urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
52.109.88.139  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Submission: On February 08 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 3 domains to perform 35 HTTP transactions. The main IP is 52.109.88.139, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com. The Cisco Umbrella rank of the primary domain is 3617.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 13th 2022. Valid for: a year.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.109.88.139 8075 (MICROSOFT...)
20 13.74.193.143 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
5 52.109.28.62 8075 (MICROSOFT...)
6 104.103.96.192 16625 (AKAMAI-AS)
35 6
1    52.109.88.139 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.onenote.com
20    13.74.193.143 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
site.onenote.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
5    52.109.28.62 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
6    104.103.96.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-96-192.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
Apex Domain
Subdomains		 Transfer
21 onenote.com
www.onenote.com — Cisco Umbrella Rank: 3617
site.onenote.com — Cisco Umbrella Rank: 4774
73 KB
11 live.com
odc.officeapps.live.com — Cisco Umbrella Rank: 228
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1812
96 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1430
39 KB
35 3
Domain Requested by
20 site.onenote.com www.onenote.com
site.onenote.com
6 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com site.onenote.com
odc.officeapps.live.com
1 ajax.aspnetcdn.com www.onenote.com
1 www.onenote.com
35 5
Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft RSA TLS CA 01		 2022-09-13 -
2023-09-13		 a year crt.sh
site.onenote.com
Microsoft Azure TLS Issuing CA 02		 2022-09-01 -
2023-08-27		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-12-07 -
2023-12-02		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-10-12 -
2023-10-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Frame ID: 6F4427114434154298AD7D7FFF128D48
Requests: 24 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: 23BB8D3C3D0CB556E51EDC34CB7091B4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to OneNote

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

6
IPs

5
Countries

209 kB
Transfer

638 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hrd
www.onenote.com/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27532c3c5a3b2870f18e557a186f90c0b77923fb5eaa2e67bc235142a66f2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
4868
content-type
text/html; charset=utf-8
date
Wed, 08 Feb 2023 16:56:08 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-correlationid
84594a8f-e990-4da2-9f79-c8e312aa45d1
x-officecluster
weu-000.site.onenote.com
x-officefe
SiteFrontEnd_IN_1
x-officeversion
16.0.16206.40453
x-routingcorrelationid
84594a8f-e990-4da2-9f79-c8e312aa45d1
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_5
x-routingofficeversion
16.0.16127.40456
x-routingsessionid
c6a1bf3b-1c31-4c26-8433-52b3c8b13038
x-usersessionid
c6a1bf3b-1c31-4c26-8433-52b3c8b13038
x-xss-protection
1; mode=block
SharedHeader.css
site.onenote.com/161620640453_Styles/nl-NL/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/SharedHeader.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2849
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
b4b8d319-4c17-490c-b2f7-ed8139b72e75
x-usersessionid
b4b8d319-4c17-490c-b2f7-ed8139b72e75
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
OfficeBrowserFeedback.css
site.onenote.com/161620640453_Styles/nl-NL/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/OfficeBrowserFeedback.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6bfc4667ab5a3cf3331bd113bad0169c40a9db1609c8c7f8bc968eb6088a2dce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2104
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
3f4948f2-e92a-4a6a-859f-bc8afba42ecc
x-usersessionid
3f4948f2-e92a-4a6a-859f-bc8afba42ecc
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
ondchome_cluster.css
site.onenote.com/161620640453_Styles/nl-NL/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/ondchome_cluster.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
936
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
b8115cde-620d-4bae-8264-5f486ad36fb2
x-usersessionid
b8115cde-620d-4bae-8264-5f486ad36fb2
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
SiteIntl.css
site.onenote.com/161620640453_Styles/nl-NL/ 		89 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/SiteIntl.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ed80c1697bfeaeb4e1de816e43ff8ebcd6d33d786752327506daef02daa562e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
7221
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
fe45ba7b-8a05-44ff-892c-6a462bac0903
x-usersessionid
fe45ba7b-8a05-44ff-892c-6a462bac0903
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
Shared.css
site.onenote.com/161620640453_Styles/nl-NL/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/Shared.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2851
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
5a52d41e-70d3-4ca6-9bef-9153a54859a5
x-usersessionid
5a52d41e-70d3-4ca6-9bef-9153a54859a5
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
Hrd.css
site.onenote.com/161620640453_Styles/nl-NL/ 		1023 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/Hrd.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
59a10e29-39e1-412e-a0c2-71996e1ffafd
x-usersessionid
59a10e29-39e1-412e-a0c2-71996e1ffafd
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
text/css
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
1023
SharedHeaderOverrides.css
site.onenote.com/161620640453_Styles/nl-NL/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/SharedHeaderOverrides.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
27d349db-bb86-49be-8e3c-0c3e07158fd8
x-usersessionid
27d349db-bb86-49be-8e3c-0c3e07158fd8
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
text/css
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
1427
App_Switcher_Waffle.50x50x32.png
site.onenote.com/161620640453_Images/nl-NL/ 		203 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/nl-NL/App_Switcher_Waffle.50x50x32.png?b=1601613015000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
11170e98-8c11-42ae-906d-695b1130bce1
x-usersessionid
11170e98-8c11-42ae-906d-695b1130bce1
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
203
odc_onenoteheaderlogo.135x40x32.png
site.onenote.com/161620640453_Images/nl-NL/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/nl-NL/odc_onenoteheaderlogo.135x40x32.png?b=1601613015000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
d4f09238-bfe2-419d-9157-4d35bf58c831
x-usersessionid
d4f09238-bfe2-419d-9157-4d35bf58c831
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
1356
OneNoteLogoMobile2.22x22.png
site.onenote.com/161620640453_Images/ 		706 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/OneNoteLogoMobile2.22x22.png?
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
8e5c88f2-5e03-4f57-b038-1ed958c6e94f
x-usersessionid
8e5c88f2-5e03-4f57-b038-1ed958c6e94f
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
706
feedback.png
site.onenote.com/161620640453_Images/ 		804 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/feedback.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
151c7ad9-c700-4d8c-af9c-290ffa61b23d
x-usersessionid
151c7ad9-c700-4d8c-af9c-290ffa61b23d
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
804
wapsw.png
site.onenote.com/161620640453_Images/nl-NL/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/nl-NL/wapsw.png?b=1601613015000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
5b23d3e0-4836-4a9d-8429-ade58957fa83
x-usersessionid
5b23d3e0-4836-4a9d-8429-ade58957fa83
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
5884
Globe_Light.20x20x32.png
site.onenote.com/161620640453_Images/nl-NL/ 		504 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Images/nl-NL/Globe_Light.20x20x32.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
60a68040-3414-4ee3-afd4-6302d7e1cb21
x-usersessionid
60a68040-3414-4ee3-afd4-6302d7e1cb21
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/png
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
504
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5326691
x-cache
HIT
content-length
39744
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 15:26:14 GMT
server
ECAcc (ama/48B6)
etag
"c844f287112d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
Feedback.js
site.onenote.com/161620640453_Scripts/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/Feedback.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbe93f1cb2e911ad89fcb0c621c27f90dbf65421e5b707d4e5a18e86aa9bc5b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
9788
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
82616c35-b4a2-4300-a36a-b85eac4b4000
x-usersessionid
82616c35-b4a2-4300-a36a-b85eac4b4000
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
CommonDiagnostics.js
site.onenote.com/161620640453_Scripts/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
4e006ba4-0240-4366-a604-a116e5593b28
x-usersessionid
4e006ba4-0240-4366-a604-a116e5593b28
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
DefaultSignIn.min.js
site.onenote.com/161620640453_Scripts/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
3461
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
614ebaec-ab5b-444a-b044-5c2cd044f074
x-usersessionid
614ebaec-ab5b-444a-b044-5c2cd044f074
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
home.js
site.onenote.com/161620640453_Scripts/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/home.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27d1145a7552838f910fefc3420c872ef2d522d10214a9f44a901458c670231b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
6387
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
620ddbcf-1df8-4e10-bda7-0d96a71ee799
x-usersessionid
620ddbcf-1df8-4e10-bda7-0d96a71ee799
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
Hrd.js
site.onenote.com/161620640453_Scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/Hrd.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a12ba558bd468f7fc39fe075bbe4d1e3773f35e93e51c268a64c8dfba4c05e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4531
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
3956fe21-2d65-47d0-9435-a1fe6874ea52
x-usersessionid
3956fe21-2d65-47d0-9435-a1fe6874ea52
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
cookiecompliance.js
site.onenote.com/161620640453_Scripts/ 		771 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161620640453_Scripts/cookiecompliance.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c1effc9e5efddc599c130dee960c254ed62f1170241a1bffeaf25fdb80d66bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
53b9241e-a560-4861-ac93-9187ccbd9ea4
x-usersessionid
53b9241e-a560-4861-ac93-9187ccbd9ea4
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
application/javascript
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
771
segoeuil.woff
site.onenote.com/161620640453_Styles/ 		0
0
segoeui.woff
site.onenote.com/161620640453_Styles/ 		0
0
hrd
odc.officeapps.live.com/odc/v2.0/ Frame 23BB 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161620640453_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.28.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
380a9e5b35fed84b924ccecaf39e9d522777f9069013f681280a116ce969e728
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
8171
content-type
text/html; charset=utf-8
date
Wed, 08 Feb 2023 16:56:09 GMT
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
e7a35131-cb40-4652-b049-117505fb9712
x-officecluster
uks-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_41
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
e7a35131-cb40-4652-b049-117505fb9712
progress.gif
site.onenote.com/161620640453_Styles/nl-NL/ 		695 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.onenote.com/161620640453_Styles/nl-NL/progress.gif
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161620640453_Styles/nl-NL/SharedHeader.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://site.onenote.com/161620640453_Styles/nl-NL/SharedHeader.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 14:41:58 GMT
x-correlationid
46839e6f-8077-414b-9e62-3245fdea56af
x-usersessionid
46839e6f-8077-414b-9e62-3245fdea56af
x-officecluster
neu-000.site.onenote.com
etag
"0ff372a393ad91:0"
x-officeversion
16.0.16206.40453
x-officefe
SiteFrontEnd_IN_6
content-type
image/gif
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
695
hrd.css
odc.officeapps.live.com/odc/stat/ Frame 23BB 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.28.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_41
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
last-modified
Sun, 29 Jan 2023 16:38:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
fbe03121-8e7a-458b-a068-c9e438d649a2
x-correlationid
fbe03121-8e7a-458b-a068-c9e438d649a2
x-officecluster
uks-000.odc.officeapps.live.com
etag
"06b2a10034d91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=2419200
accept-ranges
bytes
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 23BB 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_102
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
987f915b-9b8b-4cac-a779-3cd2832e8024
x-correlationid
987f915b-9b8b-4cac-a779-3cd2832e8024
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1844908
accept-ranges
bytes
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 23BB 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_25
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
ae0466b5-810c-42ba-8413-66490c71bb96
x-correlationid
ae0466b5-810c-42ba-8413-66490c71bb96
x-officecluster
neu-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
content-type
image/svg+xml
cache-control
private, max-age=1844927
accept-ranges
bytes
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 23BB 		379 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
b9667843-11ed-4570-a0e0-8755ba6b829a
x-correlationid
b9667843-11ed-4570-a0e0-8755ba6b829a
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
content-type
image/svg+xml
cache-control
private, max-age=1844921
accept-ranges
bytes
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 23BB 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
last-modified
Sun, 29 Jan 2023 16:38:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
09b8db26-dce0-4789-a130-edede3cfe797
x-correlationid
09b8db26-dce0-4789-a130-edede3cfe797
x-officecluster
uks-000.odc.officeapps.live.com
etag
"06b2a10034d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 23BB 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
4ef25d44-9ed1-4bd7-a4a2-2a397019d545
x-correlationid
4ef25d44-9ed1-4bd7-a4a2-2a397019d545
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1838673
accept-ranges
bytes
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 23BB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.96.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-96-192.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_28
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
625415f2-c83d-42a9-a323-28a3f721a19e
x-correlationid
625415f2-c83d-42a9-a323-28a3f721a19e
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1838655
accept-ranges
bytes
jsonstrings
odc.officeapps.live.com/odc/ Frame 23BB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1043&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.28.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9cfca147a09ab3573c097d453d2923724aa5ecdf3720adc598e469f1639c4e80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
x-content-type-options
nosniff
x-correlationid
a209b624-162a-48c3-8040-84623164574a
server
Microsoft-IIS/10.0
x-usersessionid
a209b624-162a-48c3-8040-84623164574a
x-officecluster
uks-000.odc.officeapps.live.com
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_41
content-type
text/javascript; charset=utf-8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
content-length
3193
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame 23BB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=16129.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.28.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1043&syslcid=1043&uilcid=1043&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_41
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
last-modified
Sun, 29 Jan 2023 16:38:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
856a5d0e-412d-4f2d-8cd0-db7bceb132a7
x-correlationid
856a5d0e-412d-4f2d-8cd0-db7bceb132a7
x-officecluster
uks-000.odc.officeapps.live.com
etag
"06b2a10034d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=2419200
accept-ranges
bytes
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame 23BB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16129.30550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.28.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16129.30550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:56:10 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16129.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_41
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
last-modified
Sun, 29 Jan 2023 16:38:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
74f47fbd-e4b4-4cc3-b653-193be8e681cc
x-correlationid
74f47fbd-e4b4-4cc3-b653-193be8e681cc
x-officecluster
uks-000.odc.officeapps.live.com
etag
"06b2a10034d91:0"
content-type
image/svg+xml
cache-control
private, max-age=2419200
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
site.onenote.com
URL
https://site.onenote.com/161620640453_Styles/segoeuil.woff
Domain
site.onenote.com
URL
https://site.onenote.com/161620640453_Styles/segoeui.woff

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange string| SessionId string| CorrelationId string| NotebooksIndexURL function| calculatePageLoadTime function| $ function| jQuery object| OfficeBrowserFeedback function| GetOSPlatform function| InitializeUls function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| LogElapsedTimeOnPage function| InsertAdditionalBeforeUnloadFunction function| OnUnloadingPage function| FlushBrowserUls function| FlushUlsAsynchronous function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| RedactIfNotebookURL function| OnDismiss object| Diag object| Utils object| OSPlatform string| _osPlatform undefined| ClipperIndexURL string| OrigRefCookieName string| OrigRefCookieValue function| ShowSignInControl function| onSignInDialogKeyUp object| Common object| TheUlsHost number| furthestScrollDepthPercentage function| RecordPageLoadTime number| PageStartLoadTime string| ulsCategoryStringSetInCshtml object| additionalBeforeUnloadFunctions undefined| _onBeforePageUnloadCalled object| Feedback function| __extends string| TelemetryClickableClass boolean| ScrubbedUserNotebookPathLoggingEnabled function| Type function| $5 object| Sys string| g_msaReturnUrl string| g_orgIdReturnUrl string| g_signupUrl string| g_msaPasswordResetUrl string| g_msaLoginUrl string| g_hrdIframeUrl string| g_orgIdLoginUrl string| g_authType string| g_fullScreenHrd object| g_hrdOverride boolean| g_useNewRedirectUrlOverride number| g_preferredIdpForDefaultSignIn string| g_appId boolean| g_defaultSignInEnabled boolean| g_defaultSignInFixEnabled string| g_defaultSignInAadHost object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog boolean| msaFedEnabled function| getAccount function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader string| g_rootDomain function| DismissPopupBanner function| GetRootDomain function| CreateCookie undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp boolean| g_persistentDialog object| g_hrdTimeout function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn object| g_defaultSignInTimeout function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| MakeSignInControlVisible function| HideSignInControl function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| OnErrorPageLoaded function| SetWarmupFrameUrl number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml function| htmlDecode function| SaveOrigRefThenShowSignInControl function| getCookieBanner function| addCookieComplianceBanner function| adjustHeaderHeight

6 Cookies

Domain/Path Name / Value
www.onenote.com/ Name: UserTrackerKey
Value: AnonymousId=ba3a0999-bf2e-4d9a-a92c-c37e0ec5b729&FirstVisit=02/08/2023 16:56:09&LastVisit=02/08/2023 16:56:09
www.onenote.com/ Name: ONSessionKey
Value: SessionId=cc0386d0-6c27-4c9b-9a06-26853154bf3e&StartTime=02/08/2023 16:56:09&LastActivityTime=02/08/2023 16:56:09
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control
.www.onenote.com/ Name: AuthSess
Value: b7b8a511-2549-4d91-971a-3cc9b207a850
.onenote.com/ Name: AADNonce
Value: 18a57a05-4ebe-4a92-be0c-a48c381c2b4b.638114721696134665
www.onenote.com/ Name: OrigRef
Value: Uri=https%3a%2f%2fwww.onenote.com%2fhrd%3fwdorigin%3dondcauth2%26wdorigin%3dondcnotebooks

4 Console Messages

Source Level URL
Text
javascript error URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Message:
Access to font at 'https://site.onenote.com/161620640453_Styles/segoeuil.woff' from origin 'https://www.onenote.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://site.onenote.com/161620640453_Styles/segoeuil.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.onenote.com/hrd?wdorigin=ondcauth2&wdorigin=ondcnotebooks
Message:
Access to font at 'https://site.onenote.com/161620640453_Styles/segoeui.woff' from origin 'https://www.onenote.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://site.onenote.com/161620640453_Styles/segoeui.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.odc.officeapps.live.com
odc.officeapps.live.com
site.onenote.com
www.onenote.com
site.onenote.com
104.103.96.192
13.74.193.143
152.199.19.160
52.109.28.62
52.109.88.139
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
27532c3c5a3b2870f18e557a186f90c0b77923fb5eaa2e67bc235142a66f2842
27d1145a7552838f910fefc3420c872ef2d522d10214a9f44a901458c670231b
2c1effc9e5efddc599c130dee960c254ed62f1170241a1bffeaf25fdb80d66bc
2ed80c1697bfeaeb4e1de816e43ff8ebcd6d33d786752327506daef02daa562e
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
380a9e5b35fed84b924ccecaf39e9d522777f9069013f681280a116ce969e728
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
6bfc4667ab5a3cf3331bd113bad0169c40a9db1609c8c7f8bc968eb6088a2dce
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
9a12ba558bd468f7fc39fe075bbe4d1e3773f35e93e51c268a64c8dfba4c05e8
9cfca147a09ab3573c097d453d2923724aa5ecdf3720adc598e469f1639c4e80
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
a9488146df96781e05c403ab587ee528a41d33474b83852b2a78906e51c99022
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
cbe93f1cb2e911ad89fcb0c621c27f90dbf65421e5b707d4e5a18e86aa9bc5b5
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756