![](/screenshots/edf6f4c0-bce7-4b14-b575-227900452fba.png)
onedrive.live.com
Open in
urlscan Pro
13.107.137.11
Public Scan
Effective URL: https://onedrive.live.com/edit?id=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&resid=A3CFE1C533BC2075!s2b8b4883a2f64...
Submission: On May 23 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on March 29th 2024. Valid for: a year.
This is the only time onedrive.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.107.42.12 13.107.42.12 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 13.107.137.11 13.107.137.11 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.153.252.167 52.153.252.167 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 23.1.240.66 23.1.240.66 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 13.107.136.10 13.107.136.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 23.55.242.210 23.55.242.210 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 13.107.139.11 13.107.139.11 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.42.73.27 20.42.73.27 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 104.74.59.84 104.74.59.84 | () () | |
2 | 52.108.8.12 52.108.8.12 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 10 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-1-240-66.deploy.static.akamaitechnologies.com
res-1.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api-badgerp.svc.ms |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-242-210.deploy.static.akamaitechnologies.com
wise-m.public.cdn.office.net | |
wise.public.cdn.office.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.microsoftpersonalcontent.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
common.online.office.com | |
cac-onenote.officeapps.live.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 286 wise-m.public.cdn.office.net — Cisco Umbrella Rank: 695 wise.public.cdn.office.net — Cisco Umbrella Rank: 1405 c1-onenote-15.cdn.office.net |
322 KB |
3 |
live.com
1 redirects
onedrive.live.com — Cisco Umbrella Rank: 4577 cac-onenote.officeapps.live.com Failed |
18 KB |
2 |
microsoftpersonalcontent.com
my.microsoftpersonalcontent.com — Cisco Umbrella Rank: 3488 |
3 KB |
2 |
svc.ms
api-badgerp.svc.ms — Cisco Umbrella Rank: 156081 |
1 KB |
1 |
office.com
common.online.office.com — Cisco Umbrella Rank: 602 |
|
1 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 107 Failed |
|
1 |
sfx.ms
p.sfx.ms — Cisco Umbrella Rank: 31904 |
8 KB |
1 |
1drv.ms
1 redirects
1drv.ms — Cisco Umbrella Rank: 29031 |
453 B |
19 | 8 |
Domain | Requested by | |
---|---|---|
4 | res-1.cdn.office.net |
onedrive.live.com
res-1.cdn.office.net wise.public.cdn.office.net |
2 | my.microsoftpersonalcontent.com |
res-1.cdn.office.net
|
2 | api-badgerp.svc.ms |
res-1.cdn.office.net
|
2 | onedrive.live.com | 1 redirects |
1 | cac-onenote.officeapps.live.com |
res-1.cdn.office.net
|
1 | common.online.office.com |
wise.public.cdn.office.net
|
1 | c1-onenote-15.cdn.office.net | |
1 | browser.events.data.microsoft.com |
res-1.cdn.office.net
|
1 | wise.public.cdn.office.net |
wise-m.public.cdn.office.net
|
1 | wise-m.public.cdn.office.net |
res-1.cdn.office.net
|
1 | p.sfx.ms | |
1 | 1drv.ms | 1 redirects |
19 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-29 - 2025-03-24 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2024-02-20 - 2025-02-20 |
a year | crt.sh |
svc.ms Microsoft Azure RSA TLS Issuing CA 04 |
2023-09-27 - 2024-09-21 |
a year | crt.sh |
microsoftpersonalcontent.com DigiCert SHA2 Secure Server CA |
2024-03-26 - 2025-03-26 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-31 - 2025-03-26 |
a year | crt.sh |
*.cdn.office.net Microsoft Azure RSA TLS Issuing CA 03 |
2023-10-03 - 2024-09-27 |
a year | crt.sh |
officeapps.live.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-01-24 - 2025-01-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://onedrive.live.com/edit?id=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&resid=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&cid=a3cfe1c533bc2075&ithint=onenote&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE&migratedtospo=true&wdo=2
Frame ID: 7DFC55ED1998CCE1639869547DB03CD5
Requests: 15 HTTP requests in this frame
Frame:
https://cac-onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en-AU&rs=en-AU&wopisrc=https%3A%2F%2Fmy.microsoftpersonalcontent.com%2Fpersonal%2Fa3cfe1c533bc2075%2F_vti_bin%2Fwopi.ashx%2Ffolders%2FA3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&wdenableroaming=1&mscc=1&wdodb=1&hid=MH45zzVfkEqCtXRSiMr9Mg.0.0&sc=%7B%22pmo%22%3A%22https%3A%2F%2Fonedrive.live.com%22%2C%22redeem%22%3A%22aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE%22%7D&wdo=2&uih=onedrivecom&dchat=1&wdorigin=Other&wdhostclicktime=1716431702489&jsapi=1&jsapiver=v1&newsession=1&corrid=eed62d98-f5d0-4bcd-abf1-83bbb8133e89&usid=eed62d98-f5d0-4bcd-abf1-83bbb8133e89&sftc=1&sams=1&cac=1&mtf=1&sfp=1&hch=1&hwfh=1&uihit=editaspx&muv=1&wdredirectionreason=Force_SingleStepBoot&rct=Normal&ctp=LeastProtected
Frame ID: 1ACB96EC2002EA96B854EDFF4507CABA
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/edf6f4c0-bce7-4b14-b575-227900452fba.png)
Page Title
My Notebook - Microsoft OneNote OnlinePage URL History Show full URLs
-
https://1drv.ms/o/c/a3cfe1c533bc2075/EoNIiyv2ot9MhoA6erIHJkkB8nUjhdsOk_-3jV6-QuRJYA
HTTP 301
https://onedrive.live.com/redir?cid=a3cfe1c533bc2075&resid=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab... HTTP 302
https://onedrive.live.com/edit?id=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&resid=A3CFE1C533B... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://1drv.ms/o/c/a3cfe1c533bc2075/EoNIiyv2ot9MhoA6erIHJkkB8nUjhdsOk_-3jV6-QuRJYA
HTTP 301
https://onedrive.live.com/redir?cid=a3cfe1c533bc2075&resid=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&ithint=onenote&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE HTTP 302
https://onedrive.live.com/edit?id=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&resid=A3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&cid=a3cfe1c533bc2075&ithint=onenote&redeem=aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE&migratedtospo=true&wdo=2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
edit
onedrive.live.com/ Redirect Chain
|
48 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
p.sfx.ms/images/ |
8 KB 8 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initial.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-05-17.006/wacodcowlhostwebpack.manifest/en-us/ |
867 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wacodcowlhostwebpack.js
res-1.cdn.office.net/files/odsp-web-prod_2024-05-17.006/wacodcowlhostwebpack.manifest/ |
740 KB 188 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
token
api-badgerp.svc.ms/v1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.js
wise-m.public.cdn.office.net/wise-m/owl/5mttl/production/50/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.js
res-1.cdn.office.net/files/odsp-web-prod_2024-05-17.006/wacodcowlhostwebpack.manifest/ |
122 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
api-badgerp.svc.ms/v1.0/ |
847 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.slim.5815102c6e49b5d12c4c.js
wise.public.cdn.office.net/wise/owl/ |
175 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
driveItem
my.microsoftpersonalcontent.com/_api/v2.0/shares/u!aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE/ |
4 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
driveItem
my.microsoftpersonalcontent.com/_api/v2.0/shares/u!aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
onenote-boot.min.js
res-1.cdn.office.net/officeonline/o/s/h937F18DBB9251CF1_App_Scripts/ |
146 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FavIcon_OneNote.ico
c1-onenote-15.cdn.office.net/o/resources/1033/ |
8 KB 9 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
common.online.office.com/suite/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
RemoteTelemetry.ashx
cac-onenote.officeapps.live.com/o/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
cac-onenote.officeapps.live.com/o/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
onenoteframe.aspx
cac-onenote.officeapps.live.com/o/ Frame 1ACB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
- Domain
- cac-onenote.officeapps.live.com
- URL
- https://cac-onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=eed62d98-f5d0-4bcd-abf1-83bbb8133e89
- Domain
- cac-onenote.officeapps.live.com
- URL
- https://cac-onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en-AU&rs=en-AU&wopisrc=https%3A%2F%2Fmy.microsoftpersonalcontent.com%2Fpersonal%2Fa3cfe1c533bc2075%2F_vti_bin%2Fwopi.ashx%2Ffolders%2FA3CFE1C533BC2075!s2b8b4883a2f64cdf86803a7ab2072649&wdenableroaming=1&mscc=1&wdodb=1&hid=MH45zzVfkEqCtXRSiMr9Mg.0.0&sc=%7B%22pmo%22%3A%22https%3A%2F%2Fonedrive.live.com%22%2C%22redeem%22%3A%22aHR0cHM6Ly8xZHJ2Lm1zL28vYy9hM2NmZTFjNTMzYmMyMDc1L0VvTklpeXYyb3Q5TWhvQTZlcklISmtrQjhuVWpoZHNPa18tM2pWNi1RdVJKWUE%22%7D&wdo=2&uih=onedrivecom&dchat=1&wdorigin=Other&wdhostclicktime=1716431702489&jsapi=1&jsapiver=v1&newsession=1&corrid=eed62d98-f5d0-4bcd-abf1-83bbb8133e89&usid=eed62d98-f5d0-4bcd-abf1-83bbb8133e89&sftc=1&sams=1&cac=1&mtf=1&sfp=1&hch=1&hwfh=1&uihit=editaspx&muv=1&wdredirectionreason=Force_SingleStepBoot&rct=Normal&ctp=LeastProtected
Verdicts & Comments Add Verdict or Comment
38 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| $B object| $CJ object| Flight function| requirejs function| require function| define function| es6-symbol function| ES6Promise object| $Config object| FilesConfig object| __odsp_cdnConfig object| WacConfig string| __odsp_culture number| g_responseEnd string| backupBaseUrl undefined| failOverState object| corsMatch function| processConfigToSupportFailOver undefined| __cdnFailOverState object| odspNextWebpackJsonp object| __webpack_result__ function| __debugSetKillSwitch object| ODSP_TELEMETRY_MANAGER function| __onbeforeunload object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| _perfMarks object| __testHooks object| CUSTOMERPROMISE_MANAGER object| __debugLoggerContext object| __events__ object| __dynProto$Gbl function| owlManifestFactory object| Microsoft object| webpackChunkMicrosoft_Office_OWL7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.live.com/ | Name: xid Value: 664449b3-60d7-42f6-8d98-db56dec6af9b&&ODSP-ODWEB-ODCF&183 |
|
.live.com/ | Name: E Value: P:sYOp89B63Ig=:1CvmOhecNnTnsgIdvuvpyBZL4hoMjmSET/k75RaW1gM=:F |
|
.live.com/ | Name: xidseq Value: 2 |
|
.live.com/ | Name: wla42 Value: |
|
onedrive.live.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 6cb4444a-711f-44d3-83ba-18610f9843ea |
|
onedrive.live.com/ | Name: ai_session Value: UfYb1vNmTT1SdNofBkBbQW|1716431704821|1716431707929 |
|
.common.online.office.com/ | Name: US1-ARRAffinity Value: 3f10062a416d7040ee80f62208754eb231fb4c5d58c3d906f5171d7eab1a0813 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1drv.ms
api-badgerp.svc.ms
browser.events.data.microsoft.com
c1-onenote-15.cdn.office.net
cac-onenote.officeapps.live.com
common.online.office.com
my.microsoftpersonalcontent.com
onedrive.live.com
p.sfx.ms
res-1.cdn.office.net
wise-m.public.cdn.office.net
wise.public.cdn.office.net
browser.events.data.microsoft.com
cac-onenote.officeapps.live.com
104.74.59.84
13.107.136.10
13.107.137.11
13.107.139.11
13.107.42.12
20.42.73.27
23.1.240.66
23.55.242.210
52.108.8.12
52.153.252.167
05b44a9d78eeb3a5a7955b7f5e2d32082f6d3debb730f077d873dbd46036d219
24638331466a52bb66f912090e7a9cc9e3df2236e39c187c9409104526b472b0
26cf87ce2ac8bfebf847c1f44048623e85193ccb743a00253d21b1c0758c4939
3292ac962d0f6c3256f3673282b26bf6f87db6e3c83f6dec587c39558c5829b5
5f491474ba5c3912517021bfc9f5ebeeb39202da69d8f3539f38c3940aec9029
6da235c10cb3bd9d9dee19bb17526ffd4d07dc28265e48accd45f19dd9e1bdbf
937f18dbb9251cf186ba41187df3275c4dae8b7b4a3fe4db467a07f9e52504be
9e1da5bf715135491519a188cad977db6cba414071e2407b69d63221379d8802
c31b75d03121f2238e3f54b375534e141b2844ccd01c2e9d22412b154ff9ac50
cc6022426bd02e079384b18b3855da0da10cc16de58a565ee3b173f135ca1546
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f915ecb557e8c75f3101ccd53bcde525f3985e997cf0dca21c2eeae1f859b07b