type
application/javascript
X-RoutingCorrelationId
c3e5c16a-48a7-48d6-b22e-e97f926a6261
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30828040
X-RoutingSessionId
fc446e9c-490f-4c4c-8e9c-2599223b1b8a
Accept-Ranges
bytes
X-RoutingOfficeCluster
jpe-000.reverseproxy.onenote.com
office.js
appsforoffice.microsoft.com/lib/1.1/hosted/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb768740948fca9ca2df9387188fa0d431fb5ffce68d5f1080ad3f5d7f988875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 04:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-cache-status
Hit from child
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
66127294
server-timing
clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
19775
x-cdn-bucket
4
last-modified
Fri, 30 Aug 2024 16:18:08 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=AMSTERDAM&ASN=20940&Country=NL&Region=&RequestIdentifier=0.1719dd58.1725092071.144d1769&TotalRTCDNTime=0&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5e0e24ed-d01e-0030-3a38-fb4158000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=14400
x-azure-ref
20240904T045245Z-166b9c58d6c42qtbf9cud237n000000001k000000000dsd2
accept-ranges
bytes
akamai-request-bc
[a=88.221.25.23,b=340596585,c=g,n=NL__AMSTERDAM,o=20940]
timing-allow-origin
*
LearningTools.js
cdn.onenote.net/officeaddins/161802540450_Scripts/LearningTools/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onenote.net/officeaddins/161802540450_Scripts/LearningTools/LearningTools.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/officeaddins/learningtools/?et=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:99c::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
534ecf698946529ff99c868da810dab8e1e9c7491ebdc873bdf95d34abf75c4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 04:52:45 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.18025.40450
x-officefe
AgavesFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6645
x-partitioning-enabled
true
X-RoutingOfficeFE
ReverseProxyFrontEnd_IN_1
X-RoutingOfficeVersion
16.0.18019.40457
Last-Modified
Sun, 25 Aug 2024 04:13:06 GMT
x-correlationid
3d13dffb-e191-4329-b628-3a2d493265b7
x-usersessionid
9953b05f-bee9-40f4-a29b-4002e10fd34b
x-officecluster
neu-000.appsforoffice.onenote.com
ETag
"035016a5f6da1:0"
Vary
Accept-Encoding
x-azure-ref
20240826T233642Z-r1bf48c9547gthcztxns95pccg000000029g00000000gg5v
Content-Type
application/javascript
X-RoutingCorrelationId
3d13dffb-e191-4329-b628-3a2d493265b7
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=30825842
X-RoutingSessionId
9953b05f-bee9-40f4-a29b-4002e10fd34b
Accept-Ranges
bytes
X-RoutingOfficeCluster
weu-000.reverseproxy.onenote.com
o15apptofilemappingtable.js
appsforoffice.microsoft.com/lib/1.1/hosted/ 		167 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js
Requested by
Host: appsforoffice.microsoft.com
URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 04:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-cache-status
Miss from child, Miss from parent
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
66127294
server-timing
clientrtt; dur=0, clienttt; dur=63, origin; dur=0 , cdntime; dur=63
alt-svc
h3=":443"; ma=93600
content-length
37710
x-cdn-bucket
4
last-modified
Fri, 30 Aug 2024 16:18:10 GMT
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=AMSTERDAM&ASN=20940&Country=NL&Region=&RequestIdentifier=0.76a9645f.1725047155.84758f&TotalRTCDNTime=0&CompressionType=gzip&FileSize=170827"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
005ef5aa-f01e-006a-2715-fb27bf000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=14400
x-azure-ref
20240904T045245Z-166b9c58d6c42qtbf9cud237n000000001k000000000dsd3
accept-ranges
bytes
akamai-request-bc
[a=95.100.169.118,b=8680847,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=20.38.118.132,c=o]
timing-allow-origin
*
RemoteUls.ashx
www.onenote.com/officeaddins/ 		0
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/officeaddins/RemoteUls.ashx
Requested by
Host: cdn.onenote.net
URL: https://cdn.onenote.net/officeaddins/161802540450_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/officeaddins/learningtools/?et=
X-UserSessionId
b4fdd288-b87f-4d19-b6bf-a7088c0def91
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Sep 2024 04:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.18025.40450
x-officefe
AgavesFrontEnd_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
x-cache
CONFIG_NOCACHE
content-disposition
attachment
content-length
0
x-partitioning-enabled
true
x-routingofficefe
ReverseProxyFrontEnd_IN_21
x-routingofficeversion
16.0.18026.40455
x-correlationid
26f39679-5787-449a-9f48-2a54110b1f87
x-officecluster
weu-000.appsforoffice.onenote.com
x-usersessionid
b4fdd288-b87f-4d19-b6bf-a7088c0def91
x-download-options
noopen
x-azure-ref
20240904T045245Z-166b9c58d6c5tpkv4k6qbfdqdg00000007e000000000bw1k
content-type
text/plain
x-routingcorrelationid
26f39679-5787-449a-9f48-2a54110b1f87
cache-control
private
x-routingsessionid
b4fdd288-b87f-4d19-b6bf-a7088c0def91
accept-ranges
bytes
x-routingofficecluster
weu-000.reverseproxy.onenote.com
/
www.onenote.com/
Redirect Chain
  • https://www.onenote.com/favicon.ico
  • https://www.onenote.com/?404&public=1
41 KB
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/?404&public=1
Protocol
H2
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b9f0b398c646f830ed11377ef99536adcdb12ae81fe33977b572df9d0578b71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/officeaddins/learningtools/?et=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 04:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
x-officeversion
16.0.18025.40450
x-officefe
SiteFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
42103
x-partitioning-enabled
true
x-routingofficefe
ReverseProxyFrontEnd_IN_5
x-xss-protection
1; mode=block
x-routingofficeversion
16.0.18026.40455
x-correlationid
506b2a23-c4be-425f-a1f0-15b854f0c263
x-officecluster
weu-000.site.onenote.com
x-usersessionid
da127f47-3b27-4988-ba8b-970fd0878af5
x-azure-ref
20240904T045245Z-166b9c58d6c5tpkv4k6qbfdqdg00000007e000000000bw1x
content-type
text/html; charset=utf-8
x-routingcorrelationid
506b2a23-c4be-425f-a1f0-15b854f0c263
cache-control
private
x-routingsessionid
da127f47-3b27-4988-ba8b-970fd0878af5
accept-ranges
bytes
x-routingofficecluster
weu-000.reverseproxy.onenote.com

Redirect headers

date
Wed, 04 Sep 2024 04:52:45 GMT
x-content-type-options
nosniff
x-officeversion
16.0.18025.40450
x-officefe
SiteFrontEnd_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
135
x-partitioning-enabled
true
x-routingofficefe
ReverseProxyFrontEnd_IN_5
x-routingofficeversion
16.0.18026.40455
x-correlationid
9b8c402f-6b96-4d2b-a926-eaf4b441fd4f
x-officecluster
weu-000.site.onenote.com
x-usersessionid
bfcd8d8b-53ec-4fdd-99c9-5d6bf4d2aed8
x-azure-ref
20240904T045245Z-166b9c58d6c5tpkv4k6qbfdqdg00000007e000000000bw1m
content-type
text/html; charset=utf-8
location
/?404&public=1
x-routingcorrelationid
9b8c402f-6b96-4d2b-a926-eaf4b441fd4f
x-routingsessionid
bfcd8d8b-53ec-4fdd-99c9-5d6bf4d2aed8
x-routingofficecluster
weu-000.reverseproxy.onenote.com
telemetryproxy.html
telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame 0DBB 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
telemetryservice.firstpartyapps.oaspapps.com
URL
https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Type function| $5 object| Sys object| Diag function| InitializeUls function| FlushBrowserUls function| __extends object| TheUlsHost boolean| EnableClientSideLogging function| $ function| jQuery function| Cookies function| Picker function| GetInstrumentationCategory function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| RedactIfNotebookURL number| approximatePageLoadTime number| instrumentationCategory number| furthestScrollDepthPercentage object| clienttelemetry_build object| Microsoft object| sct object| microsoft string| SessionId string| CorrelationId string| InstrumentationCategoryString string| AriaTenantToken string| ClassNotebookApiEndpointRoot object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| SDX object| OTel object| CustomFunctionMappings object| CustomFunctions object| OSFTrustedTypes object| oteljs boolean| IsProductionEnvironment boolean| UseV2Api boolean| UseV2ApiWac boolean| SendHtmlChunks boolean| EnableAADC boolean| UseApiForUILanguage function| getLanguageParameter function| getEdgeMajorVersion function| getQueryParameter function| now function| generateGuid function| createSimpleHtml function| loadTableAsync function| processLoadedObjectsRecursivelyAsync function| loadParagraphs function| loadParagraphsRecursivelyAsync function| shouldUseImageDescription function| getImageDescriptionOrOcrData function| getHtmlFromImageOcrData function| getInkWordsAsHtml function| getInkAnalysisText function| loadTextsRecursively function| getPageDataFromHtml function| getPageDataAsHtml function| getPageHtml function| applyParagraphInfo function| sortContentElementsVisually function| loadActivePageContent function| loadMathPaneContent function| handleLoadError function| postPageDataJson function| getOneNoteServiceAuthToken function| getRegionSpecificLearningToolsDomain function| getAppId function| callLearningToolsServiceAsync function| getContentModelAsync function| getReaderModel11Async function| okToLaunch function| launchImmersiveReaderDialog function| launchImmersiveMathReaderDialog function| dialogMessageHandler function| dialogEventHandler function| getCurrentPageData object| Logging function| HostingAppPlatforms object| ErrorReporting string| BrowserUlsUploadPath object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry object| AriaLogger

5 Cookies

Domain/Path Name / Value
www.onenote.com/ Name: UserTrackerKey
Value: AnonymousId=e74d4a97-df79-4658-a2a5-f61cbbd2fb70&FirstVisit=09/04/2024 04:52:45&LastVisit=09/04/2024 04:52:45
www.onenote.com/ Name: ONSessionKey
Value: SessionId=f1650540-e411-4e26-bf87-049af3036402&StartTime=09/04/2024 04:52:45&LastActivityTime=09/04/2024 04:52:45
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control
.www.onenote.com/ Name: AuthSess
Value: 4ed96a0b-c2fd-45c6-a0e1-cd1b47670325
.onenote.com/ Name: AADNonce
Value: f4031d1d-fdde-4d25-a3c8-b987542856e6.638610223659766263

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff