www.onenote.com Open in urlscan Pro
52.109.88.2  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.onenote.com/officeaddins/learningtools/	2 KB 1 KB	181ms 38ms	Document text/html	52.109.88.2 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b5491c90bcf1cfc3ab780806b664a2efd60c6a2c23d76ad47ec8bfaf96ddcec9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control private content-encoding gzip content-length 820 content-type text/html; charset=utf-8 date Fri, 17 Jun 2022 17:49:50 GMT p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="P3P is not supported anymore; see: https://msdn.microsoft.com/en-us/library/mt146424%28v=vs.85%29.aspx" vary Accept-Encoding x-content-type-options nosniff x-correlationid cb273ed8-1c32-41cf-9cc9-c99095cc9e21 x-officecluster weu-000.appsforoffice.onenote.com x-officefe AgavesFrontEnd_IN_5 x-officeversion 16.0.15413.40460 x-routingcorrelationid cb273ed8-1c32-41cf-9cc9-c99095cc9e21 x-routingofficecluster weu-000.reverseproxy.onenote.com x-routingofficefe ReverseProxyFrontEnd_IN_3 x-routingofficeversion 16.0.15414.40451 x-routingsessionid f24dcf0b-1e59-4ffd-a8cb-9efa2a0133d1 x-usersessionid f24dcf0b-1e59-4ffd-a8cb-9efa2a0133d1
GET H/1.1	200 OK	CommonDiagnostics.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/	40 KB 13 KB	159ms 35ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/CommonDiagnostics.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 60f37ce966440ca57e233756476cff9ed52a8177bbdf77b5cee321d12a0d6d94 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid b48dbd59-b390-45a5-a74d-e6aa207a7719 Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 12279 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_15 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster neu-000.appsforoffice.onenote.com x-usersessionid fb98808c-a80b-4eb0-8875-2031694c6d2a ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385647 X-RoutingSessionId fb98808c-a80b-4eb0-8875-2031694c6d2a X-RoutingCorrelationId b48dbd59-b390-45a5-a74d-e6aa207a7719 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	BrowserUls.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/	2 KB 2 KB	155ms 32ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/BrowserUls.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2882bf4b22d0ad63e6f8877eb5c22353921e8c87b197911462933b7d1a7a44b8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid effbd48c-47fd-4cc2-bd6c-95c084e245eb Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_12 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 739 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_20 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster weu-000.appsforoffice.onenote.com x-usersessionid 408eead3-d78d-48cd-8e6c-a9a76ff59e38 ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385647 X-RoutingSessionId 408eead3-d78d-48cd-8e6c-a9a76ff59e38 X-RoutingCorrelationId effbd48c-47fd-4cc2-bd6c-95c084e245eb Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H2	200	jquery-2.1.3.min.js Show response ajax.aspnetcdn.com/ajax/jQuery/	82 KB 37 KB	134ms 28ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8B0B) / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.onenote.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Fri, 17 Jun 2022 17:49:51 GMT content-encoding gzip x-content-type-options nosniff age 31250282 x-cache HIT content-length 37723 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:11:05 GMT server ECAcc (ama/8B0B) etag "b3b729ecc33d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	js-cookie.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/ExternalResources/	4 KB 2 KB	157ms 34ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/ExternalResources/js-cookie.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 365009220d893f07b356c7f253cecd5a9f7e06d6207a3dd7a148fc73812b4fe6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid 582af87b-97d0-4ee8-a935-aa3d5fec3322 Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 1459 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_15 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster neu-000.appsforoffice.onenote.com x-usersessionid 4c0aa171-bfd3-4794-a48f-85b55c61ab5a ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385647 X-RoutingSessionId 4c0aa171-bfd3-4794-a48f-85b55c61ab5a X-RoutingCorrelationId 582af87b-97d0-4ee8-a935-aa3d5fec3322 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	pickadate.min.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/	20 KB 8 KB	155ms 33ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/pickadate.min.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7337ed6220111758e61f3be5060ae9a807d83edf05d5f7cc92b0b85e34a5fef3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid 60fb32e5-1043-4d51-b5ca-f5bb6c516ff2 Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 7064 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_15 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster neu-000.appsforoffice.onenote.com x-usersessionid 60eb59eb-dc0d-41dd-8c08-a3f968b0f4d9 ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385647 X-RoutingSessionId 60eb59eb-dc0d-41dd-8c08-a3f968b0f4d9 X-RoutingCorrelationId 60fb32e5-1043-4d51-b5ca-f5bb6c516ff2 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	Instrumentation.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/	3 KB 2 KB	157ms 33ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/Instrumentation.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bd0dd2b15855be52cba496cc6e8f0ff65fbba6addba92282e53ceca6b27bfcc9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid 2baa1f2c-23e4-4656-bc5c-39911b84aef5 Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 1077 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_15 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster neu-000.appsforoffice.onenote.com x-usersessionid dcc7f135-291d-4ee0-b58c-92ff27b41c7e ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385648 X-RoutingSessionId dcc7f135-291d-4ee0-b58c-92ff27b41c7e X-RoutingCorrelationId 2baa1f2c-23e4-4656-bc5c-39911b84aef5 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	aria-web-telemetry-2.9.0.min.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/	53 KB 14 KB	157ms 34ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/aria-web-telemetry-2.9.0.min.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c459ec1608d98a847ab4c83723e1c4b2dc6e58a7006d5566c529a93113c2ee62 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid a4bbb642-12e0-47b3-8f46-49f33c499684 Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_12 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 13498 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_20 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster weu-000.appsforoffice.onenote.com x-usersessionid db92388e-cd87-458f-afdd-4061fbf6961a ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385648 X-RoutingSessionId db92388e-cd87-458f-afdd-4061fbf6961a X-RoutingCorrelationId a4bbb642-12e0-47b3-8f46-49f33c499684 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	office.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	58 KB 17 KB	164ms 39ms	Script application/javascript	96.16.147.61 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.16.147.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-147-61.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a2db1c05378e1447f67807b5615df5098c665ae67f68b818840ae0d650d51924 Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Fri, 17 Jun 2022 17:49:51 GMT Content-Encoding gzip Last-Modified Tue, 17 May 2022 13:30:08 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "070ca39f269d81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3871 Connection keep-alive Accept-Ranges bytes Content-Length 16979
GET H/1.1	200 OK	LearningTools.js Show response cdn.onenote.net/officeaddins/161541340460_Scripts/LearningTools/	20 KB 7 KB	191ms 33ms	Script application/javascript	2a02:26f0:ef:2a3::611 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.onenote.net/officeaddins/161541340460_Scripts/LearningTools/LearningTools.js Requested by Host: www.onenote.com URL: https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ef:2a3::611 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4887f29596d03ce92a0dcbc9fcd7277506141ab7dc2136119e221450f059b4d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers x-correlationid 3ee077b4-37fe-40f7-acd5-a2f1f8f2c945 Date Fri, 17 Jun 2022 17:49:52 GMT Content-Encoding gzip x-content-type-options nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Connection keep-alive Content-Length 6630 X-RoutingOfficeFE ReverseProxyFrontEnd_IN_15 X-RoutingOfficeVersion 16.0.15412.40453 Last-Modified Mon, 13 Jun 2022 18:29:54 GMT x-officecluster neu-000.appsforoffice.onenote.com x-usersessionid 27dc8ef5-c1c5-4d7a-b291-bb503f4dea05 ETag "07d6f93537fd81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://www.onenote.com Cache-Control public, max-age=31385647 X-RoutingSessionId 27dc8ef5-c1c5-4d7a-b291-bb503f4dea05 X-RoutingCorrelationId 3ee077b4-37fe-40f7-acd5-a2f1f8f2c945 Accept-Ranges bytes X-RoutingOfficeCluster weu-000.reverseproxy.onenote.com
GET H/1.1	200 OK	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	167 KB 37 KB	39ms 39ms	Script application/javascript	96.16.147.61 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.16.147.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-147-61.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522 Request headers Referer https://www.onenote.com/ Origin https://www.onenote.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Fri, 17 Jun 2022 17:49:52 GMT Content-Encoding gzip Last-Modified Tue, 17 May 2022 13:30:08 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "070ca39f269d81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 37609
POST H2	200	RemoteUls.ashx Show response www.onenote.com/officeaddins/	0 195 B	35ms 34ms	XHR text/plain	52.109.88.2 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.onenote.com/officeaddins/RemoteUls.ashx Requested by Host: cdn.onenote.net URL: https://cdn.onenote.net/officeaddins/161541340460_Scripts/CommonDiagnostics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff, nosniff Request headers Referer https://www.onenote.com/officeaddins/learningtools/?ui=de-DE&et= X-UserSessionId f24dcf0b-1e59-4ffd-a8cb-9efa2a0133d1 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Content-Type application/json Response headers date Fri, 17 Jun 2022 17:49:51 GMT x-content-type-options nosniff, nosniff x-officeversion 16.0.15413.40460 x-officefe AgavesFrontEnd_IN_5 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" x-buls-suppressionetag N/A content-disposition attachment x-buls-suppressedtags content-length 0 x-routingofficefe ReverseProxyFrontEnd_IN_3 x-routingofficeversion 16.0.15414.40451 x-correlationid 3f88acc9-cd15-4a34-a4dc-0887403570d2 x-officecluster weu-000.appsforoffice.onenote.com x-usersessionid f24dcf0b-1e59-4ffd-a8cb-9efa2a0133d1 x-download-options noopen content-type text/plain x-routingcorrelationid 3f88acc9-cd15-4a34-a4dc-0887403570d2 cache-control private x-routingsessionid f24dcf0b-1e59-4ffd-a8cb-9efa2a0133d1 x-routingofficecluster weu-000.reverseproxy.onenote.com
GET H2	404	telemetryproxy.html Show response telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame BF72	1 KB 1 KB	188ms 41ms	Document text/html	52.109.76.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.76.0 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers Referer https://www.onenote.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 1245 content-type text/html date Fri, 17 Jun 2022 17:49:54 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| Type function| $5 object| Sys object| Diag function| InitializeUls function| FlushBrowserUls function| __extends object| TheUlsHost boolean| EnableClientSideLogging function| $ function| jQuery function| Cookies function| Picker function| GetInstrumentationCategory function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| RedactIfNotebookURL boolean| ScrubbedUserNotebookPathLoggingEnabled number| approximatePageLoadTime number| instrumentationCategory number| furthestScrollDepthPercentage object| clienttelemetry_build object| Microsoft object| sct object| microsoft string| SessionId string| CorrelationId string| InstrumentationCategoryString string| AriaTenantToken string| ClassNotebookApiEndpointRoot boolean| isPlatformTeamsWin32 string| accessTokenCookieName object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| OTel object| CustomFunctionMappings object| CustomFunctions boolean| g_isExpEnabled boolean| g_isOfflineLibrary object| oteljs boolean| IsProductionEnvironment boolean| IsEdogEnvironment boolean| UseV2Api boolean| UseV2ApiWac boolean| SendHtmlChunks boolean| EnableAADC boolean| UseApiForUILanguage function| getLanguageParameter function| getEdgeMajorVersion function| getQueryParameter function| now function| generateGuid function| createSimpleHtml function| loadTableAsync function| processLoadedObjectsRecursivelyAsync function| loadParagraphs function| loadParagraphsRecursivelyAsync function| shouldUseImageDescription function| getImageDescriptionOrOcrData function| getHtmlFromImageOcrData function| getInkWordsAsHtml function| getInkAnalysisText function| loadTextsRecursively function| getPageDataFromHtml function| getPageDataAsHtml function| getPageHtml function| applyParagraphInfo function| sortContentElementsVisually function| loadActivePageContent function| loadMathPaneContent function| handleLoadError function| postPageDataJson function| getOneNoteServiceAuthToken function| getRegionSpecificLearningToolsDomain function| getAppId function| callLearningToolsServiceAsync function| getContentModelAsync function| getReaderModel11Async function| okToLaunch function| launchImmersiveReaderDialog function| launchImmersiveMathReaderDialog function| dialogMessageHandler function| dialogEventHandler function| getCurrentPageData object| Logging function| HostingAppPlatforms object| ErrorReporting string| BrowserUlsUploadPath boolean| agaveRunning undefined| dialogHandler undefined| launchTime boolean| isRichApp boolean| wasLaunchedFromMathPane undefined| ltSessionId object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry object| AriaLogger

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
appsforoffice.microsoft.com
cdn.onenote.net
telemetryservice.firstpartyapps.oaspapps.com
www.onenote.com
152.199.19.160
2a02:26f0:ef:2a3::611
52.109.76.0
52.109.88.2
96.16.147.61
2882bf4b22d0ad63e6f8877eb5c22353921e8c87b197911462933b7d1a7a44b8
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
365009220d893f07b356c7f253cecd5a9f7e06d6207a3dd7a148fc73812b4fe6
4887f29596d03ce92a0dcbc9fcd7277506141ab7dc2136119e221450f059b4d4
60f37ce966440ca57e233756476cff9ed52a8177bbdf77b5cee321d12a0d6d94
7337ed6220111758e61f3be5060ae9a807d83edf05d5f7cc92b0b85e34a5fef3
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a2db1c05378e1447f67807b5615df5098c665ae67f68b818840ae0d650d51924
b5491c90bcf1cfc3ab780806b664a2efd60c6a2c23d76ad47ec8bfaf96ddcec9
bd0dd2b15855be52cba496cc6e8f0ff65fbba6addba92282e53ceca6b27bfcc9
c459ec1608d98a847ab4c83723e1c4b2dc6e58a7006d5566c529a93113c2ee62
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855