urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
52.109.88.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.office.com/?qs=f0b5f3dddb500d887e10b6ac3ec5559b937cfb538a64128a215e1e3446573432aa9128e654ad50499a36f661d895...
Effective URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Submission: On February 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 52.109.88.2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com.
TLS certificate: Issued by Microsoft IT TLS CA 4 on February 4th 2020. Valid for: 2 years.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.245.89.166 22606 (EXACT-7)
2 3 52.109.88.2 8075 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
20 23.38.49.25 20940 (AKAMAI-ASN1)
1 152.199.19.160 15133 (EDGECAST)
1 52.109.88.5 8075 (MICROSOFT...)
25 5
1    198.245.89.166 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.office.com
click.email.office.com
3    52.109.88.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.onenote.com
2    2a02:26f0:6c00:286::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
uhf.microsoft.com
20    23.38.49.25 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-49-25.deploy.static.akamaitechnologies.com
site-cdn.onenote.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    52.109.88.5 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
Domain Requested by
20 site-cdn.onenote.net www.onenote.com
3 www.onenote.com 2 redirects
2 uhf.microsoft.com www.onenote.com
1 odc.officeapps.live.com site-cdn.onenote.net
1 ajax.aspnetcdn.com www.onenote.com
1 click.email.office.com 1 redirects
25 6
Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft IT TLS CA 4		 2020-02-04 -
2022-02-04		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2019-04-30 -
2021-04-30		 2 years crt.sh
site-cdn.onenote.net
Microsoft IT TLS CA 1		 2018-03-13 -
2020-03-12		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
odc.officeapps.live.com
Microsoft IT TLS CA 4		 2019-09-24 -
2021-09-24		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Frame ID: 9CF533F172C0414AD9F0DABB48268311
Requests: 24 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: E018E0B99337293DCC3F07B5EDDBB0D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.email.office.com/?qs=f0b5f3dddb500d887e10b6ac3ec5559b937cfb538a64128a215e1e3446573432aa9128e6... HTTP 302
    http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 301
    https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 302
    https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings Page URL

Page Statistics

25
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

132 kB
Transfer

383 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.office.com/?qs=f0b5f3dddb500d887e10b6ac3ec5559b937cfb538a64128a215e1e3446573432aa9128e654ad50499a36f661d895312c2d61afd1bb7c9c32b1ded2fc0fce1c42 HTTP 302
    http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 301
    https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 302
    https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hrd
www.onenote.com/
Redirect Chain
  • https://click.email.office.com/?qs=f0b5f3dddb500d887e10b6ac3ec5559b937cfb538a64128a215e1e3446573432aa9128e654ad50499a36f661d895312c2d61afd1bb7c9c32b1ded2fc0fce1c42
  • http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2
  • https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2
  • https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
137dd9b61d8013368d5c61d302e00d3465c0001adb302276e5d7b9714d0d1fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.onenote.com
:scheme
https
:path
/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_16
x-routingofficeversion
16.0.12618.31558
x-routingsessionid
1965a44a-e854-40bc-b19f-429bd8564226
x-routingcorrelationid
da8ef528-8a5a-4b84-a65f-920b37d29fd9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control; expires=Tue, 22-Feb-2022 21:19:20 GMT; path=/; secure; HttpOnly AuthSess=b407990d-f848-4e3a-bce0-7ebf11fd0c90; domain=www.onenote.com; path=/; samesite=none; secure; HttpOnly AADNonce=2680615d-0fa5-44e7-8dd1-be65bcf6a092.637180031604339205; domain=onenote.com; path=/; samesite=none; secure; HttpOnly
x-correlationid
da8ef528-8a5a-4b84-a65f-920b37d29fd9
x-usersessionid
1965a44a-e854-40bc-b19f-429bd8564226
x-officefe
SiteFrontEnd_IN_2
x-officeversion
16.0.12618.31558
x-officecluster
neu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Sat, 22 Feb 2020 21:19:19 GMT
content-length
5118

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
location
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_16
x-routingofficeversion
16.0.12618.31558
x-routingsessionid
29aa416b-602d-4bbc-9372-1acd4545b4b0
x-routingcorrelationid
00d27766-c9db-4dea-85af-1b6f82f3cd7f
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control; expires=Tue, 22-Feb-2022 21:19:20 GMT; path=/; secure; HttpOnly
x-correlationid
00d27766-c9db-4dea-85af-1b6f82f3cd7f
x-usersessionid
29aa416b-602d-4bbc-9372-1acd4545b4b0
x-officefe
SiteFrontEnd_IN_6
x-officeversion
16.0.12618.31558
x-officecluster
neu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnetmvc-version
5.2
x-frame-options
DENY
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Sat, 22 Feb 2020 21:19:19 GMT
content-length
161
mscc-0.4.2.min.js
uhf.microsoft.com/mscc/statics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 22 Feb 2020 21:19:20 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
AO6kLOW8s6NiicKEPl74tA==
access-control-allow-origin
*
etag
0x8D795E59EC908A0
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
x-ms-request-id
19444eb6-301e-0073-77fd-c7635b000000
x-ms-version
2009-09-19
content-length
2017
mscc-0.4.2.min.css
uhf.microsoft.com/mscc/statics/ 		1 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 22 Feb 2020 21:19:20 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QLyM0qNPDXd6ayzd1iIoLA==
access-control-allow-origin
*
etag
0x8D795E5A424E059
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
x-ms-request-id
12ad0bfa-b01e-000f-1afd-c7fe6e000000
x-ms-version
2009-09-19
content-length
626
SharedHeader.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/SharedHeader.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
6de6b5a2-dce5-43a1-a4d2-a53db7999c25
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2849
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
6de6b5a2-dce5-43a1-a4d2-a53db7999c25
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268423
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
OfficeBrowserFeedback.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/OfficeBrowserFeedback.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
38534817-92ec-4fc0-9ee9-f571d3f9cfd6
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2023
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
38534817-92ec-4fc0-9ee9-f571d3f9cfd6
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268422
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
ondchome_cluster.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/ondchome_cluster.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
353543a5-736c-4f8a-9805-c3928b0e05a7
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
936
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
353543a5-736c-4f8a-9805-c3928b0e05a7
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268383
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
SiteIntl.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		71 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/SiteIntl.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
81fe2877-8729-4ff9-a8e2-454a1388cdac
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6365
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
81fe2877-8729-4ff9-a8e2-454a1388cdac
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268459
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
Shared.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/Shared.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
3cd303ff-7a3f-403f-8e25-0dd7275a127b
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2851
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
3cd303ff-7a3f-403f-8e25-0dd7275a127b
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268386
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
Hrd.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		1023 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/Hrd.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
19f06c34-94fd-4ba2-a79c-dc4f6b93fa41
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
453
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
19f06c34-94fd-4ba2-a79c-dc4f6b93fa41
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268422
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
SharedHeaderOverrides.css
site-cdn.onenote.net/161261831558_Styles/en-US/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/SharedHeaderOverrides.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
style

Response headers

X-CorrelationId
4583cf6c-2383-4cf5-8ec3-77d6dcf7fe3e
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
546
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
4583cf6c-2383-4cf5-8ec3-77d6dcf7fe3e
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31268422
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
App_Switcher_Waffle.50x50x32.png
site-cdn.onenote.net/161261831558_Images/en-US/ 		203 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/en-US/App_Switcher_Waffle.50x50x32.png?b=1601261710000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
c3dacb6a-ab59-4177-8f64-25f6b47c7c28
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
203
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
c3dacb6a-ab59-4177-8f64-25f6b47c7c28
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268391
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
odc_onenoteheaderlogo.135x40x32.png
site-cdn.onenote.net/161261831558_Images/en-US/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/en-US/odc_onenoteheaderlogo.135x40x32.png?b=1601261710000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
b4dc6a30-59ec-4fd8-96eb-cd8486ae91ea
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1356
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
b4dc6a30-59ec-4fd8-96eb-cd8486ae91ea
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268378
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
OneNoteLogoMobile2.22x22.png
site-cdn.onenote.net/161261831558_Images/ 		706 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/OneNoteLogoMobile2.22x22.png?
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
749615e0-454b-4c8c-b8a5-4536d78bf1b5
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
706
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
749615e0-454b-4c8c-b8a5-4536d78bf1b5
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268396
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
feedback.png
site-cdn.onenote.net/161261831558_Images/ 		804 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/feedback.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
a94f5740-339f-4672-8754-ce7db43e0c1c
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
804
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
a94f5740-339f-4672-8754-ce7db43e0c1c
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268402
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
wapsw.png
site-cdn.onenote.net/161261831558_Images/en-US/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/en-US/wapsw.png?b=1601261710000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
8119f59f-3897-448b-a003-f27309e1e6ab
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5884
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
8119f59f-3897-448b-a003-f27309e1e6ab
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268423
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
Globe_Light.20x20x32.png
site-cdn.onenote.net/161261831558_Images/en-US/ 		504 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Images/en-US/Globe_Light.20x20x32.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
df11f0ce-63fb-4519-b96f-577104bfe154
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
504
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
df11f0ce-63fb-4519-b96f-577104bfe154
ETag
"046db46a7e6d51:0"
Content-Type
image/png
Cache-Control
public, max-age=31268368
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
jquery-1.12.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B0B) /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

date
Sat, 22 Feb 2020 21:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21003531
x-cache
HIT
status
200
content-length
33920
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:51 GMT
server
ECAcc (ama/8B0B)
etag
"804fc05cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
CommonDiagnostics.js
site-cdn.onenote.net/161261831558_Scripts/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f4507dabd0d4c81b4eff73f0369361ce27ec6bc85a7d3f7e63a4dc8b3215fbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
4b77b08b-eaea-48f9-bbdb-389fa470bc80
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9500
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
4b77b08b-eaea-48f9-bbdb-389fa470bc80
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31268335
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
DefaultSignIn.min.js
site-cdn.onenote.net/161261831558_Scripts/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
0aa63904-d35d-41b6-984d-a98340ddb1bd
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3461
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
0aa63904-d35d-41b6-984d-a98340ddb1bd
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31268335
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
home.js
site-cdn.onenote.net/161261831558_Scripts/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Scripts/home.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76d4225989e5ab3460b54ed02ef77eb7e61530a2bb239d6120f841b5fea1df65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
9f5c002f-1571-4c54-b3c5-54146f11a018
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6313
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
9f5c002f-1571-4c54-b3c5-54146f11a018
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31268464
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
Hrd.js
site-cdn.onenote.net/161261831558_Scripts/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Scripts/Hrd.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
084c9755-4517-4abd-822e-87d06a9708f5
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
10024
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
084c9755-4517-4abd-822e-87d06a9708f5
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31268422
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
cookiecompliance.js
site-cdn.onenote.net/161261831558_Scripts/ 		725 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Scripts/cookiecompliance.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
6754b73e-83a3-49fb-970c-3243ad33d08c
Date
Sat, 22 Feb 2020 21:19:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
357
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
6754b73e-83a3-49fb-970c-3243ad33d08c
ETag
"046db46a7e6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31268422
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
segoeuil.woff
site-cdn.onenote.net/161261831558_Styles/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161261831558_Styles/segoeuil.woff
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://site-cdn.onenote.net/161261831558_Styles/en-US/SiteIntl.css
Origin
https://www.onenote.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

X-CorrelationId
9dcf1010-9eda-4ec0-9ea5-e0c0652c437e
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22204
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
9dcf1010-9eda-4ec0-9ea5-e0c0652c437e
ETag
"046db46a7e6d51:0"
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=31269449
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558
hrd
odc.officeapps.live.com/odc/v2.0/ Frame E018 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161261831558_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
odc.officeapps.live.com
:scheme
https
:path
/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
iframe
Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/10.0
x-correlationid
4214f7dc-9346-40b2-86c4-3052de48010c
x-usersessionid
4214f7dc-9346-40b2-86c4-3052de48010c
x-officefe
OdcFrontEnd_IN_47
x-officeversion
16.0.12617.30550
x-officecluster
weu-odc.officeapps.live.com
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-ua-compatible
IE=11
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Sat, 22 Feb 2020 21:19:20 GMT
content-length
9886
progress.gif
site-cdn.onenote.net/161261831558_Styles/en-US/ 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161261831558_Styles/en-US/progress.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.49.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-49-25.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://site-cdn.onenote.net/161261831558_Styles/en-US/SharedHeader.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest
image

Response headers

X-CorrelationId
94a0be11-9850-4ad1-8cfb-5d16c6910274
Date
Sat, 22 Feb 2020 21:19:20 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 18 Feb 2020 22:03:40 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
94a0be11-9850-4ad1-8cfb-5d16c6910274
ETag
"046db46a7e6d51:0"
Content-Type
image/gif
Cache-Control
public, max-age=31268423
Accept-Ranges
bytes
X-OfficeVersion
16.0.12618.31558

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mscc string| SessionId string| CorrelationId string| NotebooksIndexURL function| calculatePageLoadTime function| $ function| jQuery function| Type function| $6 object| Sys object| Diag string| g_msaReturnUrl string| g_orgIdReturnUrl string| g_signupUrl string| g_msaPasswordResetUrl string| g_msaLoginUrl string| g_hrdIframeUrl string| g_orgIdLoginUrl string| g_authType string| g_fullScreenHrd object| g_hrdOverride boolean| g_useNewRedirectUrlOverride number| g_preferredIdpForDefaultSignIn string| g_appId boolean| g_defaultSignInEnabled boolean| g_defaultSignInFixEnabled string| g_defaultSignInAadHost string| OrigRefCookieName string| OrigRefCookieValue object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog boolean| msaFedEnabled function| getAccount function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader string| g_rootDomain function| DismissPopupBanner function| GetRootDomain function| CreateCookie undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp boolean| g_persistentDialog object| g_hrdTimeout function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn object| g_defaultSignInTimeout function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| SetWarmupFrameUrl number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml object| Feedback object| OfficeBrowserFeedback function| GetOSPlatform function| InitializeUls function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| LogElapsedTimeOnPage function| InsertAdditionalBeforeUnloadFunction function| OnUnloadingPage function| FlushBrowserUls function| FlushUlsAsynchronous function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| SaveOrigRefThenShowSignInControl object| Utils object| OSPlatform string| _osPlatform undefined| ClipperIndexURL object| Common function| __extends string| TelemetryClickableClass object| TheUlsHost number| furthestScrollDepthPercentage function| RecordPageLoadTime number| PageStartLoadTime string| ulsCategoryStringSetInCshtml object| additionalBeforeUnloadFunctions undefined| _onBeforePageUnloadCalled object| jQuery11200729264128273774 string| CookieBanner function| getCookieBanner function| addCookieComplianceBanner function| adjustHeaderHeight

4 Cookies

Domain/Path Name / Value
.onenote.com/ Name: AADNonce
Value: 2680615d-0fa5-44e7-8dd1-be65bcf6a092.637180031604339205
.www.onenote.com/ Name: AuthSess
Value: b407990d-f848-4e3a-bce0-7ebf11fd0c90
www.onenote.com/ Name: OrigRef
Value: Uri=https%3a%2f%2fwww.onenote.com%2fhrd%3fReturnUrl%3dhttps%3a%252f%252fwww.onenote.com%252fEmailSettings
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Disabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
click.email.office.com
odc.officeapps.live.com
site-cdn.onenote.net
uhf.microsoft.com
www.onenote.com
152.199.19.160
198.245.89.166
23.38.49.25
2a02:26f0:6c00:286::2b57
52.109.88.2
52.109.88.5
0f4507dabd0d4c81b4eff73f0369361ce27ec6bc85a7d3f7e63a4dc8b3215fbe
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
137dd9b61d8013368d5c61d302e00d3465c0001adb302276e5d7b9714d0d1fef
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
76d4225989e5ab3460b54ed02ef77eb7e61530a2bb239d6120f841b5fea1df65
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756