urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
52.109.88.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.office.com/?qs=d485c1077697cecf0046a8b306fcda17d78839b6e4e8dac9da300da68f94f44703e67bb1d15dd804f14b5ed7d6d9...
Effective URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Submission: On February 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 52.109.88.2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on May 1st 2018. Valid for: 2 years.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.245.89.166 22606 (EXACT-7)
2 3 52.109.88.2 8075 (MICROSOFT...)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
20 95.100.140.73 16625 (AKAMAI-AS)
1 152.199.19.160 15133 (EDGECAST)
1 52.109.32.22 8075 (MICROSOFT...)
25 5
1    198.245.89.166 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.office.com
click.email.office.com
3    52.109.88.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.onenote.com
2    2a02:26f0:10c:396::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
uhf.microsoft.com
20    95.100.140.73 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-140-73.deploy.static.akamaitechnologies.com
site-cdn.onenote.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    52.109.32.22 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
Domain Requested by
20 site-cdn.onenote.net www.onenote.com
3 www.onenote.com 2 redirects
2 uhf.microsoft.com www.onenote.com
1 odc.officeapps.live.com site-cdn.onenote.net
1 ajax.aspnetcdn.com www.onenote.com
1 click.email.office.com 1 redirects
25 6
Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft IT TLS CA 1		 2018-05-01 -
2020-05-01		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2019-04-30 -
2021-04-30		 2 years crt.sh
site-cdn.onenote.net
Microsoft IT TLS CA 1		 2018-03-13 -
2020-03-12		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
odc.officeapps.live.com
Microsoft IT TLS CA 4		 2019-09-24 -
2021-09-24		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Frame ID: 7247B218F9EFC6C75CBFD68A856D602F
Requests: 24 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: 6AF95DF7B4793CB60AC726B4979385F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.email.office.com/?qs=d485c1077697cecf0046a8b306fcda17d78839b6e4e8dac9da300da68f94f44703e67bb1... HTTP 302
    http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 301
    https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 302
    https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings Page URL

Page Statistics

25
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

132 kB
Transfer

382 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.office.com/?qs=d485c1077697cecf0046a8b306fcda17d78839b6e4e8dac9da300da68f94f44703e67bb1d15dd804f14b5ed7d6d9eb68e452207e9d8067578810725d30e4df1a HTTP 302
    http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 301
    https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2 HTTP 302
    https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hrd
www.onenote.com/
Redirect Chain
  • https://click.email.office.com/?qs=d485c1077697cecf0046a8b306fcda17d78839b6e4e8dac9da300da68f94f44703e67bb1d15dd804f14b5ed7d6d9eb68e452207e9d8067578810725d30e4df1a
  • http://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2
  • https://www.onenote.com/emailsettings?WT.mc_id=eml_CXM__WebServices-EmailToOneNote-BounceBack-v2
  • https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a5b487577a00abb5a16523ec41a14f16a5dbc2f96eb11b01ca1e62396475ebd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.onenote.com
:scheme
https
:path
/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Control
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_0
x-routingofficeversion
16.0.12602.31553
x-routingsessionid
e0fba9df-952b-4808-99fe-9837778547ad
x-routingcorrelationid
e2fb7a61-4834-4868-b25d-a3ea44ead79d
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Control; expires=Mon, 07-Feb-2022 17:57:48 GMT; path=/; secure; HttpOnly AuthSess=548dfeca-71cd-45c7-9846-9d65269c7f7d; domain=www.onenote.com; path=/; samesite=none; secure; HttpOnly AADNonce=de061271-30bc-4a5d-9395-00ab1c4bfb9c.637166950688286029; domain=onenote.com; path=/; samesite=none; secure; HttpOnly
x-correlationid
e2fb7a61-4834-4868-b25d-a3ea44ead79d
x-usersessionid
e0fba9df-952b-4808-99fe-9837778547ad
x-officefe
SiteFrontEnd_IN_3
x-officeversion
16.0.12605.31556
x-officecluster
weu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Fri, 07 Feb 2020 17:57:48 GMT
content-length
5107

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
location
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_0
x-routingofficeversion
16.0.12602.31553
x-routingsessionid
200b892f-2588-46e2-aca8-f64b7901a6aa
x-routingcorrelationid
a158d864-04fc-4416-bd08-eed0496e03a8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
TreatmentGroups=SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Control; expires=Mon, 07-Feb-2022 17:57:48 GMT; path=/; secure; HttpOnly
x-correlationid
a158d864-04fc-4416-bd08-eed0496e03a8
x-usersessionid
200b892f-2588-46e2-aca8-f64b7901a6aa
x-officefe
SiteFrontEnd_IN_2
x-officeversion
16.0.12605.31556
x-officecluster
weu-000.site.onenote.com
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnetmvc-version
5.2
x-frame-options
DENY
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Fri, 07 Feb 2020 17:57:48 GMT
content-length
161
mscc-0.4.2.min.js
uhf.microsoft.com/mscc/statics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:396::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 07 Feb 2020 17:57:48 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
AO6kLOW8s6NiicKEPl74tA==
access-control-allow-origin
*
etag
0x8D795E59EC908A0
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
x-ms-request-id
4ec43929-d01e-0050-01fe-c70c90000000
x-ms-version
2009-09-19
content-length
2017
mscc-0.4.2.min.css
uhf.microsoft.com/mscc/statics/ 		1 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uhf.microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:396::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 07 Feb 2020 17:57:48 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QLyM0qNPDXd6ayzd1iIoLA==
access-control-allow-origin
*
etag
0x8D795E5A424E059
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
x-ms-request-id
865002b9-a01e-0010-28fe-c7257e000000
x-ms-version
2009-09-19
content-length
626
SharedHeader.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/SharedHeader.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3ba6aefc1340aa1b0b0d9e4af657e5e164a7e1793d4dce52fcb863c74931027
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
39c4ef7f-319c-4596-bcbc-8721fc7d25e8
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2848
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
39c4ef7f-319c-4596-bcbc-8721fc7d25e8
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31468056
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
OfficeBrowserFeedback.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/OfficeBrowserFeedback.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
ebcc5ec6-fccc-49ae-8294-b64c1f74ea6d
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2023
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
ebcc5ec6-fccc-49ae-8294-b64c1f74ea6d
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31467980
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
ondchome_cluster.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/ondchome_cluster.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
361472f0-bc96-44fe-8d98-6380f88043d1
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
936
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
361472f0-bc96-44fe-8d98-6380f88043d1
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31468046
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
SiteIntl.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		71 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/SiteIntl.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
9871b883-1b02-4325-92e4-5c6b8522f520
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6365
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
9871b883-1b02-4325-92e4-5c6b8522f520
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31468000
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
Shared.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/Shared.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
9856f02a-3c0a-436a-aa66-d6f7b31acd52
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2851
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
9856f02a-3c0a-436a-aa66-d6f7b31acd52
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31468040
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
Hrd.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		1023 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/Hrd.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
360f4957-cc4f-43b7-bb97-763ef0959552
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
453
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
360f4957-cc4f-43b7-bb97-763ef0959552
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31469244
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
SharedHeaderOverrides.css
site-cdn.onenote.net/161260531556_Styles/en-US/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/SharedHeaderOverrides.css
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
ea1e1a5c-788c-4ebe-b976-447baa606972
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
546
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
ea1e1a5c-788c-4ebe-b976-447baa606972
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=31468042
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
App_Switcher_Waffle.50x50x32.png
site-cdn.onenote.net/161260531556_Images/en-US/ 		203 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/en-US/App_Switcher_Waffle.50x50x32.png?b=1601260410000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
7c75528c-0860-43d1-8d6e-8ddf2a654e8f
Date
Fri, 07 Feb 2020 17:57:48 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
203
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
7c75528c-0860-43d1-8d6e-8ddf2a654e8f
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31468051
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
odc_onenoteheaderlogo.135x40x32.png
site-cdn.onenote.net/161260531556_Images/en-US/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/en-US/odc_onenoteheaderlogo.135x40x32.png?b=1601260410000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
02bb26fe-f9d2-4e86-8a9f-671551bf1889
Date
Fri, 07 Feb 2020 17:57:48 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1356
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
weu-000.site.onenote.com
X-UserSessionId
02bb26fe-f9d2-4e86-8a9f-671551bf1889
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31468823
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
OneNoteLogoMobile2.22x22.png
site-cdn.onenote.net/161260531556_Images/ 		706 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/OneNoteLogoMobile2.22x22.png?
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
f643cbc6-64ad-40e8-8da1-edf092c56a24
Date
Fri, 07 Feb 2020 17:57:48 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
706
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
f643cbc6-64ad-40e8-8da1-edf092c56a24
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31467959
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
feedback.png
site-cdn.onenote.net/161260531556_Images/ 		804 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/feedback.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
8b17cdb9-758d-4f90-8f49-d97013ac6f39
Date
Fri, 07 Feb 2020 17:57:48 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
804
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
8b17cdb9-758d-4f90-8f49-d97013ac6f39
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31467877
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
wapsw.png
site-cdn.onenote.net/161260531556_Images/en-US/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/en-US/wapsw.png?b=1601260410000
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
3f6f873e-215f-40c7-9c16-d37741ace4e4
Date
Fri, 07 Feb 2020 17:57:49 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_1
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5884
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
3f6f873e-215f-40c7-9c16-d37741ace4e4
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31468070
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
Globe_Light.20x20x32.png
site-cdn.onenote.net/161260531556_Images/en-US/ 		504 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Images/en-US/Globe_Light.20x20x32.png
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
fdcd8785-7750-4f3f-9e81-68e86857b11d
Date
Fri, 07 Feb 2020 17:57:49 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
504
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
fdcd8785-7750-4f3f-9e81-68e86857b11d
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/png
Cache-Control
public, max-age=31468044
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
jquery-1.12.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B0B) /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 07 Feb 2020 17:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19695440
x-cache
HIT
status
200
content-length
33920
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:51 GMT
server
ECAcc (ama/8B0B)
etag
"804fc05cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
CommonDiagnostics.js
site-cdn.onenote.net/161260531556_Scripts/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce418a0a304b1e707590a42f612c7ab87a061cd7a4e5f88c9fe0fb44351e8171
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
3638f7d0-bdf6-446e-80e0-790af0fa81cc
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9422
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
3638f7d0-bdf6-446e-80e0-790af0fa81cc
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31467942
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
DefaultSignIn.min.js
site-cdn.onenote.net/161260531556_Scripts/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
2d94dcbf-0bc0-427f-ada3-47a2f68a6c8d
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3461
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
2d94dcbf-0bc0-427f-ada3-47a2f68a6c8d
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31467904
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
home.js
site-cdn.onenote.net/161260531556_Scripts/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Scripts/home.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3931a8bb16e2f006e9aadf8b7e4655c206135c39c983dafc903c6efbf957e6d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
10722454-a682-461a-806c-84c329b8a1bd
Date
Fri, 07 Feb 2020 17:57:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6300
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
10722454-a682-461a-806c-84c329b8a1bd
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31467910
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
Hrd.js
site-cdn.onenote.net/161260531556_Scripts/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Scripts/Hrd.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
95eb1512-4445-4342-acde-95a606d9d9dc
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
10024
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
95eb1512-4445-4342-acde-95a606d9d9dc
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31468240
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
cookiecompliance.js
site-cdn.onenote.net/161260531556_Scripts/ 		725 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Scripts/cookiecompliance.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
8b341b81-17bb-480e-9b13-2bbd2069d7b4
Date
Fri, 07 Feb 2020 17:57:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
357
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
8b341b81-17bb-480e-9b13-2bbd2069d7b4
ETag
"0f9ab9c78dcd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=31467952
Accept-Ranges
bytes
X-OfficeVersion
16.0.12602.31553
segoeuil.woff
site-cdn.onenote.net/161260531556_Styles/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://site-cdn.onenote.net/161260531556_Styles/segoeuil.woff
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://site-cdn.onenote.net/161260531556_Styles/en-US/SiteIntl.css
Origin
https://www.onenote.com

Response headers

X-CorrelationId
4bed8205-01e1-4b5c-ac36-07fbedf0895f
Date
Fri, 07 Feb 2020 17:57:49 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22204
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
4bed8205-01e1-4b5c-ac36-07fbedf0895f
ETag
"0f9ab9c78dcd51:0"
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://www.onenote.com
Cache-Control
public, max-age=31468070
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556
hrd
odc.officeapps.live.com/odc/v2.0/ Frame 6AF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: site-cdn.onenote.net
URL: https://site-cdn.onenote.net/161260531556_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.32.22 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
odc.officeapps.live.com
:scheme
https
:path
/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=8&a=1&p=11&hm=0&ver=16&fpEnabled=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.onenote.com/hrd?ReturnUrl=https:%2f%2fwww.onenote.com%2fEmailSettings

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/10.0
x-correlationid
d3feda53-94f1-44e2-8861-f5d8a9f04307
x-usersessionid
d3feda53-94f1-44e2-8861-f5d8a9f04307
x-officefe
OdcFrontEnd_IN_103
x-officeversion
16.0.12604.30551
x-officecluster
ukw-odc.officeapps.live.com
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-ua-compatible
IE=11
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Fri, 07 Feb 2020 17:57:48 GMT
content-length
9886
progress.gif
site-cdn.onenote.net/161260531556_Styles/en-US/ 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-cdn.onenote.net/161260531556_Styles/en-US/progress.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.140.73 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-140-73.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://site-cdn.onenote.net/161260531556_Styles/en-US/SharedHeader.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CorrelationId
df180a88-4843-4e4a-ac3b-ff4ba76482e1
Date
Fri, 07 Feb 2020 17:57:49 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-OfficeFE
SiteFrontEnd_IN_5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 05 Feb 2020 23:04:26 GMT
X-OfficeCluster
neu-000.site.onenote.com
X-UserSessionId
df180a88-4843-4e4a-ac3b-ff4ba76482e1
ETag
"0f9ab9c78dcd51:0"
Content-Type
image/gif
Cache-Control
public, max-age=31469240
Accept-Ranges
bytes
X-OfficeVersion
16.0.12605.31556

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| mscc string| SessionId string| CorrelationId string| NotebooksIndexURL function| calculatePageLoadTime function| $ function| jQuery function| Type function| $6 object| Sys object| Diag string| g_msaReturnUrl string| g_orgIdReturnUrl string| g_signupUrl string| g_msaPasswordResetUrl string| g_msaLoginUrl string| g_hrdIframeUrl string| g_orgIdLoginUrl string| g_authType string| g_fullScreenHrd object| g_hrdOverride boolean| g_useNewRedirectUrlOverride number| g_preferredIdpForDefaultSignIn string| g_appId boolean| g_defaultSignInEnabled string| g_defaultSignInAadHost string| OrigRefCookieName string| OrigRefCookieValue object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog boolean| msaFedEnabled function| getAccount function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader string| g_rootDomain function| DismissPopupBanner function| GetRootDomain function| CreateCookie undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp boolean| g_persistentDialog object| g_hrdTimeout function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn object| g_defaultSignInTimeout function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| GetRedirectUrlFromFederationProvider function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| SetWarmupFrameUrl number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml object| Feedback object| OfficeBrowserFeedback function| GetOSPlatform function| InitializeUls function| InstrumentLinks function| LogUserViewPortInfo function| UpdateFurthestScrollDepth function| LogElapsedTimeOnPage function| InsertAdditionalBeforeUnloadFunction function| OnUnloadingPage function| FlushBrowserUls function| FlushUlsAsynchronous function| GenerateInstrumentationLink function| GenerateContextMenuInstrumentationLink function| GenerateDragInstrumentationLink function| SaveOrigRefThenShowSignInControl object| Utils object| OSPlatform string| _osPlatform undefined| ClipperIndexURL object| Common function| __extends string| TelemetryClickableClass object| TheUlsHost number| furthestScrollDepthPercentage function| RecordPageLoadTime number| PageStartLoadTime string| ulsCategoryStringSetInCshtml object| additionalBeforeUnloadFunctions undefined| _onBeforePageUnloadCalled object| jQuery1120003782701735734495 string| CookieBanner function| getCookieBanner function| addCookieComplianceBanner function| adjustHeaderHeight

4 Cookies

Domain/Path Name / Value
.onenote.com/ Name: AADNonce
Value: de061271-30bc-4a5d-9395-00ab1c4bfb9c.637166950688286029
.www.onenote.com/ Name: AuthSess
Value: 548dfeca-71cd-45c7-9846-9d65269c7f7d
www.onenote.com/ Name: OrigRef
Value: Uri=https%3a%2f%2fwww.onenote.com%2fhrd%3fReturnUrl%3dhttps%3a%252f%252fwww.onenote.com%252fEmailSettings
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Disabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Treatment1&FreBeforeAfterSigninExperiment=Control

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
click.email.office.com
odc.officeapps.live.com
site-cdn.onenote.net
uhf.microsoft.com
www.onenote.com
152.199.19.160
198.245.89.166
2a02:26f0:10c:396::2b57
52.109.32.22
52.109.88.2
95.100.140.73
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
12577598c49c776aa84bc92ac7f327683dbb45f86b737cd6eeb8ea76127c977f
1791ed9071be90362478a5a1486b9c573e93ec121178d91fd36292b834cb43dc
17de417b9fdb419bc3cc811a71d0a74c59cf637646c2ef27abf78d984e6d955f
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3931a8bb16e2f006e9aadf8b7e4655c206135c39c983dafc903c6efbf957e6d1
41267345e86a40f4e14c1398e681b7d4f111a50e2e039083ac33d97101989936
58e2447317434ed4df64ddca5fb26d27a91e7d15b28eaa951c5cdbb515e360a0
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
8b8906b64da2391e0e9c9bd946857dabd6835570b3e4d82a3ffa399aa7a86e2f
8dda7589364d33d870a479069e0f956476d075b7ecc4a177b8bb01cd37913877
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a5b487577a00abb5a16523ec41a14f16a5dbc2f96eb11b01ca1e62396475ebd8
a82549a42558aa650130f6830850073674b2bfe57919436057a5ae3f56ff4be6
b32de7f5d2bebfc37a0ef1e7fc90ef014fc3808025650fdac7c9a08b5d9cf456
cb0ed3999645dcddfd658719edcff78d15f3d213fc3a8b774fad91e75c526648
ce418a0a304b1e707590a42f612c7ab87a061cd7a4e5f88c9fe0fb44351e8171
e24d4a3ded9c564412aa3606f1fa0feee04ae52146fcfe01762db15d317b4756
f3ba6aefc1340aa1b0b0d9e4af657e5e164a7e1793d4dce52fcb863c74931027