urlscan.io logo urlscan.io
SecurityTrails logo

www.onenote.com Open in urlscan Pro
52.109.88.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdn.onenote.net/
Effective URL: https://www.onenote.com/signin?wdorigin=ondc
Submission: On March 14 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 52.109.88.139, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.onenote.com. The Cisco Umbrella rank of the primary domain is 3529.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 13th 2022. Valid for: a year.
This is the only time www.onenote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 6 52.109.88.139 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
5 13.74.193.143 8075 (MICROSOFT...)
1 20.190.159.64 8075 (MICROSOFT...)
2 20.190.159.68 8075 (MICROSOFT...)
1 152.199.23.37 15133 (EDGECAST)
1 192.229.221.185 15133 (EDGECAST)
1 2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
18 9
1    2a02:26f0:480:287::611 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.onenote.net
6    52.109.88.139 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.onenote.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
5    13.74.193.143 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
site.onenote.com
1    20.190.159.64 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    20.190.159.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
2    2a02:26f0:480:387::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
Apex Domain
Subdomains		 Transfer
11 onenote.com
www.onenote.com — Cisco Umbrella Rank: 3529
site.onenote.com — Cisco Umbrella Rank: 4937
89 KB
2 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 244
634 B
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 19
12 KB
1 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3683
6 KB
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1166
47 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 79
7 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1546
39 KB
1 onenote.net
cdn.onenote.net — Cisco Umbrella Rank: 1170
784 B
18 8
Domain Requested by
6 www.onenote.com 1 redirects site.onenote.com
5 site.onenote.com www.onenote.com
2 www.microsoft.com 1 redirects site.onenote.com
2 login.microsoftonline.com site.onenote.com
aadcdn.msftauth.net
1 logincdn.msauth.net login.live.com
1 aadcdn.msftauth.net login.microsoftonline.com
1 login.live.com site.onenote.com
1 ajax.aspnetcdn.com www.onenote.com
1 cdn.onenote.net 1 redirects
18 9

This site contains no links.

Subject Issuer Validity Valid
reverseproxy.onenote.com
Microsoft RSA TLS CA 01		 2022-09-13 -
2023-09-13		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
site.onenote.com
Microsoft Azure TLS Issuing CA 05		 2023-02-21 -
2024-02-16		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-12-30 -
2023-12-30		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-03-02 -
2024-03-02		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2022-04-01 -
2023-04-01		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 06		 2022-08-23 -
2023-08-18		 a year crt.sh
www.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-10-04 -
2023-09-29		 a year crt.sh

This page contains 3 frames:

Frame: https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Frame ID: A946624564E881F51A8B1755D1A21CAA
Requests: 13 HTTP requests in this frame

Frame: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Frame ID: B415641A1F448F2C2449AB27EB7BC25A
Requests: 2 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de&sso_reload=true
Frame ID: B8855DF5F147FA225A5D18E80567E603
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cdn.onenote.net/ HTTP 301
    https://www.onenote.com/ HTTP 302
    https://www.onenote.com/signin?wdorigin=ondc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

199 kB
Transfer

625 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdn.onenote.net/ HTTP 301
    https://www.onenote.com/ HTTP 302
    https://www.onenote.com/signin?wdorigin=ondc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom HTTP 302
  • https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
www.onenote.com/
Redirect Chain
  • http://cdn.onenote.net/
  • https://www.onenote.com/
  • https://www.onenote.com/signin?wdorigin=ondc
21 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e417f6ece3ef44ed2377a7d2fd658f619b1b6997c9590b174c33fbc78089b4f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
3122
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
content-type
text/html; charset=utf-8
date
Tue, 14 Mar 2023 09:38:40 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-correlationid
f933e7f6-d225-4649-8b8e-a9d0c5bf9a3e
x-officecluster
neu-000.site.onenote.com
x-officefe
SiteFrontEnd_IN_6
x-officeversion
16.0.16313.40453
x-routingcorrelationid
f933e7f6-d225-4649-8b8e-a9d0c5bf9a3e
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-routingsessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-usersessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-encoding
gzip
content-length
143
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
content-type
text/html; charset=utf-8
date
Tue, 14 Mar 2023 09:38:40 GMT
location
https://www.onenote.com/signin?wdorigin=ondc
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-correlationid
5f7d2865-b968-49aa-a3eb-9b72f0fa7397
x-officecluster
neu-000.site.onenote.com
x-officefe
SiteFrontEnd_IN_6
x-officeversion
16.0.16313.40453
x-routingcorrelationid
5f7d2865-b968-49aa-a3eb-9b72f0fa7397
x-routingofficecluster
weu-000.reverseproxy.onenote.com
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-routingsessionid
61b87aa6-7d4c-4fef-990b-0801e6d437ae
x-usersessionid
61b87aa6-7d4c-4fef-990b-0801e6d437ae
x-xss-protection
1; mode=block
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD0) /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Origin
https://www.onenote.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18341962
x-cache
HIT
content-length
39744
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 15:26:14 GMT
server
ECAcc (mil/6CD0)
etag
"c844f287112d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bodymovin.min.js
site.onenote.com/libraries/bodymovin/4.13.0/ 		248 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/libraries/bodymovin/4.13.0/bodymovin.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61957faa2ae6d22ca8ce9d5ef15e1eda1ff8841f17bbd1bba0247a0d5a4f6e69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:40 GMT
content-encoding
gzip
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
60057
last-modified
Mon, 13 Mar 2023 18:19:22 GMT
server
Microsoft-IIS/10.0
x-usersessionid
0ce5796f-aa22-4a70-b699-318b57ec3fc6
x-correlationid
0ce5796f-aa22-4a70-b699-318b57ec3fc6
x-officecluster
neu-000.site.onenote.com
etag
"0b18155d855d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
CommonDiagnostics.js
site.onenote.com/161631340453_Scripts/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161631340453_Scripts/CommonDiagnostics.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Mon, 13 Mar 2023 18:19:22 GMT
x-correlationid
9048373f-0dfa-45cd-9448-0568e3a8fc84
x-usersessionid
9048373f-0dfa-45cd-9448-0568e3a8fc84
x-officecluster
neu-000.site.onenote.com
etag
"0b18155d855d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
Common.js
site.onenote.com/161631340453_Scripts/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161631340453_Scripts/Common.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7dcf3a69f756a6f1381e2371fbdaff1d09cfa9c602bb48802f67989804d06262
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4489
last-modified
Mon, 13 Mar 2023 18:19:22 GMT
x-correlationid
f8d2b4fc-432c-432c-bd78-aad78f7877e8
x-usersessionid
f8d2b4fc-432c-432c-bd78-aad78f7877e8
x-officecluster
neu-000.site.onenote.com
etag
"0b18155d855d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
DefaultSignIn.min.js
site.onenote.com/161631340453_Scripts/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161631340453_Scripts/DefaultSignIn.min.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
3461
last-modified
Mon, 13 Mar 2023 18:19:22 GMT
x-correlationid
b2d094f0-ffc1-4c5b-bdb6-c7f9bc41c9ef
x-usersessionid
b2d094f0-ffc1-4c5b-bdb6-c7f9bc41c9ef
x-officecluster
neu-000.site.onenote.com
etag
"0b18155d855d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
Default2SignIn.js
site.onenote.com/161631340453_Scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.onenote.com/161631340453_Scripts/Default2SignIn.js
Requested by
Host: www.onenote.com
URL: https://www.onenote.com/signin?wdorigin=ondc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.74.193.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e9938668b176bfedffcdd211615019e758eab1deb786ba09c81cbd019ab1c0ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.onenote.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 09:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4537
last-modified
Mon, 13 Mar 2023 18:19:22 GMT
x-correlationid
cc99a537-f708-4e61-af6b-6f3b6ab64411
x-usersessionid
cc99a537-f708-4e61-af6b-6f3b6ab64411
x-officecluster
neu-000.site.onenote.com
etag
"0b18155d855d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
RemoteUls.ashx
www.onenote.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
4b86df60-ea57-4b77-ac08-4729ce91f5e5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 09:38:41 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-correlationid
0a26e084-9c2d-4072-be38-63b0f1e6848e
x-officecluster
neu-000.site.onenote.com
x-usersessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
0a26e084-9c2d-4072-be38-63b0f1e6848e
cache-control
private
x-routingsessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-routingofficecluster
weu-000.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
4b86df60-ea57-4b77-ac08-4729ce91f5e5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 09:38:41 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-correlationid
f2ed7fcb-5ff3-4c66-9a7e-7733d40c3e9b
x-officecluster
neu-000.site.onenote.com
x-usersessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
f2ed7fcb-5ff3-4c66-9a7e-7733d40c3e9b
cache-control
private
x-routingsessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-routingofficecluster
weu-000.reverseproxy.onenote.com
Me.srf
login.live.com/ Frame B415 		12 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.64 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1239fa3b8fd04967efd2b7679bdaa58dcd855c53e37cdb50301fbdeac32dc9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
4847
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Mar 2023 09:38:40 GMT
Expires
Tue, 14 Mar 2023 09:37:41 GMT
Link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF00006841 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
2d498347-e8c9-40b9-a6c9-b97fb49cbda7
x-ms-route-info
R3_BL2
savedusers
login.microsoftonline.com/ Frame B885 		19 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6887e88a43754b494e044e63459ee0398a2291c01ac4d39ec5dcd5893a3c87b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
8503
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Mar 2023 09:38:41 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14816.6 - WEULR1 ProdSlices
x-ms-request-id
243cd390-ef02-4eb9-8791-72a225436900
BssoInterrupt_Core_-CZojLH1zEwhCVw9xVT3Ow2.js
aadcdn.msftauth.net/shared/1.0/content/js/ Frame B885 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_-CZojLH1zEwhCVw9xVT3Ow2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1B) /
Resource Hash
2d7dd52e02dcc4f1eb4557273e20064516e27fba518da76b2c2da95468b8ca80

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Mar 2023 09:38:41 GMT
content-encoding
gzip
content-md5
HLUlm4V4YpeBKo/L/9/UoA==
age
2295886
x-cache
HIT
content-length
47966
x-ms-lease-status
unlocked
last-modified
Tue, 14 Feb 2023 22:23:15 GMT
server
ECAcc (mil/6C1B)
etag
0x8DB0EDA110EBCD8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a759e22a-301e-0071-2077-411d53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
MeControl_WHQJRgf00zDmJCvKCFQEEg2.js
logincdn.msauth.net/16.000/content/js/ Frame B415 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/content/js/MeControl_WHQJRgf00zDmJCvKCFQEEg2.js
Requested by
Host: login.live.com
URL: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=1&nf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3E) /
Resource Hash
039e87e7bdb980390094198ab7ef150e90e07a4e27d6b6eccc01a18e9c454bc5

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Mar 2023 09:38:41 GMT
content-encoding
gzip
content-md5
ustUSvRsXB60KPIbhb6g7w==
age
1656541
x-cache
HIT
content-length
6056
x-ms-lease-status
unlocked
last-modified
Fri, 10 Feb 2023 06:33:25 GMT
server
ECAcc (mil/6C3E)
etag
0x8DB0B30B68FC13E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a7f5c594-d01e-008a-3047-470c82000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
savedusers
login.microsoftonline.com/ Frame B885 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de&sso_reload=true
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_-CZojLH1zEwhCVw9xVT3Ow2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.68 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
383cd43ce18934620e54db87f992ef4dce0de3494ec6d070aeeb1a7984b018dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/savedusers?wreply=https://www.onenote.com/notebooks?wdoriginondc&auth=2&nf=1&appid=2d4d3d8e-2be3-4bef-9f87-7875a61c29de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
1033
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Mar 2023 09:38:41 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.14711.7 - NEULR2 ProdSlices
x-ms-request-id
8413575c-b4f6-47b7-81a3-1683973f0001
RemoteUls.ashx
www.onenote.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
4b86df60-ea57-4b77-ac08-4729ce91f5e5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 09:38:41 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-correlationid
6bd0a69a-44d9-45ff-ab64-9ce64aa12e5b
x-officecluster
neu-000.site.onenote.com
x-usersessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
6bd0a69a-44d9-45ff-ab64-9ce64aa12e5b
cache-control
private
x-routingsessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-routingofficecluster
weu-000.reverseproxy.onenote.com
RemoteUls.ashx
www.onenote.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onenote.com/RemoteUls.ashx
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/CommonDiagnostics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://www.onenote.com/signin?wdorigin=ondc
X-UserSessionId
4b86df60-ea57-4b77-ac08-4729ce91f5e5
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Mar 2023 09:38:41 GMT
x-content-type-options
nosniff, nosniff
x-officeversion
16.0.16313.40453
x-officefe
SiteFrontEnd_IN_6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
N/A
x-buls-suppressedtags
content-disposition
attachment
content-length
0
x-routingofficefe
ReverseProxyFrontEnd_IN_7
x-routingofficeversion
16.0.16306.40450
x-correlationid
95a28353-2e08-4fc0-a303-99a4bbcd7168
x-officecluster
neu-000.site.onenote.com
x-usersessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-download-options
noopen
content-type
text/plain
x-routingcorrelationid
95a28353-2e08-4fc0-a303-99a4bbcd7168
cache-control
private
x-routingsessionid
4b86df60-ea57-4b77-ac08-4729ce91f5e5
x-routingofficecluster
weu-000.reverseproxy.onenote.com
digital-note-taking-app
www.microsoft.com/it-it/microsoft-365/onenote/
Redirect Chain
  • https://www.microsoft.com/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom
  • https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
Requested by
Host: site.onenote.com
URL: https://site.onenote.com/161631340453_Scripts/Default2SignIn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:387::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onenote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control
no-cache, no-store, no-transform
content-encoding
gzip
content-length
47338
content-type
text/html; charset=utf-8
date
Tue, 14 Mar 2023 09:38:52 GMT
expires
-1
ms-cv
CASMicrosoftCV46cb04eb.0
ms-cv-esi
CASMicrosoftCV46cb04eb.0
ms-operation-id
105e3c158e80b44987be276562d7479f
p3p
CP="CAO CONi OTR OUR DEM ONL"
pragma
no-cache
strict-transport-security
max-age=31536000
tls_version
tls1.3
vary
Accept-Encoding
x-activity-id
acd1d080-979b-49e7-a2cb-eca4143d5be5
x-appversion
1.0.8447.34945
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-02-17T04:24:50.0000000Z}
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rtag
RT
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control
max-age=0, no-cache, no-store
content-length
222
content-type
text/html; charset=utf-8
date
Tue, 14 Mar 2023 09:38:44 GMT
expires
Tue, 14 Mar 2023 09:38:44 GMT
location
https://www.microsoft.com/it-it/microsoft-365/onenote/digital-note-taking-app?ms.url=onenotecom&rtc=1
ms-cv
CASMicrosoftCV46c8b1cb.0
ms-cv-esi
CASMicrosoftCV46c8b1cb.0
ms-operation-id
2c6674ef6c268243b0f69d024bdf387f
p3p
CP="CAO CONi OTR OUR DEM ONL"
pragma
no-cache
strict-transport-security
max-age=31536000
tls_version
tls1.3
x-activity-id
05dc9837-6840-49a2-8f55-7afc0c08a750
x-appversion
1.0.8447.34945
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-02-17T04:24:50.0000000Z}
x-rtag
RT
x-xss-protection
1; mode=block
RemoteUls.ashx
www.onenote.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.onenote.com
URL
https://www.onenote.com/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

14 Cookies

Domain/Path Name / Value
www.onenote.com/ Name: UserTrackerKey
Value: AnonymousId=d427c3c2-8a0e-40fe-bb27-93a11d3b49a6&FirstVisit=03/14/2023 09:38:40&LastVisit=03/14/2023 09:38:40
www.onenote.com/ Name: ONSessionKey
Value: SessionId=8a8ae1f2-494d-4269-9392-7ac8059f36e7&StartTime=03/14/2023 09:38:40&LastActivityTime=03/14/2023 09:38:40
www.onenote.com/ Name: TreatmentGroups
Value: SiteShowPlatformsAboveInfoPanels=Enabled&SiteShowInfoPanels=Enabled&NotebookIntroPageExperiment=Treatment2&UpgradePageDownloadButtonExperiment=Control&FreBeforeAfterSigninExperiment=Control
.www.onenote.com/ Name: AuthSess
Value: 91af2830-40fc-41d1-90d9-014ba110d0d5
.onenote.com/ Name: AADNonce
Value: ccc3d927-a40a-4623-8d1d-9ea921059015.638143835209125091
login.microsoftonline.com/ Name: fpc
Value: AgnyOKrm_P9GuTkdsGKugwQ
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: uaid
Value: c0f92849a2074c38987802677c98d724
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1678786721&co=1
.login.live.com/ Name: OParams
Value: 11O.DcXnzogStUstUL7bIc9PC9ByyOGFycHwNaauPdrqxAvSEEJY6PMzHNJLzsXkpJqY2S!QV1VpVSQ9bX63GPGZCmarj8HGekezx3B2kfpXx6woJAsyW2zm9M1BvjqJkKYly9cNNQ5iBzCdwhB0nLXl0WWzWMqTlrx1WjtSagZw*ABLLbuGJyZ3UuWmD6FUbNI0z8KdA08TW*Pmytzt9TQpXyZJ7a*a43ZcbXUwDirelcfN
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrR1nKsr9q9qPovWDx3vIw9GUtvPtu13lpBjO1CCDkgWagVcfZOF1HNXMJugCqeKhOHjXdXd_5xWvy4J-TReQ4fyP9eRWGv3gNrxtIJooKB8K7h_RcsqK540zms1HQK1iwnfNBgYWKiULCDvqcbSoJcXp65F4ybsIYc3dFNiN17L0OsFIK0hlUlcLqhsvdLmanihnPMW73mf8QeutoztxPnHTcM_i6TQLOCU6cjFdylS4gAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.teams.microsoft.us teams.microsoft.us *.teams.office.com *.skype.com outlook.office.com outlook-sdf.office.com outlook.office365.com outlook-sdf.office365.com outlook.live.com outlook-sdf.live.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block