Submitted URL: https://cremoco-my.sharepoint.com/:o:/g/personal/katie_cremocompany_com/EjuGW_SDi5VHsm_TC1G023YBA79QKq7_LM3Gbvheq-p9iw?e=zNseFc
Effective URL: https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Tags: phishing malicious
Submission: On March 26 via api from US

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 19 HTTP transactions.
The main IP is 13.107.136.9, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cremoco-my.sharepoint.com.
TLS certificate: Issued by Microsoft IT TLS CA 4 on January 21st 2020. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.107.136.9 8068 (MICROSOFT...)
8 2a02:26f0:170... 20940 (AKAMAI-ASN1)
5 23.55.161.135 20940 (AKAMAI-ASN1)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
2 13.73.26.107 8075 (MICROSOFT...)
19 5
Domain
Subdomains
Transfer
8 office.net
252 KB
5 akamaihd.net
254 KB
3 live.com
868 B
2 microsoft.com
794 B
2 sharepoint.com
17 KB
19 5
Domain Requested by
8 c1-onenote-15.cdn.office.net cremoco-my.sharepoint.com
c1-onenote-15.cdn.office.net
5 spoprod-a.akamaihd.net cremoco-my.sharepoint.com
spoprod-a.akamaihd.net
3 onenote.officeapps.live.com c1-onenote-15.cdn.office.net
2 browser.pipe.aria.microsoft.com spoprod-a.akamaihd.net
2 cremoco-my.sharepoint.com 1 redirects
19 5

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.sharepoint.com
Microsoft IT TLS CA 4
2020-01-21 -
2022-01-21
2 years
*.cdn.office.net
Microsoft IT TLS CA 1
2019-10-31 -
2021-10-31
2 years
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2019-08-13 -
2020-08-12
a year
officeapps.live.com
Microsoft IT TLS CA 1
2020-02-18 -
2022-02-18
2 years
*.events.data.microsoft.com
Microsoft IT TLS CA 4
2019-10-10 -
2021-10-10
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers microsoftsharepointteamservices /^(.+)$/i
  • headers sprequestguid /(?:)/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFs...
/personal/katie_cremocompany_com/_layouts/15
Redirect Chain
  • https://cremoco-my.sharepoint.com/:o:/g/personal/katie_cremocompany_com/EjuGW_SDi5VHsm_TC1G023YBA79QKq7_LM3Gbvheq-p9iw?e=zNseFc
  • https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698...
50 KB
16 KB
Document
General
Full URL
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.136.9 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7ba89806b05f424696ae2a41cc6890016efa6918588954bdf8694d45c98cd442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cremoco-my.sharepoint.com
:scheme
https
:path
/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjYsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNTliZjRiNDliNzZkNjVkN2RmN2RlNmU4ZGNkNmU2OTRlOGQ0OTZiNzA4MTk3MTMwNTkzZWI1OTBhMjVkMGI2NiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM1OWJmNGI0OWI3NmQ2NWQ3ZGY3ZGU2ZThkY2Q2ZTY5NGU4ZDQ5NmI3MDgxOTcxMzA1OTNlYjU5MGEyNWQwYjY2LDEzMjI5Njg0MzI4MDAwMDAwMCwwLDEzMjI5NzcwNDI4NDU4MDQ3MCwwLjAuMC4wLDI1OCxjYjlmZmE1Ny1lODFiLTRmOWEtYTQ3Ni1kZTY4OTk5YzU4ZjAsLCw0NjgxNDI5Zi1lMDM3LTAwMDAtNTRiMy0zYmJkOGRlMjI2OTgsNDY4MTQyOWYtZTAzNy0wMDAwLTU0YjMtM2JiZDhkZTIyNjk4LGx4Q1I4VjN6dVUrM0ErQTZ6bmphc0EsMCwwLDAsLCwsUXVPayszZUR5bzhOMFlTaEdkSEE0V3Vvc3Nxem0xQUp4OVRLVTJPOVp5L0MvSjVIbll4YW4xdnpUWHZSMElLd2RFcWFyQ1lrS0JvK2hsajVHT1UvemM0bFBmUUczQklrRTgwUktsZngzbmhLNFRja2NpclMrMnNwM1BMY0tpSE9CeEQxbEtKaURyblMvMHZqS2s2bGhVa0MvZUgyU3Vpb29Ocy9GdEx0QUVxMDBpMkY5d2NvdTJWSWZ0UGNyMnloZE1DMldYTHlqMk1ETGFXVlRJclA0QnlKQjFvTlF0SHhxNHhBWThSSWRTQmdvMGJaTkZzUVJYOW1zMnN6NWhlaDJXa0R4RGZEWkVjYVBaaXhvNlR4bDBMWGw1NEI5RDlzdGdsWEE4SzhIbFRTQXpodmF6N2ZVMmpGbHk5U0o1VVZMWFJ3VkVJaFQwYWNYYWcxZ0V6ZURnPT08L1NQPg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-length
15502
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie
FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjYsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNTliZjRiNDliNzZkNjVkN2RmN2RlNmU4ZGNkNmU2OTRlOGQ0OTZiNzA4MTk3MTMwNTkzZWI1OTBhMjVkMGI2NiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM1OWJmNGI0OWI3NmQ2NWQ3ZGY3ZGU2ZThkY2Q2ZTY5NGU4ZDQ5NmI3MDgxOTcxMzA1OTNlYjU5MGEyNWQwYjY2LDEzMjI5Njg0MzI4MDAwMDAwMCwwLDEzMjI5NzcwNDI4NDU4MDQ3MCwwLjAuMC4wLDI1OCxjYjlmZmE1Ny1lODFiLTRmOWEtYTQ3Ni1kZTY4OTk5YzU4ZjAsLCw0NjgxNDI5Zi1lMDM3LTAwMDAtNTRiMy0zYmJkOGRlMjI2OTgsNDY4MTQyOWYtZTAzNy0wMDAwLTU0YjMtM2JiZDhkZTIyNjk4LGx4Q1I4VjN6dVUrM0ErQTZ6bmphc0EsMCwwLDAsLCwsUXVPayszZUR5bzhOMFlTaEdkSEE0V3Vvc3Nxem0xQUp4OVRLVTJPOVp5L0MvSjVIbll4YW4xdnpUWHZSMElLd2RFcWFyQ1lrS0JvK2hsajVHT1UvemM0bFBmUUczQklrRTgwUktsZngzbmhLNFRja2NpclMrMnNwM1BMY0tpSE9CeEQxbEtKaURyblMvMHZqS2s2bGhVa0MvZUgyU3Vpb29Ocy9GdEx0QUVxMDBpMkY5d2NvdTJWSWZ0UGNyMnloZE1DMldYTHlqMk1ETGFXVlRJclA0QnlKQjFvTlF0SHhxNHhBWThSSWRTQmdvMGJaTkZzUVJYOW1zMnN6NWhlaDJXa0R4RGZEWkVjYVBaaXhvNlR4bDBMWGw1NEI5RDlzdGdsWEE4SzhIbFRTQXpodmF6N2ZVMmpGbHk5U0o1VVZMWFJ3VkVJaFQwYWNYYWcxZ0V6ZURnPT08L1NQPg==; path=/; SameSite=None; secure; HttpOnly
x-sharepointhealthscore
0
x-aspnet-version
4.0.30319
sprequestguid
4681429f-d04f-0000-5d4f-b90682bf3e24
request-id
4681429f-d04f-0000-5d4f-b90682bf3e24
ms-cv
n0KBRk/QAABdT7kGgr8+JA.0
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
sprequestduration
103
spiislatency
1
x-powered-by
ASP.NET
microsoftsharepointteamservices
16.0.0.19911
x-content-type-options
nosniff
x-ms-invokeapp
1; RequireReadOnly
x-msedge-ref
Ref A: 513BF77F932942599324377214EA2CF5 Ref B: LON21EDGE0514 Ref C: 2020-03-26T08:13:48Z
date
Thu, 26 Mar 2020 08:13:48 GMT

Redirect headers

status
302
cache-control
private
content-length
567
content-type
text/html; charset=utf-8
location
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie
FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjYsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNTliZjRiNDliNzZkNjVkN2RmN2RlNmU4ZGNkNmU2OTRlOGQ0OTZiNzA4MTk3MTMwNTkzZWI1OTBhMjVkMGI2NiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM1OWJmNGI0OWI3NmQ2NWQ3ZGY3ZGU2ZThkY2Q2ZTY5NGU4ZDQ5NmI3MDgxOTcxMzA1OTNlYjU5MGEyNWQwYjY2LDEzMjI5Njg0MzI4MDAwMDAwMCwwLDEzMjI5NzcwNDI4NDU4MDQ3MCwwLjAuMC4wLDI1OCxjYjlmZmE1Ny1lODFiLTRmOWEtYTQ3Ni1kZTY4OTk5YzU4ZjAsLCw0NjgxNDI5Zi1lMDM3LTAwMDAtNTRiMy0zYmJkOGRlMjI2OTgsNDY4MTQyOWYtZTAzNy0wMDAwLTU0YjMtM2JiZDhkZTIyNjk4LGx4Q1I4VjN6dVUrM0ErQTZ6bmphc0EsMCwwLDAsLCwsUXVPayszZUR5bzhOMFlTaEdkSEE0V3Vvc3Nxem0xQUp4OVRLVTJPOVp5L0MvSjVIbll4YW4xdnpUWHZSMElLd2RFcWFyQ1lrS0JvK2hsajVHT1UvemM0bFBmUUczQklrRTgwUktsZngzbmhLNFRja2NpclMrMnNwM1BMY0tpSE9CeEQxbEtKaURyblMvMHZqS2s2bGhVa0MvZUgyU3Vpb29Ocy9GdEx0QUVxMDBpMkY5d2NvdTJWSWZ0UGNyMnloZE1DMldYTHlqMk1ETGFXVlRJclA0QnlKQjFvTlF0SHhxNHhBWThSSWRTQmdvMGJaTkZzUVJYOW1zMnN6NWhlaDJXa0R4RGZEWkVjYVBaaXhvNlR4bDBMWGw1NEI5RDlzdGdsWEE4SzhIbFRTQXpodmF6N2ZVMmpGbHk5U0o1VVZMWFJ3VkVJaFQwYWNYYWcxZ0V6ZURnPT08L1NQPg==; path=/; SameSite=None; secure; HttpOnly
x-sharepointhealthscore
3
x-aspnet-version
4.0.30319
sprequestguid
4681429f-e037-0000-54b3-3bbd8de22698
request-id
4681429f-e037-0000-54b3-3bbd8de22698
ms-cv
n0KBRjfgAABUszu9jeImmA.0
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
sprequestduration
216
spiislatency
2
x-powered-by
ASP.NET
microsoftsharepointteamservices
16.0.0.19911
x-content-type-options
nosniff
x-ms-invokeapp
1; RequireReadOnly
x-msedge-ref
Ref A: 1A95D9A8741947B5B79E21DFE7CBC6FE Ref B: LON21EDGE0514 Ref C: 2020-03-26T08:13:48Z
date
Thu, 26 Mar 2020 08:13:48 GMT
onenote-boot.min.js
c1-onenote-15.cdn.office.net/o/s/App_Scripts
78 KB
19 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Requested by
Host: cremoco-my.sharepoint.com
URL: https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e841ca295e56bd8946b40c9785e05b1ed7ac67b8ec1cda0d69a20dc52330921c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-CorrelationId
8702f5d1-6086-45af-9869-8cf8f50108e6
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF00000349
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF00002409
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
18012
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 12:00:58 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
8702f5d1-6086-45af-9869-8cf8f50108e6
ETag
"717559e465f8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-MSEdge-Ref
Ref A: 563FA8F0E86D4B2DB2EA513CA895FA00 Ref B: AMS04EDGE0916 Ref C: 2020-03-24T09:02:38Z
Timing-Allow-Origin
*
Expires
Tue, 24 Mar 2020 09:32:38 GMT
require-27b91a71.js
spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001
100 KB
26 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/require-27b91a71.js
Requested by
Host: cremoco-my.sharepoint.com
URL: https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.55.161.135 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-55-161-135.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7818222b3734a692d225a0fa133fc283fd7a9443027f2964ccd2ad57a3daabc8

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 Mar 2020 08:13:48 GMT
content-encoding
gzip
content-md5
J7kacVjF1u+laCh/TQ7y3g==
status
200
content-length
25843
x-ms-lease-status
unlocked
last-modified
Fri, 20 Mar 2020 08:11:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7CCA644FFB59B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5242efb3-401e-0035-1254-01b387000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31322195
x-ms-version
2009-09-19
timing-allow-origin
*
common.min.js
c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts
387 KB
96 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts/common.min.js
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
65b620dbbc63a8407f541d4335ed7b4e648346e535780efc9adc808645d36171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
84f923f2-cc21-4bd1-9b60-e621573da5bf
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF000018EA
X-OfficeVersion
16.0.12702.31725
X-OfficeFE
AM4PEPF0000240F
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
97546
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 09:50:08 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
84f923f2-cc21-4bd1-9b60-e621573da5bf
ETag
W/"d71f4c9d53f8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: 7967E4D1EECA4352A0FC932CE623DCF3 Ref B: AM3EDGE0907 Ref C: 2020-03-12T09:50:08Z
Timing-Allow-Origin
*
wacBoot.min.js
c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts
47 KB
11 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts/wacBoot.min.js
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
faa59d2263125cbce081574dd1af36392065e9820c5aa95b099ff1af149047d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
cbcfbeb8-e4db-455e-a715-980783467237
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF00002C9C
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF0000240F
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
10595
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 10:22:43 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
cbcfbeb8-e4db-455e-a715-980783467237
ETag
"cf3af72a58f8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: E0B05654D2F340DCA539A72F166F648D Ref B: AM3EDGE0605 Ref C: 2020-03-21T19:02:39Z
Timing-Allow-Origin
*
onenoteSync.min.js
c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts
114 KB
30 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts/onenoteSync.min.js
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
6eb234b71386b0eaa503030d97dffaffebcfa677b96a73f2d5622b3eb2102680
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
1ab642f8-0b53-4224-94ea-d41c4dc3b6f0
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF00003734
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF0000240B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
29592
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 12:34:06 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
1ab642f8-0b53-4224-94ea-d41c4dc3b6f0
ETag
"cf9c38856af8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: 6DBEFB9C83C64D878497F55BB198EA21 Ref B: AM3EDGE0908 Ref C: 2020-03-25T00:15:11Z
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts
105 KB
24 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts/MicrosoftAjax.js
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
f15df6f7-34cf-49fd-becd-56e8ce7565cc
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF00001E2F
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF0000240C
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
23506
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 12:33:35 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
f15df6f7-34cf-49fd-becd-56e8ce7565cc
ETag
"fd98b0726af8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: 810D4A7979C049A5982297ED39346CDB Ref B: AM3EDGE0114 Ref C: 2020-03-15T21:08:26Z
Timing-Allow-Origin
*
jSanity.js
c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts
11 KB
4 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_App_Scripts/jSanity.js
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
cf8e38af39f430eabdce3ce75277990346a5127907562ee3f30640aba82e9798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
c93ec7fb-7119-48b9-baa4-d3fd1fd79cb9
Strict-Transport-Security
max-age=31536000
Content-Encoding
br
X-OFFICEFD
AM4PEPF0000033D
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF0000240F
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
3414
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 10:22:31 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
c93ec7fb-7119-48b9-baa4-d3fd1fd79cb9
ETag
"42ba5d2358f8d51:0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: E687A56747204FF5BA34E6BB059666DA Ref B: AMS04EDGE0808 Ref C: 2020-03-24T21:52:42Z
Timing-Allow-Origin
*
EditSurface.css
c1-onenote-15.cdn.office.net/o/s/161270431679_resources/1033
24 KB
6 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_resources/1033/EditSurface.css
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
069f8344c8f2a665e732151f746834f6cd8495ea4085a0625cbdcde123b49e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
459ca01f-e440-4a5c-9271-dbb1bfb10aa5
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-OFFICEFD
AM4PEPF00003278
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF00002407
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
4853
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 11:27:42 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
459ca01f-e440-4a5c-9271-dbb1bfb10aa5
ETag
"0cb6a3e61f8d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: 57A9CC246FDB4C7B8CF128E9AD8615DC Ref B: AMS04EDGE0516 Ref C: 2020-03-15T22:03:44Z
Timing-Allow-Origin
*
OneNote.css
c1-onenote-15.cdn.office.net/o/s/161270431679_resources/1033
395 KB
63 KB
Script
General
Full URL
https://c1-onenote-15.cdn.office.net/o/s/161270431679_resources/1033/OneNote.css
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:19d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
4bb9243dc57095c65ff26066134667df14b6d2a3c6afbcf06963c319c254df2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CorrelationId
1eeb6829-524f-44ea-aab0-ff3c27bfb92e
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-OFFICEFD
AM4PEPF00000349
X-OfficeVersion
16.0.12704.31679
X-OfficeFE
AM4PEPF00002405
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Date
Thu, 26 Mar 2020 08:13:48 GMT
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest
Content-Length
63086
Accept-Ranges
bytes
X-MSEdge-Features
tasmigration015,typeheadertest
Last-Modified
Thu, 12 Mar 2020 09:49:37 GMT
X-OfficeCluster
NL3
X-CCR
true
X-UserSessionId
1eeb6829-524f-44ea-aab0-ff3c27bfb92e
ETag
"80eaf8a53f8d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
X-MSEdge-Ref
Ref A: 6559CA76CEE94FA19CDEE19C854F4806 Ref B: AM3EDGE0119 Ref C: 2020-03-15T22:03:54Z
Timing-Allow-Origin
*
onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fcremoco-my.sharepoint.com%2Fpersonal%2Fkatie_cremocompany_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Ff45b863b8b834795b26fd30b51b4db76&wdena...
onenote.officeapps.live.com/o
0
0
Document
General
Full URL
https://onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fcremoco-my.sharepoint.com%2Fpersonal%2Fkatie_cremocompany_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Ff45b863b8b834795b26fd30b51b4db76&wdenableroaming=1&mscc=0&wdodb=1&hid=4681429F-D04F-0000-5D4F-B90682BF3E24&wdorigin=Sharing&jsapi=1&newsession=1&corrid=3735d18b-62aa-4010-b062-c9d3c4e6ff87&usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87&readonly=1&wdredirectionreason=Force_SingleStepBoot
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
onenote.officeapps.live.com
:scheme
https
:path
/o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2Fcremoco-my.sharepoint.com%2Fpersonal%2Fkatie_cremocompany_com%2F_vti_bin%2Fwopi.ashx%2Ffolders%2Ff45b863b8b834795b26fd30b51b4db76&wdenableroaming=1&mscc=0&wdodb=1&hid=4681429F-D04F-0000-5D4F-B90682BF3E24&wdorigin=Sharing&jsapi=1&newsession=1&corrid=3735d18b-62aa-4010-b062-c9d3c4e6ff87&usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87&readonly=1&wdredirectionreason=Force_SingleStepBoot
content-length
4776
pragma
no-cache
cache-control
no-cache
origin
https://cremoco-my.sharepoint.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://cremoco-my.sharepoint.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Fri, 26-Jun-2020 08:13:48 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid
3735d18b-62aa-4010-b062-c9d3c4e6ff87
x-usersessionid
3735d18b-62aa-4010-b062-c9d3c4e6ff87
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-ccr
true
x-officefe
AM4PEPF000031F2
x-officeversion
16.0.12704.31679
x-officecluster
NL3
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-onenote-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net content.lifecycle.office.net www.microsoft.com c.s-microsoft.com *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-onenote-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com 'self' https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /o/reportcsp.ashx
x-officefd
AM4PEPF00000340
origin-trial
Ah7bununCmo22ZxYQz9dBtHY4IRjg+KB847dDtuet18i8kuf3RvELsQ/X0/lwWCDCzDTuRSVKyx3iW6GSPPDsQcAAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTU4NjEwNTA0OCwiaXNTdWJkb21haW4iOnRydWV9
x-msedge-ref
Ref A: 90C5815B9115474C822F3AD72F1E4A30 Ref B: AM3EDGE0920 Ref C: 2020-03-26T08:13:48Z
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest
x-msedge-features
tasmigration015,typeheadertest
date
Thu, 26 Mar 2020 08:13:48 GMT
RemoteUls.ashx?usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87
onenote.officeapps.live.com/o
0
677 B
XHR
General
Full URL
https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
NL3
x-officeversion
16.0.12704.31679
x-officefe
AM4PEPF00002405
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest
content-length
0
x-msedge-features
tasmigration015,typeheadertest
x-correlationid
8ddd29f4-e543-41df-b968-8e807adfe6ca
x-officefd
AM4PEPF000039E6
x-ccr
true
x-usersessionid
3735d18b-62aa-4010-b062-c9d3c4e6ff87
date
Thu, 26 Mar 2020 08:13:48 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://cremoco-my.sharepoint.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
x-msedge-ref
Ref A: C2D8E1592E58454EAED2AF63E6BE96EF Ref B: AMS04EDGE0419 Ref C: 2020-03-26T08:13:48Z
timing-allow-origin
*
wachost-379599b5.js
spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001
689 KB
175 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/wachost-379599b5.js
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/require-27b91a71.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.55.161.135 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-55-161-135.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
888fcfdc53794bc3eb71d6c436da8497b05b77dfcc066d86790acc7a82ce9718

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 Mar 2020 08:13:49 GMT
content-encoding
gzip
content-md5
N5WZtZY2niBMeWyqrYAdOQ==
status
200
content-length
177865
x-ms-lease-status
unlocked
last-modified
Fri, 20 Mar 2020 08:11:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7CCA6463E898E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5242f080-401e-0035-4754-01b387000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31322194
x-ms-version
2009-09-19
timing-allow-origin
*
react-ce5e44c3.js
spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001
117 KB
39 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/react-ce5e44c3.js
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/require-27b91a71.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.55.161.135 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-55-161-135.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
60791846f899187d7225e8e339cb01f7d0fe5eb7e5903b1bf6a63d19f38e1ebe

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 Mar 2020 08:13:49 GMT
content-encoding
gzip
content-md5
zl5Ew+kNL6DjoE1Lkb3RtA==
status
200
content-length
38883
x-ms-lease-status
unlocked
last-modified
Fri, 20 Mar 2020 08:11:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7CCA6410A6C47
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8fdb41a5-701e-00be-1554-010859000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31322196
x-ms-version
2009-09-19
timing-allow-origin
*
wachost.resx-f680b113.js
spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/en-us
4 KB
1 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/en-us/wachost.resx-f680b113.js
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/require-27b91a71.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.55.161.135 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-55-161-135.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
18ad1c1340a43a238ca4bffb94b762123ca18013b0cb380a51479df9d565d60d

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 Mar 2020 08:13:49 GMT
content-encoding
gzip
content-md5
9oCxE4xCC+09i0kfNPwYVA==
status
200
content-length
876
x-ms-lease-status
unlocked
last-modified
Fri, 20 Mar 2020 08:09:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7CCA60B7EF603
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5242f369-401e-0035-1f54-01b387000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31322196
x-ms-version
2009-09-19
timing-allow-origin
*
RemoteUls.ashx?usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87
onenote.officeapps.live.com/o
0
191 B
XHR
General
Full URL
https://onenote.officeapps.live.com/o/RemoteUls.ashx?usid=3735d18b-62aa-4010-b062-c9d3c4e6ff87
Requested by
Host: c1-onenote-15.cdn.office.net
URL: https://c1-onenote-15.cdn.office.net/o/s/App_Scripts/onenote-boot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698&originalPath=aHR0cHM6Ly9jcmVtb2NvLW15LnNoYXJlcG9pbnQuY29tLzpvOi9nL3BlcnNvbmFsL2thdGllX2NyZW1vY29tcGFueV9jb20vRWp1R1dfU0RpNVZIc21fVEMxRzAyM1lCQTc5UUtxN19MTTNHYnZoZXEtcDlpdz9ydGltZT1CbS1ObkYzUjEwZw&cid=8587656d-b3b3-4753-b85c-ca48aa80e74f
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
NL3
x-officeversion
16.0.12704.31679
x-officefe
AM4PEPF00002411
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest
content-length
0
x-msedge-features
tasmigration015,typeheadertest
x-correlationid
b206d58a-9f67-4e6e-9594-1ea6a8ffef86
x-officefd
AM4PEPF000020E2
x-ccr
true
x-usersessionid
3735d18b-62aa-4010-b062-c9d3c4e6ff87
date
Thu, 26 Mar 2020 08:13:51 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://cremoco-my.sharepoint.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
x-msedge-ref
Ref A: C65BD8C5BB3B44FA851726D56C1C0AB1 Ref B: AMS04EDGE0419 Ref C: 2020-03-26T08:13:50Z
timing-allow-origin
*
aria-051933ee.js
spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001
53 KB
14 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/aria-051933ee.js
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/require-27b91a71.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.55.161.135 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-55-161-135.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1e458ba65d389dab7842301df05d85f51575c397218a569184d3a41008b5373

Request headers

Referer
https://cremoco-my.sharepoint.com/:o:/g/personal/katie_cremocompany_com/EjuGW_SDi5VHsm_TC1G023YBA79QKq7_LM3Gbvheq-p9iw?rtime=Bm-NnF3R10g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 Mar 2020 08:13:50 GMT
content-encoding
gzip
content-md5
BRkz7swOwwBq9SYTZ889cQ==
status
200
content-length
13544
x-ms-lease-status
unlocked
last-modified
Fri, 20 Mar 2020 08:09:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D7CCA61251CBC8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5242faa0-401e-0035-0f54-01b387000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31322199
x-ms-version
2009-09-19
timing-allow-origin
*
?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=a9e9a63d9df4411ebbf89297947d7666-b5f0498b-a808-4b74-bb7b-2b33f7971660-7417
browser.pipe.aria.microsoft.com/Collector/3.0
0
397 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=a9e9a63d9df4411ebbf89297947d7666-b5f0498b-a808-4b74-bb7b-2b33f7971660-7417
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/aria-051933ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.73.26.107 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cremoco-my.sharepoint.com/:o:/g/personal/katie_cremocompany_com/EjuGW_SDi5VHsm_TC1G023YBA79QKq7_LM3Gbvheq-p9iw?rtime=Bm-NnF3R10g
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:13:50 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
885
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=a9e9a63d9df4411ebbf89297947d7666-b5f0498b-a808-4b74-bb7b-2b33f7971660-7417
browser.pipe.aria.microsoft.com/Collector/3.0
0
397 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.9.0&x-apikey=a9e9a63d9df4411ebbf89297947d7666-b5f0498b-a808-4b74-bb7b-2b33f7971660-7417
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-03-13-sts_20200320.001/aria-051933ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.73.26.107 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc={f45b863b-8b83-4795-b26f-d30b51b4db76}&action=view&wd=target%28Wire%20ACH.one%7C21c7424a-f66a-4a53-959c-44ee6ab246bf%2FBrian%20Schoonover%C2%A0%20share%20PDF%20payment%20to%20you.%7C91fa1ff3-42f2-4c6c-b070-904f36ab4d54%2F%29
Origin
https://cremoco-my.sharepoint.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:13:51 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
361
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://cremoco-my.sharepoint.com/:o:/g/personal/katie_cremocompany_com/EjuGW_SDi5VHsm_TC1G023YBA79QKq7_LM3Gbvheq-p9iw?e=zNseFc
  • https://cremoco-my.sharepoint.com/personal/katie_cremocompany_com/_layouts/15/Doc.aspx?sourcedoc=%7Bf45b863b-8b83-4795-b26f-d30b51b4db76%7D&action=default&slrid=4681429f-e037-0000-54b3-3bbd8de22698...

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| wopiDiagClient object| _wopiContextJson object| wacInitializer string| appName string| bootstrapperUrl boolean| isCreateNew object| wopiFileInfo object| wopiAuthInfo object| serverErr object| _spPageContextInfo object| wopiDiagServer string| docTypeHint boolean| refreshIfTokenExpired string| refreshUri string| WACContainerId function| loadWacHost function| initializeWopiPending function| WacInitializer function| getRefreshCount function| refreshIfNecessary function| initializeWac function| onLoadJsApiFailed object| Microsoft boolean| g_WACDone object| __tti number| g_responseEnd object| FabricConfig string| __odsp_culture function| requirejs function| require function| define function| es6-symbol function| ES6Promise object| __cdnFailOverState object| _spModuleLink number| g_duration number| g_iisLatency number| g_cpuDuration number| g_queryCount number| g_queryDuration number| g_requireJSDone function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| ODSP_TELEMETRY_MANAGER object| _perfMarks object| __packages__ number| __currentId__ object| __stylesheet__ object| __globalSettings__ object| __themeState__ function| __loadTheme

6 Cookies

Domain/Path Name / Value
cremoco-my.sharepoint.com/ Name: FeatureOverrides_disableFeatures
Value:
cremoco-my.sharepoint.com/ Name: FedAuth
Value: 77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjYsMGguZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNTliZjRiNDliNzZkNjVkN2RmN2RlNmU4ZGNkNmU2OTRlOGQ0OTZiNzA4MTk3MTMwNTkzZWI1OTBhMjVkMGI2NiwwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiM1OWJmNGI0OWI3NmQ2NWQ3ZGY3ZGU2ZThkY2Q2ZTY5NGU4ZDQ5NmI3MDgxOTcxMzA1OTNlYjU5MGEyNWQwYjY2LDEzMjI5Njg0MzI4MDAwMDAwMCwwLDEzMjI5NzcwNDI4NDU4MDQ3MCwwLjAuMC4wLDI1OCxjYjlmZmE1Ny1lODFiLTRmOWEtYTQ3Ni1kZTY4OTk5YzU4ZjAsLCw0NjgxNDI5Zi1lMDM3LTAwMDAtNTRiMy0zYmJkOGRlMjI2OTgsNDY4MTQyOWYtZTAzNy0wMDAwLTU0YjMtM2JiZDhkZTIyNjk4LGx4Q1I4VjN6dVUrM0ErQTZ6bmphc0EsMCwwLDAsLCwsUXVPayszZUR5bzhOMFlTaEdkSEE0V3Vvc3Nxem0xQUp4OVRLVTJPOVp5L0MvSjVIbll4YW4xdnpUWHZSMElLd2RFcWFyQ1lrS0JvK2hsajVHT1UvemM0bFBmUUczQklrRTgwUktsZngzbmhLNFRja2NpclMrMnNwM1BMY0tpSE9CeEQxbEtKaURyblMvMHZqS2s2bGhVa0MvZUgyU3Vpb29Ocy9GdEx0QUVxMDBpMkY5d2NvdTJWSWZ0UGNyMnloZE1DMldYTHlqMk1ETGFXVlRJclA0QnlKQjFvTlF0SHhxNHhBWThSSWRTQmdvMGJaTkZzUVJYOW1zMnN6NWhlaDJXa0R4RGZEWkVjYVBaaXhvNlR4bDBMWGw1NEI5RDlzdGdsWEE4SzhIbFRTQXpodmF6N2ZVMmpGbHk5U0o1VVZMWFJ3VkVJaFQwYWNYYWcxZ0V6ZURnPT08L1NQPg==
onenote.officeapps.live.com/ Name: DcLcid
Value: ui=1033&data=1033
cremoco-my.sharepoint.com/ Name: FeatureOverrides_enableFeatures
Value:
onenote.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
onenote.officeapps.live.com/o Name:
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN