www.onenote.com
Open in
urlscan Pro
52.109.88.139
Public Scan
Effective URL: https://www.onenote.com/signin?wdorigin=ondc
Submission: On March 14 via manual from IT — Scanned from IT
Summary
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 13th 2022. Valid for: a year.
This is the only time www.onenote.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a02:26f0:480... 2a02:26f0:480:287::611 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 6 | 52.109.88.139 52.109.88.139 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
5 | 13.74.193.143 13.74.193.143 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.159.64 20.190.159.64 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 20.190.159.68 20.190.159.68 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
1 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
1 2 | 2a02:26f0:480... 2a02:26f0:480:387::356e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 9 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
onenote.com
1 redirects
www.onenote.com — Cisco Umbrella Rank: 3529 site.onenote.com — Cisco Umbrella Rank: 4937 |
89 KB |
2 |
microsoft.com
1 redirects
www.microsoft.com — Cisco Umbrella Rank: 244 |
634 B |
2 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 19 |
12 KB |
1 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3683 |
6 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1166 |
47 KB |
1 |
live.com
login.live.com — Cisco Umbrella Rank: 79 |
7 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1546 |
39 KB |
1 |
onenote.net
1 redirects
cdn.onenote.net — Cisco Umbrella Rank: 1170 |
784 B |
18 | 8 |
Domain | Requested by | |
---|---|---|
6 | www.onenote.com |
1 redirects
site.onenote.com
|
5 | site.onenote.com |
www.onenote.com
|
2 | www.microsoft.com |
1 redirects
site.onenote.com
|
2 | login.microsoftonline.com |
site.onenote.com
aadcdn.msftauth.net |
1 | logincdn.msauth.net |
login.live.com
|
1 | aadcdn.msftauth.net |
login.microsoftonline.com
|
1 | login.live.com |
site.onenote.com
|
1 | ajax.aspnetcdn.com |
www.onenote.com
|
1 | cdn.onenote.net | 1 redirects |
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
reverseproxy.onenote.com Microsoft RSA TLS CA 01 |
2022-09-13 - 2023-09-13 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
site.onenote.com Microsoft Azure TLS Issuing CA 05 |
2023-02-21 - 2024-02-16 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-03-02 - 2024-03-02 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06 |
2022-08-23 - 2023-08-18 |
a year | crt.sh |
www.microsoft.com Microsoft Azure TLS Issuing CA 06 |
2022-10-04 - 2023-09-29 |
a year | crt.sh |
This page contains 3 frames:
Frame:
https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Frame ID: A946624564E881F51A8B1755D1A21CAA
Requests: 13 HTTP requests in this frame
Frame:
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Frame ID: B415641A1F448F2C2449AB27EB7BC25A
Requests: 2 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de&sso_reload=true
Frame ID: B8855DF5F147FA225A5D18E80567E603
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cdn.onenote.net/
HTTP 301
https://www.onenote.com/ HTTP 302
https://www.onenote.com/signin?wdorigin=ondc Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cdn.onenote.net/
HTTP 301
https://www.onenote.com/ HTTP 302
https://www.onenote.com/signin?wdorigin=ondc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom HTTP 302
- https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin
www.onenote.com/ Redirect Chain
|
21 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
87 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bodymovin.min.js
site.onenote.com/libraries/bodymovin/4.13.0/ |
248 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CommonDiagnostics.js
site.onenote.com/161631340453_Scripts/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Common.js
site.onenote.com/161631340453_Scripts/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DefaultSignIn.min.js
site.onenote.com/161631340453_Scripts/ |
16 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Default2SignIn.js
site.onenote.com/161631340453_Scripts/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
www.onenote.com/ |
0 195 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
www.onenote.com/ |
0 96 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.srf
login.live.com/ Frame B415 |
12 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
savedusers
login.microsoftonline.com/ Frame B885 |
19 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_-CZojLH1zEwhCVw9xVT3Ow2.js
aadcdn.msftauth.net/shared/1.0/content/js/ Frame B885 |
133 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MeControl_WHQJRgf00zDmJCvKCFQEEg2.js
logincdn.msauth.net/16.000/content/js/ Frame B415 |
17 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
savedusers
login.microsoftonline.com/ Frame B885 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
www.onenote.com/ |
0 102 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
www.onenote.com/ |
0 96 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
digital-note-taking-app
www.microsoft.com/it-it/microsoft-365/onenote/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
RemoteUls.ashx
www.onenote.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.onenote.com
- URL
- https://www.onenote.com/RemoteUls.ashx
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.onenote.com/ | Name: UserTrackerKey Value: AnonymousId=d427c3c2-8a0e-40fe-bb27-93a11d3b49a6&FirstVisit=03/14/2023 09:38:40&LastVisit=03/14/2023 09:38:40 |
|
www.onenote.com/ | Name: ONSessionKey Value: SessionId=8a8ae1f2-494d-4269-9392-7ac8059f36e7&StartTime=03/14/2023 09:38:40&LastActivityTime=03/14/2023 09:38:40 |
|
www.onenote.com/ | Name: TreatmentGroups Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control |
|
.www.onenote.com/ | Name: AuthSess Value: 91af2830-40fc-41d1-90d9-014ba110d0d5 |
|
.onenote.com/ | Name: AADNonce Value: ccc3d927-a40a-4623-8d1d-9ea921059015.638143835209125091 |
|
login.microsoftonline.com/ | Name: fpc Value: AgnyOKrm_P9GuTkdsGKugwQ |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.login.live.com/ | Name: uaid Value: c0f92849a2074c38987802677c98d724 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1678786721&co=1 |
|
.login.live.com/ | Name: OParams Value: 11O.DcXnzogStUstUL7bIc9PC9ByyOGFycHwNaauPdrqxAvSEEJY6PMzHNJLzsXkpJqY2S!QV1VpVSQ9bX63GPGZCmarj8HGekezx3B2kfpXx6woJAsyW2zm9M1BvjqJkKYly9cNNQ5iBzCdwhB0nLXl0WWzWMqTlrx1WjtSagZw*ABLLbuGJyZ3UuWmD6FUbNI0z8KdA08TW*Pmytzt9TQpXyZJ7a*a43ZcbXUwDirelcfN |
|
.login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrR1nKsr9q9qPovWDx3vIw9GUtvPtu13lpBjO1CCDkgWagVcfZOF1HNXMJugCqeKhOHjXdXd_5xWvy4J-TReQ4fyP9eRWGv3gNrxtIJooKB8K7h_RcsqK540zms1HQK1iwnfNBgYWKiULCDvqcbSoJcXp65F4ybsIYc3dFNiN17L0OsFIK0hlUlcLqhsvdLmanihnPMW73mf8QeutoztxPnHTcM_i6TQLOCU6cjFdylS4gAA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
ajax.aspnetcdn.com
cdn.onenote.net
login.live.com
login.microsoftonline.com
logincdn.msauth.net
site.onenote.com
www.microsoft.com
www.onenote.com
www.onenote.com
13.74.193.143
152.199.19.160
152.199.23.37
192.229.221.185
20.190.159.64
20.190.159.68
2a02:26f0:480:287::611
2a02:26f0:480:387::356e
52.109.88.139
039e87e7bdb980390094198ab7ef150e90e07a4e27d6b6eccc01a18e9c454bc5
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
1239fa3b8fd04967efd2b7679bdaa58dcd855c53e37cdb50301fbdeac32dc9e9
2d7dd52e02dcc4f1eb4557273e20064516e27fba518da76b2c2da95468b8ca80
383cd43ce18934620e54db87f992ef4dce0de3494ec6d070aeeb1a7984b018dd
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
7dcf3a69f756a6f1381e2371fbdaff1d09cfa9c602bb48802f67989804d06262
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d6887e88a43754b494e044e63459ee0398a2291c01ac4d39ec5dcd5893a3c87b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417f6ece3ef44ed2377a7d2fd658f619b1b6997c9590b174c33fbc78089b4f7
e9938668b176bfedffcdd211615019e758eab1deb786ba09c81cbd019ab1c0ab