1drv.ms/o/s!BIYeFzpGhzK6tg0zo4B-7POwyCHR?e=DvZhBMSWhkK9rgE0l67VGA&at=9
13.107.42.12301 Moved Permanently 0 B URL HTTP/2 1drv.ms/o/s!BIYeFzpGhzK6tg0zo4B-7POwyCHR?e=DvZhBMSWhkK9rgE0l67VGA&at=9
IP 13.107.42.12:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /o/s!BIYeFzpGhzK6tg0zo4B-7POwyCHR?e=DvZhBMSWhkK9rgE0l67VGA&at=9 HTTP/1.1
Host: 1drv.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
location: https://onedrive.live.com/redir?resid=BA3287463A171E86!6925&authkey=!AjOjgH7s87DIIdE&ithint=onenote&e=DvZhBMSWhkK9rgE0l67VGA&at=9
x-msnserver: DB3PPF9AAED5F6A
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: QnggTB1okkSOHNGJJiS4qg.0
x-asmversion: UNKNOWN; 19.1074.105.2005
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5AC86F8A9078416F8E071D1E30611F3A Ref B: OSL30EDGE0217 Ref C: 2023-01-23T13:30:36Z
date: Mon, 23 Jan 2023 13:30:35 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12939
Expires: Mon, 23 Jan 2023 17:06:15 GMT
Date: Mon, 23 Jan 2023 13:30:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3795
Expires: Mon, 23 Jan 2023 14:33:51 GMT
Date: Mon, 23 Jan 2023 13:30:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 12:35:01 GMT
content-type: application/json
age: 3335
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13306
Expires: Mon, 23 Jan 2023 17:12:22 GMT
Date: Mon, 23 Jan 2023 13:30:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ncfTjPifxKqzWzy55GXpriZzqtpkzDqYwaWB9d/wGzU0MWJsdYtEHEVuakUGYxeZFfMfeRiuw5E=
x-amz-request-id: 2YM4Z4ND3BHY6JTM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 12:47:43 GMT
age: 2573
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 13:30:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 13:17:30 GMT
age: 786
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5742
Cache-Control: max-age=162713
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 13:30:37 GMT
Etag: "63ce4e28-1d7"
Expires: Wed, 25 Jan 2023 10:42:30 GMT
Last-Modified: Mon, 23 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8uSxqnkUAFQS6yKH+JBB5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m2WKWSTAIBWqU3ulMDRS4N59ZuY=
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filescss2-7859787f.css
23.36.79.43200 OK 31 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filescss2-7859787f.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5f77f27c0f0e909a57d3923881633788
1f762819bac13417e55e51fc999a8fe1235c3878
74750cf479258424a2bf8c670cf5ab1542c417a75613edda32a7c7ba67ef9997
GET /files/onedrive-website-release-prod_master_20230112.001//filescss2-7859787f.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 30612
content-type: text/css
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:45 GMT
x-ms-request-id: 39c9c473-f01e-0045-18a9-2a2a74000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:38 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filescss1-11eb1969.css
23.36.79.43200 OK 16 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filescss1-11eb1969.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ace3403c9fc64cf6db37ced3a75fc639
73812cc859c8a4e5208bf3b89e5c4190be2d486f
cdac259829b35ff70f7148f9575fe2fbadef119972988becb5be1ddb1f2f98b6
GET /files/onedrive-website-release-prod_master_20230112.001//filescss1-11eb1969.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 15784
content-type: text/css
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:47 GMT
x-ms-request-id: c3825eac-701e-004b-0fa9-2a03c4000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:38 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//maincss-3d633429.css
23.36.79.43200 OK 26 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//maincss-3d633429.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d2c8f6504459b2e5830f6a4814202be
9957042a71e5df21409b99c98ccc788e073b0578
86a538f01e19aec395d5caa64ebad64e2343c782b56f90a49811f680de5e2d7a
GET /files/onedrive-website-release-prod_master_20230112.001//maincss-3d633429.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 25623
content-type: text/css
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:44 GMT
x-ms-request-id: f925a30b-701e-005b-75a9-2ac6ac000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:38 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3823
Expires: Mon, 23 Jan 2023 14:34:21 GMT
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3823
Expires: Mon, 23 Jan 2023 14:34:21 GMT
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3823
Expires: Mon, 23 Jan 2023 14:34:21 GMT
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3823
Expires: Mon, 23 Jan 2023 14:34:21 GMT
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 257cf33430d0e588ce0df41deb9c49d2
c988799bc70b567422821f64bb95ecab4b117e3a
290eec9c2d3874a3951c161174d7fcc297f79d4f547bb9aa741ee85306cd7a90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10481
x-amzn-requestid: a9d3763c-d10b-4918-a54d-67215346ba1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFHEVFxUoAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb854e-1d7dec1810076c6c27f5a44f;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:25:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABOTraN3uT05OLykQNO_cG8YdMyJsc0We-vLtr8XKVRe3cHuFtmBA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 16:16:58 GMT
age: 76420
etag: "c988799bc70b567422821f64bb95ecab4b117e3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 56572
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75pGAcylxKUIPpPoXBhc4v4OUldfaTgT0zjrU3_7BSgcp4Webl7bQw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:54:19 GMT
age: 56179
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False
13.107.42.13200 OK 14 kB URL HTTP/2 onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False
IP 13.107.42.13:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 41b88e898507f65735f48ee4cb4538a2
6f2eede70ca0ee045e40db718c586ad89c099dc3
733142fb3a79f20d0701d8a3673ba80b1ddb643931756ec036dd00aa8f2a4ac0
GET /handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/view.aspx?resid=BA3287463A171E86!6925&ithint=onenote&wdo=2&authkey=!AjOjgH7s87DIIdE
Connection: keep-alive
Cookie: MSFPC=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960; E=P:FHBuA0b92og=:F8CXqq9upBAVGr2Tf9H7y54AhA8FRPZ4s+zKplTx4MI=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=2; wla42=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 23 Jan 2024 13:30:38 GMT
vary: Accept-Encoding
set-cookie: mkt=en-US; domain=.live.com; expires=Tue, 23-Jan-2024 00:00:00 GMT; path=/
xidseq=3; domain=.live.com; path=/
LD=; domain=.live.com; expires=Mon, 23-Jan-2023 11:50:38 GMT; path=/
E=P:+rsXBEb92og=:mQBCvLHyPuV/4WLeQEPWGWBn/+VwSsnscdbGx1wsmXY=:F; domain=.live.com; path=/
wla42=; domain=live.com; expires=Mon, 30-Jan-2023 13:30:38 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC93ACDE
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A457EE9143AE47CFB198D3409E03D7FC Ref B: OSL30EDGE0318 Ref C: 2023-01-23T13:30:38Z
date: Mon, 23 Jan 2023 13:30:38 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 51659
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqvCEzxKP39gLHZjcr7R303XMAlfQz2nAtz-Wv_9W0rsAYJ3ODczPg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:58:40 GMT
age: 55918
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.sfx.ms//storage/aria-2.5.0.min.js
13.95.147.73200 OK 12 kB URL HTTP/2 p.sfx.ms//storage/aria-2.5.0.min.js
IP 13.95.147.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32013), with CRLF line terminators
Hash cc11d45b7b4c561d9ab2e012f15122f8
c487462545ef3d6aa286f892c4eeeef4224e31f7
5d66a53ba4c9cdf3555618892edb9a16736210faea448f8d7d924df85fa4a3ad
GET //storage/aria-2.5.0.min.js HTTP/1.1
Host: p.sfx.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 17 Dec 2022 01:02:14 GMT
accept-ranges: bytes
etag: "0ef3333b311d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-msnserver: RD0003FF23C42F
x-odwebserver: westeurope1-odwebp
date: Mon, 23 Jan 2023 13:30:38 GMT
content-length: 12195
X-Firefox-Spdy: h2
p.sfx.ms/is/invis.gif
13.95.147.73200 OK 43 B IP 13.95.147.73:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 74996e793f8888edd815ccfed177f5ee
376e57f850a242cf780f6904ef4b54f0587067df
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
GET /is/invis.gif HTTP/1.1
Host: p.sfx.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: image/gif
last-modified: Sat, 17 Dec 2022 01:02:14 GMT
accept-ranges: bytes
etag: "0ef3333b311d91:0"
server: Microsoft-IIS/10.0
x-msnserver: RD0003FF23C42F
x-odwebserver: westeurope1-odwebp
date: Mon, 23 Jan 2023 13:30:38 GMT
content-length: 43
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 1a0b55fbbfc9ee7682b0cc8303398bb0
31b0d70355c791be3320033bb3fba16f9cf312b9
d943b2cc491f98e4d87eaca87505c46eeeb08b352940f4f399aac133d0836c06
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:10 GMT
Last-Modified: Sun, 22 Jan 2023 13:08:23 GMT
ETag: "d943b2cc491f98e4d87eaca87505c46eeeb08b352940f4f399aac133d0836c06"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2E0FB0088AC9430580BE05DF650B3649 Ref B: OSL30EDGE0222 Ref C: 2023-01-23T13:30:38Z
Date: Mon, 23 Jan 2023 13:30:38 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash fa71dfd8d5ac206df8d8d1bbaa19a243
41fc72be2c6dd674e3124702841eb9839292b269
c230c20c137af86895aca714e25b86aa7f008c6ab99b905f67e2c2facbff6673
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:10 GMT
Last-Modified: Mon, 23 Jan 2023 09:08:23 GMT
ETag: "c230c20c137af86895aca714e25b86aa7f008c6ab99b905f67e2c2facbff6673"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: A7FCA4504C834AB9A957A49E929546CA Ref B: OSL30EDGE0414 Ref C: 2023-01-23T13:30:38Z
Date: Mon, 23 Jan 2023 13:30:38 GMT
c1-onenote-15.cdn.office.net/o/resources/1033/FavIcon_OneNote.ico
23.38.201.204200 OK 7.9 kB URL HTTP/1.1 c1-onenote-15.cdn.office.net/o/resources/1033/FavIcon_OneNote.ico
IP 23.38.201.204:0
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 7a7a4890caaa77025e1b33a6d6e474ee
dc735b99d9ef0c76b4a7aeae8baa4cbd9551ba77
9e1da5bf715135491519a188cad977db6cba414071e2407b69d63221379d8802
GET /o/resources/1033/FavIcon_OneNote.ico HTTP/1.1
Host: c1-onenote-15.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 7886
Content-Type: image/x-icon
Last-Modified: Tue, 06 Sep 2022 01:18:59 GMT
Accept-Ranges: bytes
ETag: "fd7e5ba48ec1d81:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 6381e973-3bcf-4a65-84b3-d5f9a1703f21
X-UserSessionId: 6381e973-3bcf-4a65-84b3-d5f9a1703f21
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
X-OfficeFE: AM4PEPF00006956
X-OfficeVersion: 16.0.15913.41006
X-OfficeCluster: PNL1
X-OFFICEFD: AM4PEPF00006956
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
X-MSEdge-Ref: Ref A: BDE18105152E41C7AF5AC6AA8EF87651 Ref B: AMS231032602017 Ref C: 2022-11-26T18:44:29Z
Cache-Control: public, max-age=146405, immutable
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
c1-onenote-15.cdn.office.net/o/s/h5F212C376B610544_App_Scripts/onenote-boot.min.js
23.38.201.204200 OK 35 kB URL HTTP/1.1 c1-onenote-15.cdn.office.net/o/s/h5F212C376B610544_App_Scripts/onenote-boot.min.js
IP 23.38.201.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cbd5772100b72eb16b65f774dd118f99
387f05ed0b9b4a77462aefff37e7c3f1d7ab7713
efc1ca62997f7890b5b48b5a953d3f9b5cdccc705dfb7963e28f1b2247e81378
GET /o/s/h5F212C376B610544_App_Scripts/onenote-boot.min.js HTTP/1.1
Host: c1-onenote-15.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 34586
Content-Type: application/javascript
Content-Encoding: br
Last-Modified: Mon, 16 Jan 2023 12:56:36 GMT
Accept-Ranges: bytes
ETag: W/"19fa92f7a929d91:0"
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-CorrelationId: 7bc0696a-7858-4682-8110-2c7d795d9d5d
X-UserSessionId: 7bc0696a-7858-4682-8110-2c7d795d9d5d
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
X-OfficeFE: AM4PEPF00006B55
X-OfficeVersion: 16.0.15930.41001
X-OfficeCluster: PNL1
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-OFFICEFD: AM4PEPF00006B55
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
X-MSEdge-Ref: Ref A: 4DC78D873510400CAB19B2B574CE1C50 Ref B: AMS231032605011 Ref C: 2023-01-16T12:56:36Z
Cache-Control: public, max-age=602784, immutable
Date: Mon, 23 Jan 2023 13:30:38 GMT
Connection: keep-alive
onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 118
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 40739c86-ffb8-49d8-8743-b690b4bc83a0
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006960
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onedrive.live.com
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006960
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 3C6E94827D0548EDA3D5642D3091F5EF Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:38 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1803
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 686c0bd1-d995-43f6-bbdb-07274fe04569
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695D
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onedrive.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-buls-suppressedtags: 378069,1671813,2208151,2209344,3249545,3290144,4285850,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19214611,19743902,19939648,20486158,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22922182,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37754499,37856259,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40777251,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51492170,51504083,51667010,306230939,306978834,509743362,510252435,512522335,512522337,512522368,520926864,520926865,520979847,521007315,521749855,523613141,524150164,524883107,524883136,524883138,537159041,537159051,537159499,537167070,537169937,538542792,538543587,539075678,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,560550470,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,589101015,589101018,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595359709,595359710,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,947352439,963472182,963915891,1630679666,1630679667,1633958006,1647605351,1647863416,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695D
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 45A95F63DB4744F69B0337236CB9701E Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:38 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css
23.36.79.43200 OK 4.7 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (27024), with CRLF line terminators
Hash e4179b99233a7d6c5ee50933d247e440
ccc5ec383b2811a1fa5e179beb6196724af80c14
56a3edc180e35415ad38dfc7f29b64e1d2afb12503f380779b51c87fd6fe5d32
GET /officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 4702
content-type: text/css
last-modified: Tue, 10 Jan 2023 12:01:02 GMT
x-ms-request-id: c49c59d0-d01e-000f-2e37-2889fb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css
23.36.79.43200 OK 54 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash b6228b3f2783812da7bd091334b4cfa3
62f378f7d6be06f07f869f75ece43e141ab8f66a
db11e1c493168f8ce7d0d94ae4b7706f9858d3c7fe34bc31eba438000ddc7efd
GET /officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 53783
content-type: text/css
last-modified: Tue, 10 Jan 2023 11:59:28 GMT
x-ms-request-id: d21dfa1d-601e-0025-7655-2656eb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/hEB129654609A41B9_App_Scripts/wacBootNew.min.js
23.36.79.43200 OK 13 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/hEB129654609A41B9_App_Scripts/wacBootNew.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (53716)
Hash 122686d9f2a300618992d6d86e3d0914
bfbfb2ec24dc8f13d40aa83bf0adec750bad822d
1df952c07bc609ecc1df4fe4cc573b25f00c05dbf78e9e625290a6ccca7056c1
GET /officeonline/o/s/hEB129654609A41B9_App_Scripts/wacBootNew.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 13180
last-modified: Tue, 10 Jan 2023 11:57:49 GMT
x-ms-request-id: 60da46e4-201e-001b-691f-27c194000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/hC495F90E06C0DCE4_App_Scripts/onenoteSyncNew.min.js
23.36.79.43200 OK 40 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/hC495F90E06C0DCE4_App_Scripts/onenoteSyncNew.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49389)
Hash 5e6b0ade5bd875541ac7e83be36eaf72
faa67c9aab23ec4890a91749f5196624b40acaa2
0fa1f5e5b14bc795feb7fc851848dedf7c10647e569d66b5ea47592de1d619e6
GET /officeonline/o/s/hC495F90E06C0DCE4_App_Scripts/onenoteSyncNew.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 39517
last-modified: Tue, 10 Jan 2023 11:57:52 GMT
x-ms-request-id: 9ffcc968-101e-004d-051f-27307b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js
23.36.79.43200 OK 27 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash bb8ae9fcdbc8bb9a9a9b02df17d4365f
ca3b0e716d9f10fd72fd6a9ca0053fdf84afd02e
7ee57c74db26b0a2c80664630d0c97a78cdaa6d34cce01fb387f63044f76f820
GET /officeonline/o/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 27322
last-modified: Tue, 10 Jan 2023 11:57:16 GMT
x-ms-request-id: 9ffcc9ca-101e-004d-641f-27307b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h1CBEDA3DEEF9DEAE_App_Scripts/1033/CommonIntl.js
23.36.79.43200 OK 30 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h1CBEDA3DEEF9DEAE_App_Scripts/1033/CommonIntl.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1484cdff420eb99945b086f2f4930e24
ab0972921e54a1a6b08f0827e5b3dfd3e984d0f9
f102f3254f796cdcccbc3ed3968d2c13cb711cf664c126afc5a563d2fee7de0b
GET /officeonline/o/s/h1CBEDA3DEEF9DEAE_App_Scripts/1033/CommonIntl.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 30089
last-modified: Tue, 10 Jan 2023 11:59:37 GMT
x-ms-request-id: 1f27dd0f-f01e-0045-7b30-272a74000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: f012444b-1eb6-41f1-9151-4d4d7ddf967e
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695A
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 560944BD351848A6973985D99AD8BCD1 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:38 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js
23.36.79.43200 OK 5.0 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (29971), with no line terminators
Hash 19800db9c1c70959192deecb92fbec1f
07bcec3d61124b55388042fe6af61faeae07ac0c
c71dd7757d9c553f556c8537e1d44b3cb85a64bbd8ac56309ec27abd470250da
GET /officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 4977
last-modified: Tue, 10 Jan 2023 12:00:30 GMT
x-ms-request-id: 4210fbc5-101e-004d-5e02-26307b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js
23.36.79.43200 OK 13 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ee573bb5a8dadadf903db372fab9be6
b4157f796359978b4108fee9bd85808e88e83b84
97858a19a3a89a512839f38fa33a3d58065d16d1db7492e9aeb783e9f2ab7135
GET /officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 12903
last-modified: Tue, 10 Jan 2023 12:01:19 GMT
x-ms-request-id: 7268fdaa-901e-0043-592e-2819cb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js
23.36.79.43200 OK 3.4 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (10912), with no line terminators
Hash 3947e6732fec14e89fb82097a5e28bfd
9349febb77ba35000b5f02851a4c13b0fcd9ddd4
a596ec5a61037f320840019bd1fb355ea176789dd9b8c9cb02efc30ac644aa22
GET /officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 3414
last-modified: Tue, 10 Jan 2023 11:57:57 GMT
x-ms-request-id: 06b8733b-001e-000c-252d-28689f000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/hC804FFF0D565F4FF_App_Scripts/1033/OneNoteIntl.js
23.36.79.43200 OK 6.6 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/hC804FFF0D565F4FF_App_Scripts/1033/OneNoteIntl.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (36642), with no line terminators
Hash 83d92b2f8994536bdfb8789fb82e4e0a
3c1ba4c4dd1937a5d6241abe3030ef12d7ef346e
5578016d488f42c1a59a30da5b6b44e4ea1bb44ee66bf2211a1a339738e9090f
GET /officeonline/o/s/hC804FFF0D565F4FF_App_Scripts/1033/OneNoteIntl.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 6588
last-modified: Tue, 10 Jan 2023 12:01:44 GMT
x-ms-request-id: b085ab2f-601e-0025-4e2c-2856eb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDs.js
23.36.79.43200 OK 2.8 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDs.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash f7a3882336d73698919566847d10ba2f
25e0f263ff150bcced6c00163b2a4934cc0dccf7
0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858
GET /officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDs.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 891717
last-modified: Tue, 10 Jan 2023 11:57:16 GMT
x-ms-request-id: 9ffccbf3-101e-004d-651f-27307b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:39 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":10,"Value":"https://res-1.cdn.office.net:443/officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css","Type":"ResourceDownloadSuccess"},{"Index":2,"MsSinceStart":303,"Value":"Making GetCells Request","Type":"BootLogs"}]
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 38dbf235-4135-46d3-8e6c-7c81db9b0473
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006956
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006956
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: FFAAAF5A1A484F9ABDB4A08C77519464 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:39 GMT
content-length: 0
X-Firefox-Spdy: h2
onenoteonlinesync.onenote.com/onenoteonlinesync/v2/sync?sessionId=9fc0847e-426a-4180-9d11-5f500544d432&clientVersion=16.0.16109.41019&appModeExtended=VIEW&sessionOrigin=UNKNOWN&hostId=0&version=3&querySignature=WOPIsrc%3Dhttps%253A%252F%252Fwopi%252Eonedrive%252Ecom%252Fwopi%252Ffolders%252FBA3287463A171E86%25216925%26access_token%3D4wU0sfnmczC%255Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%255FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%255FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ%26access_token_ttl%3D1676295038239
52.109.89.75101 Switching Protocols 0 B URL HTTP/1.1 onenoteonlinesync.onenote.com/onenoteonlinesync/v2/sync?sessionId=9fc0847e-426a-4180-9d11-5f500544d432&clientVersion=16.0.16109.41019&appModeExtended=VIEW&sessionOrigin=UNKNOWN&hostId=0&version=3&querySignature=WOPIsrc%3Dhttps%253A%252F%252Fwopi%252Eonedrive%252Ecom%252Fwopi%252Ffolders%252FBA3287463A171E86%25216925%26access_token%3D4wU0sfnmczC%255Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%255FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%255FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ%26access_token_ttl%3D1676295038239
IP 52.109.89.75:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onenoteonlinesync/v2/sync?sessionId=9fc0847e-426a-4180-9d11-5f500544d432&clientVersion=16.0.16109.41019&appModeExtended=VIEW&sessionOrigin=UNKNOWN&hostId=0&version=3&querySignature=WOPIsrc%3Dhttps%253A%252F%252Fwopi%252Eonedrive%252Ecom%252Fwopi%252Ffolders%252FBA3287463A171E86%25216925%26access_token%3D4wU0sfnmczC%255Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%255FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%255FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ%26access_token_ttl%3D1676295038239 HTTP/1.1
Host: onenoteonlinesync.onenote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://onenote.officeapps.live.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ogryDj8C98P3PIx/1OIkwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Cache-Control: private
Upgrade: websocket
Server: Microsoft-IIS/10.0
X-CorrelationId: 69fbbf0d-f7c8-4bec-94ad-073a7952e532
X-UserSessionId: 69fbbf0d-f7c8-4bec-94ad-073a7952e532
X-OfficeFE: OneNoteOnlineSyncServiceEngine_IN_7
X-OfficeVersion: 16.0.16109.40456
X-OfficeCluster: weu-004.onenoteonlinesync.onenote.com
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-AspNet-Version: 4.0.30319
Sec-WebSocket-Accept: QjiMt5wc2tpkHKqvCnL9ywkKYW0=
Connection: Upgrade
X-Powered-By: ASP.NET
Date: Mon, 23 Jan 2023 13:30:39 GMT
onenote.officeapps.live.com/o/OneNote.ashx
13.107.6.171200 OK 260 kB URL HTTP/2 onenote.officeapps.live.com/o/OneNote.ashx
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65515), with no line terminators
Size 260 kB (259574 bytes)
Hash 212c4caff0236e7a2e04d95f8c10e6b5
7f2f1438e0dadb14bf5c3b069895739efa9fd1ce
d6583623b985a04b351d90655ac8c25efa88058ebe5f3f48affa2efb2466ae80
POST /o/OneNote.ashx HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-xhr: 1
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-OfficeVersion: 16.0.16109.41019
Content-Type: application/json; charset=utf-8
X-Key: KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c=,638100774390997544
X-AccessToken: 4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ
X-UserType: WOPI
X-WacCluster: PNL1
X-WacUserAgent: MSWACONSync
X-ServerSideRendering: RenderingNoImages
X-SessionStartDimensions: {"Application":"OneNote","Browser":"Firefox","BrowserMajorVersion":"105","BrowserVersion":"105.0","Host":"OneDriveWOPI","IsSynthetic":"False","Os":"Windows","Ring":"5","RoutedVia":"AzureFrontDoor","SessionOrigin":"OTHER","UiHost":"OneDrive","UserSessionApplicationMode":"View","WACDatacenter":"PNL1"}
X-Requested-With: XMLHttpRequest
Content-Length: 2622
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 259574
content-type: application/json; charset=utf-8
content-encoding: gzip
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 2be5e89e-09d7-48c2-be29-a1a0075e2972
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006022
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006022
x-wacfrontend: AM4PEPF00006022
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 4D84CB0E395540F18FC5650C9EB21D90 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:39 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/wapsw.png?b=1601610941019
23.36.79.43200 OK 5.9 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/wapsw.png?b=1601610941019
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 448 x 336, 8-bit/color RGBA, non-interlaced\012- data
Hash 93a322c8b54119cfe9b2cea455e9204e
42578d63a9340a1788b9319ca819ce0a2074c33d
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
GET /officeonline/o/s/161610941019_resources/1033/wapsw.png?b=1601610941019 HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 5884
content-type: image/png
last-modified: Tue, 10 Jan 2023 12:00:26 GMT
x-ms-request-id: 418123de-201e-0069-786a-27c6db000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-intl.min.js
23.36.79.43200 OK 43 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-intl.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (37250)
Hash dd840963766d29877681dc8223c19d33
c1779f1c11b53637757c763c5f8653d10f29fba7
5cd73399a5a4ec8b0ef6e55bbae68d9265d19892aaa13c2a66bb35af05b60c43
GET /officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-intl.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 42631
last-modified: Tue, 10 Jan 2023 11:57:20 GMT
x-ms-request-id: 6ce08117-b01e-006b-6a30-277863000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/common.min.js
23.36.79.43200 OK 118 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/common.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (33854)
Size 118 kB (117951 bytes)
Hash ad83ea1edbbc327e88f5e0fcc53ff216
5f5e93c7ffdb2f5094255b8a2805a7177def3f3c
37523ce89d32b9feb75a18b950976f2e8d22cc0e0715f535c5e2d83ec326cf48
GET /officeonline/o/s/161610941019_App_Scripts/common.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 117951
last-modified: Tue, 10 Jan 2023 11:57:27 GMT
x-ms-request-id: 60da4f67-201e-001b-3f1f-27c194000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-intl-mlr.min.js
23.36.79.43200 OK 26 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-intl-mlr.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (37250)
Hash bec74ab462edc3b0b293bb0791dadcc5
e469a33ca999855dbb68be1e09a46decfc3ae2ea
cffa24a3530af939df5c655a9328028e3e0de125b7813893c8ee85991b891b51
GET /officeonline/o/s/161610941019_App_Scripts/1033/onenote-intl-mlr.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 25793
last-modified: Tue, 10 Jan 2023 11:57:50 GMT
x-ms-request-id: 1f27e176-f01e-0045-6030-272a74000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appChrome.min.js
23.36.79.43200 OK 191 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appChrome.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 191 kB (190661 bytes)
Hash d62941d0a382e1a5d66473341645a755
9f6e95568742bc22649f43a3aa787a4d8969aab9
e86d4549f3dd52a9422a46e0f25bea1909a8a206d2b5313561699ef51cb60acd
GET /officeonline/o/s/161610941019_App_Scripts/appChrome.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190661
last-modified: Tue, 10 Jan 2023 11:57:43 GMT
x-ms-request-id: 68caab20-901e-0043-781f-2719cb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":993,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 725fa8c0-c10c-4663-831e-9bfdfe1d83fa
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006957
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006957
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 34B9E7CE286A454EBF4FC08D14C0F35B Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:40Z
date: Mon, 23 Jan 2023 13:30:39 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/progress.gif
23.36.79.43200 OK 695 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/progress.gif
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 24 x 24\012- data
Hash 648ad2f7eea95a9b5491dcd2203b2f54
5ffa99938410aebab10b32308f242437b9432b53
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
GET /officeonline/o/s/161610941019_resources/1033/progress.gif HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 695
content-type: image/gif
last-modified: Tue, 10 Jan 2023 11:59:57 GMT
x-ms-request-id: 9d42b8bb-a01e-0048-7f30-27e2a0000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/wacairspaceanimationlibrary.js
23.36.79.43200 OK 6.1 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/wacairspaceanimationlibrary.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (41569), with no line terminators
Hash 7749a9200d999b09704c291a23b3dab0
70794e85e6c1279bc92c3cc59d6c591d52b762b3
3e05f5ee1b16f7f99cd4003ccf7c5d79db3da86c22aabc695e574813cf133ce8
GET /officeonline/o/s/161610941019_App_Scripts/wacairspaceanimationlibrary.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 6113
last-modified: Tue, 10 Jan 2023 11:58:00 GMT
x-ms-request-id: 60da5021-201e-001b-691f-27c194000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/box42.png
23.36.79.43200 OK 6.3 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/box42.png
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 222 x 204, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d71229f6ca9ebff5f7972f01b547c7c
4d71b33506e6f0eba1c783de37e36480f2e392be
abc0fa95b72f082cf4fbb18267cdbd282f2909b65b1b479d7f339db41769946e
GET /officeonline/o/s/161610941019_resources/1033/m2/box42.png HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 6336
content-type: image/png
last-modified: Tue, 10 Jan 2023 12:04:46 GMT
x-ms-request-id: 1f27e219-f01e-0045-7130-272a74000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-navpane-strings.min.js
23.36.79.43200 OK 1.7 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-navpane-strings.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7373), with no line terminators
Hash 2e175b7f75f470e44e3b24267cd39d9b
d3a0911f4221a9543d841b27323088ce0d617672
422025b015ce85a007a04b2b71fefb73121d8ba91722dc8cdf1140a1f2ccf6bf
GET /officeonline/o/s/161610941019_App_Scripts/1033/onenote-navpane-strings.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1680
last-modified: Tue, 10 Jan 2023 11:57:22 GMT
x-ms-request-id: 9d42b956-a01e-0048-0530-27e2a0000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1106,"Value":"Get cells response received:200","Type":"BootLogs"},{"Index":5,"MsSinceStart":1109,"Value":"Launching FastView from entry point WacBootGetCells","Type":"BootLogs"},{"Index":6,"MsSinceStart":1123,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 62250a2f-baf9-45d7-8dc5-835cdcbc99e7
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695A
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 1C3EB73AC95A473592CB5B64B2C428D0 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:40Z
date: Mon, 23 Jan 2023 13:30:40 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.woff
23.36.79.43404 Not Found 215 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.woff
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash a7a3da6c57cdbbbeba88351257601dab
548add776ddd06f0940d71304f5d80d740de4add
852f1608537c9eb6c09dfad6912efa7081719acaca0190f82ea208b7f32ff7fe
GET /officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.woff HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://res-1.cdn.office.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-length: 215
x-ms-request-id: 10049f8c-b01e-003b-6f2e-2f8f65000000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/one.png
23.36.79.43200 OK 51 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/one.png
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 452 x 444, 8-bit/color RGBA, non-interlaced\012- data
Hash eca50172a6583b16e553e9917fb710fb
2fd7fb2ff5c10e17e9066ce6bd2393e1f6b93cc0
fff5919a2cbaceae0528522b6c73e4f1d549ca8ee13c680b50ed377dfd2b61f0
GET /officeonline/o/s/161610941019_resources/1033/m2/one.png HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 51120
content-type: image/png
last-modified: Tue, 10 Jan 2023 12:04:12 GMT
x-ms-request-id: 1f27e4f8-f01e-0045-7d30-272a74000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.ttf
23.36.79.43404 Not Found 215 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.ttf
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash a246293d1d0eef7f0aeecab5f73026aa
1035bc01ebe5e3a1964e6177b5c58c841db30889
0feb76678d3f3890f7e2554c15e23ad4070013f9ab9e44de0e05ef2e16080c3b
GET /officeonline/o/s/h2370440C296E813C_resources/1033/segoeui.ttf HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://res-1.cdn.office.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-length: 215
x-ms-request-id: 00964660-b01e-0059-482e-2f4d42000000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-ttf
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/box43.png
23.36.79.43200 OK 1.9 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/m2/box43.png
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash d212459353e8fd1d2514c77703d44f1f
a0cabb548a218e87fbcb4d4addea47068a4288d3
7ad89a907bfe47019d905b92d0c203082aa75852d39b480e6fbe1718a8ea3647
GET /officeonline/o/s/161610941019_resources/1033/m2/box43.png HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1922
content-type: image/png
last-modified: Tue, 10 Jan 2023 12:05:01 GMT
x-ms-request-id: 5487d8ac-301e-0028-1130-279e3f000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/navigation.min.js
23.36.79.43200 OK 103 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/navigation.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (102862 bytes)
Hash 555e981a11a32da7d951e553eac75ebe
a457623ceae5a536baa86cea537ac8bc3a1a5386
c53b96b2e92b8211fa87a638cf24272d8743f9478f9d3f765e29f50caf6ad7cb
GET /officeonline/o/s/161610941019_App_Scripts/navigation.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 102862
last-modified: Tue, 10 Jan 2023 11:57:43 GMT
x-ms-request-id: 68caad5d-901e-0043-021f-2719cb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
23.13.246.185200 OK 32 kB URL HTTP/2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
IP 23.13.246.185:0
File type Web Open Font Format (Version 2), TrueType, length 31824, version 0.0\012- data
Hash 66d11e55b7a413ddf6a84e858697e7b6
fe2693ad426bd3dc173c870ca856478c7e20d43a
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
GET /files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 HTTP/1.1
Host: static2.sharepointonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 31824
content-type: application/font-woff2
content-md5: ZtEeVbekE932qE6Fhpfntg==
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
etag: 0x8D51CA4122953A7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a66900ba-801e-000f-7b86-c8f041000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=20009608
date: Mon, 23 Jan 2023 13:30:41 GMT
X-Firefox-Spdy: h2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
23.13.246.185200 OK 36 kB URL HTTP/2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
IP 23.13.246.185:0
File type Web Open Font Format (Version 2), TrueType, length 36344, version 0.0\012- data
Hash 865f1db6545fc94a2f4444dd60e7bbc6
b00d806dd42101881ab94e1c96f8235b74f6ab7f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
GET /files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 HTTP/1.1
Host: static2.sharepointonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 36344
content-type: application/font-woff2
content-md5: hl8dtlRfyUovRETdYOe7xg==
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
etag: 0x8D522163B704E10
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c6e23372-a01e-00a1-7b86-c85d50000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=20009605
date: Mon, 23 Jan 2023 13:30:41 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/uiSlice20.min.js
23.36.79.43200 OK 98 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/uiSlice20.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65498), with no line terminators
Hash 1585a42f676518adc9df3cd185f228da
ea90b294a59e6c8558a0c707bd36d0974dbcee48
824a4013406da43419e222c4da84905930654613e0db4f9b85db248794cb6794
GET /officeonline/o/s/161610941019_App_Scripts/uiSlice20.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 98265
last-modified: Tue, 10 Jan 2023 11:57:24 GMT
x-ms-request-id: d90c3633-701e-004b-6d1f-2703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appChromeLazy.min.js
23.36.79.43200 OK 129 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appChromeLazy.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 129 kB (128952 bytes)
Hash 59274250f4b2f7778e53ea68e84150e0
762fae00cc7e2a0b90d951ab2edecd0ca52ba518
195a57cb363f31e34283c3423727e9287e88e649ad5f5479f06a6b510578c342
GET /officeonline/o/s/161610941019_App_Scripts/appChromeLazy.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 128952
last-modified: Tue, 10 Jan 2023 11:57:42 GMT
x-ms-request-id: b57d3d59-901e-000e-101f-27d627000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/common50.min.js
23.36.79.43200 OK 242 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/common50.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 242 kB (241944 bytes)
Hash b06780eb4a6bd7492db2c844edc7fda8
9a9f67914cc26069ff8e0130c419d61424ae3333
81400e31eb644e9870f27efbc604268c14435dda4248196086959891d8b61a54
GET /officeonline/o/s/161610941019_App_Scripts/common50.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 241944
last-modified: Tue, 10 Jan 2023 11:57:53 GMT
x-ms-request-id: 94dab34e-301e-005a-721f-279970000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js
23.36.79.43200 OK 48 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash df0924d763fed61a9a28b1095831e0c9
d9fb6baf2812eeee8b71bbf19e6a911ec400e612
3085d78743dffdb3a81d9e59b5045f408e75d2c4e1700ac13fb82caa4cef6895
GET /officeonline/o/s/161610941019_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 48275
last-modified: Tue, 10 Jan 2023 11:57:05 GMT
x-ms-request-id: 1f27e9c9-f01e-0045-3030-272a74000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appIconsLazy.min.js
23.36.79.43200 OK 62 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/appIconsLazy.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type HTML document, Unicode text, UTF-8 text, with very long lines (39818)
Hash 5eae428368bc1b2d5463b39f249cd445
a796d2acd8ec77004fee0002b3bc5b01bdf519cb
f2c5897a4c3351927a4d822987fa9064aa853e00322ef751c21455fcae286033
GET /officeonline/o/s/161610941019_App_Scripts/appIconsLazy.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 61745
last-modified: Tue, 10 Jan 2023 11:57:43 GMT
x-ms-request-id: d90c36f7-701e-004b-1d1f-2703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 125
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: private
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 3b740067-97d1-4ef6-92d4-a193a52a5e6e
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006957
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onedrive.live.com
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006957
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: EC98568209EA46C38F67AFC71F42503E Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:41Z
date: Mon, 23 Jan 2023 13:30:41 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-OfficeVersion: 16.0.16109.41019
X-WacCluster: PNL1
X-WacFrontEnd: AM4PEPF00006957
X-WacUserAgent: MSWACONSync
X-IsCoauthSession: true
X-bULS-SuppressionETag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
X-UserType: WOPI
haep: 1
X-Key: KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c=,638100774390997544
X-AccessToken: 4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ
X-AccessTokenTtl: 1676295038239
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 17050
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: fe9a288e-6ddd-4663-a8b3-8d06ac984e41
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695B
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695B
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 011191195011465293B4B4DCD571063C Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:41Z
date: Mon, 23 Jan 2023 13:30:41 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js
23.36.79.43200 OK 1.3 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4174)
Hash 3fac27cc20722bcdd16eec825c95d6da
172c69d12c153799da87c97efb4578611ed0cab6
2b969a404aca2423e35f49d65b1d375c20028f13341e4a13f8d5235af89b4dff
GET /officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1336
last-modified: Tue, 10 Jan 2023 11:56:50 GMT
x-ms-request-id: d29786c4-d01e-0030-4eff-254158000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 4718
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 6e1c6745-28a8-4875-86f6-5ff5b60823f8
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006960
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onedrive.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-buls-suppressedtags: 378069,1671813,2208151,2209344,3249545,3290144,4285850,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19214611,19743902,19939648,20486158,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22922182,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37754499,37856259,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40777251,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51492170,51504083,51667010,306230939,306978834,509743362,510252435,512522335,512522337,512522368,520926864,520926865,520979847,521007315,521749855,523613141,524150164,524883107,524883136,524883138,537159041,537159051,537159499,537167070,537169937,538542792,538543587,539075678,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,560550470,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,589101015,589101018,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595359709,595359710,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,947352439,963472182,963915891,1630679666,1630679667,1633958006,1647605351,1647863416,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006960
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: F60CBA2C4B0A4816BD70CCF4F64FA631 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:41Z
date: Mon, 23 Jan 2023 13:30:41 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreonavpane.min.js
23.36.79.43200 OK 46 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreonavpane.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 3db6d2013f642fbf293393a83b179f12
8cfd3f6317fb68ba55bd99cf5415f4c428dc351c
e07dc978fe0b3fcbd6f195751af1ce07e01de3d184878c72dd5022a766c0141a
GET /officeonline/o/s/161610941019_App_Scripts/oreonavpane.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 46299
last-modified: Tue, 10 Jan 2023 11:57:35 GMT
x-ms-request-id: 9c687ffb-f01e-0037-121f-272d3b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreolazy.min.js
23.36.79.43200 OK 14 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreolazy.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (61838)
Hash a1bf36d2a44e40b68e4f097218c28abf
ed6aae15491e6748383979c953e7dfdd99db8c7e
d5a00a5e0c611a6aa0191d47470f608f5339c9917245f00e01de4f517104c810
GET /officeonline/o/s/161610941019_App_Scripts/oreolazy.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 14186
last-modified: Tue, 10 Jan 2023 11:57:32 GMT
x-ms-request-id: b57d437f-901e-000e-291f-27d627000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:41 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
www.microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff2
2.18.173.151200 OK 34 kB URL HTTP/2 www.microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff2
IP 2.18.173.151:0
File type Web Open Font Format (Version 2), TrueType, length 34052, version 0.0\012- data
Hash 36397a3bc139c6e9f81d383f060f080a
3f4f86c10920d4ed345f4858b6cde9f93e1aeb81
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
GET /fonts/segoe-ui/west-european/normal/latest.woff2 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34052
content-type: font/woff2
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
accept-ranges: bytes
etag: "588d483e9c7d51:0"
unused62: 8096267
cache-control: public, max-age=298527
date: Mon, 23 Jan 2023 13:30:42 GMT
access-control-allow-origin: https://onenote.officeapps.live.com
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: RT
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/jquery-1.7.2-39eeb07e.js
23.36.79.43200 OK 33 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/jquery-1.7.2-39eeb07e.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (32103)
Hash e06828a30c5961dbf764baa379145027
00a29e24ee9d45b9d3393796db6b7ae0d797ee55
4dd9ca83d03bf316fb56793d4b1dfc5b6fa203c91d1042ca7edfe19347a313fe
GET /files/onedrive-website-release-prod_master_20230112.001/jquery-1.7.2-39eeb07e.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 33335
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:44 GMT
x-ms-request-id: e69be781-b01e-0026-26a9-2ab78f000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac_s_office-f935cd3b.js
23.36.79.43200 OK 114 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac_s_office-f935cd3b.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (32044)
Size 114 kB (114294 bytes)
Hash d8eac1f7722d8cff4ac10dbaf07b3fc2
de555b18a952d1f5369df921600f23ba64a1354f
2e8913f2b61ea5c798ef70fa43c010529cc0161d41c3364e18520ca910eec2e6
GET /files/onedrive-website-release-prod_master_20230112.001/wac_s_office-f935cd3b.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 114294
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:44 GMT
x-ms-request-id: 37d0f1ff-001e-000c-2ba9-2a689f000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll1.js
23.36.79.43200 OK 472 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll1.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3523)
Size 472 kB (471498 bytes)
Hash 24df2afc425ed83249426afba64c1ca6
9ac0bfe7820394153c64447d56a4b8dec9569d7c
1487d6a2c3908eface60b6c1f67b076141d9c382bdae068b5d73a34a7bf5177c
GET /officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll1.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 471498
last-modified: Tue, 10 Jan 2023 11:56:47 GMT
x-ms-request-id: b57d4284-901e-000e-3e1f-27d627000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreonotebookpane.min.js
23.36.79.43200 OK 1.1 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreonotebookpane.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2968)
Hash fe8ea861e9106d5af23f40b87bcc393c
704a8d037c8a8c1dfedaa10f9f1995122e187935
1bfa4917fc5385464e2d835e6bd720e5c0cacb4bd47a5e2beb48104851656ec9
GET /officeonline/o/s/161610941019_App_Scripts/oreonotebookpane.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1083
last-modified: Tue, 10 Jan 2023 11:57:48 GMT
x-ms-request-id: 3a7b43c5-b01e-0026-3223-27b78f000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreosearchpane.min.js
23.36.79.43200 OK 16 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/oreosearchpane.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (60535)
Hash a8a6c2d28600d92a13f6bc5aa70ab7d3
e53789bf43752b03b86e953f3f238d37c10663df
6ea6a4d33c3ce9e3cefd738e4e841a6eb445f006fd17eecd3563fb0ef3a5a879
GET /officeonline/o/s/161610941019_App_Scripts/oreosearchpane.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 15469
last-modified: Tue, 10 Jan 2023 11:56:48 GMT
x-ms-request-id: d90c3f27-701e-004b-081f-2703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
20.42.73.26200 OK 0 B URL HTTP/1.1 browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
IP 20.42.73.26:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157 HTTP/1.1
Host: browser.pipe.aria.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1095
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1826
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Date: Mon, 23 Jan 2023 13:30:41 GMT
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac2-d8541046.js
23.36.79.43200 OK 109 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac2-d8541046.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32005)
Size 109 kB (109105 bytes)
Hash 69555d9cc0aa86aa6074314049acd508
07970068e38492e588f0a3873cb6065393f4bfad
b826124f16a977b29daa97c0742d91ec0ec95c52d3cf1c2e8d259582c4c06929
GET /files/onedrive-website-release-prod_master_20230112.001/wac2-d8541046.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 109105
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:46 GMT
x-ms-request-id: c3826bfc-701e-004b-62a9-2a03c4000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac0-efa56458.js
23.36.79.43200 OK 5.9 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac0-efa56458.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15157), with no line terminators
Hash d548d4808298022cc1367319d8e471bd
c0b5c5f217012cac34a499fd8f74bbfbd827a7fa
5679746da69768cd6c119a095416dfc481a33fdcf879211ac41b324b882589c4
GET /files/onedrive-website-release-prod_master_20230112.001/wac0-efa56458.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 5910
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:47 GMT
x-ms-request-id: da69e2cc-801e-003d-20a9-2a898c000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac1-cdc297b4.js
23.36.79.43200 OK 14 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001/wac1-cdc297b4.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32025)
Hash 871e61f5160c324c44b4dea715adfc43
936fa9b9fc71593f86e030549a3b115e2acdde35
337e4d3ae2bfd85918257bd2cdd00d7ff85ed83078dc1aaf2b7576c2bdc616a3
GET /files/onedrive-website-release-prod_master_20230112.001/wac1-cdc297b4.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 14062
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:44 GMT
x-ms-request-id: e69be890-b01e-0026-19a9-2ab78f000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/otel.worker.min.js
23.36.79.43200 OK 28 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/otel.worker.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49365)
Hash e2cafcc8c7bb733265832d6c53f10c09
8a348ef05d6963dba1e7d8b56bc1b60177dbd7ba
2a926353bf9b00dd39d6facf0b96bb062a35625841217957f45b5c31a40bf9e3
GET /officeonline/o/s/161610941019_App_Scripts/otel.worker.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 28175
last-modified: Tue, 10 Jan 2023 11:57:58 GMT
x-ms-request-id: 94dab616-301e-005a-641f-279970000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff
95.101.11.74200 OK 152 kB URL HTTP/2 spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff
IP 95.101.11.74:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 151924, version 0.0\012- data
Size 152 kB (151924 bytes)
Hash e80ff72e03e780056cfdbd85c63404ce
c450a1a6233f0fbc6dbffb7fee251e378f64ef32
05828d625dcb5781d0a3cc67a2429ced535fdf848b8b8075d49751eb5b30c7af
GET /files/fabric/assets/icons/fabricmdl2icons.woff HTTP/1.1
Host: spoprod-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-md5: 6A/3LgPngAVs/b2FxjQEzg==
last-modified: Fri, 11 May 2018 22:37:14 GMT
etag: 0x8D5B78FBE15F296
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2ef643d7-c01e-0060-702b-d558f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-length: 151924
unused62: 8096267
cache-control: public, max-age=19520961
date: Mon, 23 Jan 2023 13:30:42 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
timing-allow-origin: *
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js
23.36.79.43200 OK 94 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 11f4ef940ac0a24122b8045bf7d3aa27
9ee1ebe94fa689e6769e4f9b60a1995a47a404c9
4b8c4b98479d97c832a477e78716d83462b2a740dec303014f9192a0f3b7fb25
GET /officeonline/o/s/161610941019_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 94338
last-modified: Tue, 10 Jan 2023 11:57:48 GMT
x-ms-request-id: 75fe80fe-e01e-0014-1a30-27b7f8000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js
23.36.79.43200 OK 34 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (61584), with CRLF line terminators
Hash 27c57362a210054717ceba0ca132b349
06d9bb14cb1d98715279443d1b011c046d723a6d
eed78a0c8417321c6d226f73a479e257cb8bbbf0703b2000b5ed9d819299714b
GET /officeonline/o/s/161610941019_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 33871
last-modified: Tue, 10 Jan 2023 11:57:00 GMT
x-ms-request-id: d90c39b8-701e-004b-141f-2703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/osfruntime_ono.js
23.36.79.43200 OK 121 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/osfruntime_ono.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64817)
Size 121 kB (121291 bytes)
Hash 5a2b49c6d8f9d9af5c8dd000be6f0217
0985ff009e9c9af5040d676f6505f38c4d857921
bba620fbb7febe916256cc7e391ffc2ee4f1244056b5d5d6d88786b6b7fea33b
GET /officeonline/o/s/161610941019_App_Scripts/osfruntime_ono.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 121291
last-modified: Tue, 10 Jan 2023 11:57:54 GMT
x-ms-request-id: 94dabb82-301e-005a-4c1f-279970000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/OfficeExtension.WacRuntime.js
23.36.79.43200 OK 17 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/OfficeExtension.WacRuntime.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 664ced6d6aec9a736e20d2d19ca4c0e0
c5c3f7e37ba74dd37a22678b7fae01640b66cb25
a1426b9b0fcd868644c32f719638c33a6eaff40ddb6cb568d27bb44e6ec3c36a
GET /officeonline/o/s/161610941019_App_Scripts/OfficeExtension.WacRuntime.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 16640
last-modified: Tue, 10 Jan 2023 11:57:08 GMT
x-ms-request-id: b57d48df-901e-000e-271f-27d627000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:42 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js
13.107.6.171200 OK 6.0 kB URL HTTP/2 onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (18992), with CRLF line terminators
Hash 365c2cb69866db8652c9df42f55ebde9
a53d93eff95757bcb05b500bb99ae84162eff915
1dafcdc390c84110e6f74ef35260258cb7e94b8d52da1e614fccbbb3a9282e62
GET /o/App_Scripts/Acl/Acl1033.js HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 5979
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 00:38:45 GMT
accept-ranges: bytes
etag: "8098cd964b3d81:0"
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 165ce53f-e698-42b4-b657-e8e96715a6b3
x-usersessionid: 165ce53f-e698-42b4-b657-e8e96715a6b3
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695A
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-officefd: AM4PEPF0000695A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 015A90B1CFF94380BDD4064186D83109 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:42Z
date: Mon, 23 Jan 2023 13:30:42 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us
23.36.79.43200 OK 5.1 kB URL HTTP/2 res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (25305), with no line terminators
Hash d9e3cc23fd3eaeb190b25b89c8a7a358
18ce5f7fbcdf377fd38707f7ee72503236cf8b70
a26d909a70b7c9ba35bde709089c9e23a48963e7de3c01d5bdac648c8f12437a
GET /shellux/api/ShellBootInfo/consumer/OneShell/en-us HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
pragma: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
x-o365suiteuxshell-correlationid: f3626b58-b45b-4ce2-8325-d68eadfcd961
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
date: Mon, 23 Jan 2023 13:30:42 GMT
content-length: 5126
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback.css
23.36.79.43200 OK 2.8 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (19234)
Hash 8249361451aa7cb3e9209aba98a91387
8fbcad2b4135b98032fba5bc418c1e01583e57d4
abe04518f423abf5836cf1203c74d54914d1c60dda0f983f24662bb27a4e2d66
GET /officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2769
content-type: text/css
last-modified: Tue, 10 Jan 2023 11:57:19 GMT
x-ms-request-id: 68cb25c0-901e-0043-5e1f-2719cb000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/Intl/en/officebrowserfeedbackstrings.js
23.36.79.43200 OK 786 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/Intl/en/officebrowserfeedbackstrings.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2224), with no line terminators
Hash 6b088d3732707dc4cf7ad8a40e03b059
7a84a9e12aec17b6db8c2b4187ec8cd11df22042
0b65ac42e497fc7ccf9341e6b4768c135b642ee2465413c9616bb79ed86b30c9
GET /officeonline/o/s/161610941019_App_Scripts/Feedback/Intl/en/officebrowserfeedbackstrings.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 786
last-modified: Tue, 10 Jan 2023 12:08:42 GMT
x-ms-request-id: 2d318edc-a01e-0067-2b30-27ef6b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/strings/en/shellstrings.json
23.36.79.43200 OK 4.4 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/strings/en/shellstrings.json
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 7cef6d578b8623d66ae3a30dd0c1c48c
1fe501f1f1a83318da04e5391c7f410eb85fb941
aefc4eee22dec79bc58d6a429d1b0044fb5dec0c5356540e813b1f8fd1f96976
GET /officeonline/o/s/161610941019_App_Scripts/suiteux-shell/strings/en/shellstrings.json HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 12:08:03 GMT
x-ms-request-id: 972f321e-b01e-0036-193c-2772e7000000
content-encoding: gzip
content-length: 4423
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-OfficeVersion: 16.0.16109.41019
X-WacCluster: PNL1
X-WacFrontEnd: AM4PEPF00006957
X-WacUserAgent: MSWACONSync
X-IsCoauthSession: true
X-bULS-SuppressionETag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
X-UserType: WOPI
haep: 1
X-Key: KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c=,638100774390997544
X-AccessToken: 4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ
X-AccessTokenTtl: 1676295038239
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 18284
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: a780b443-cd12-4f31-859b-7911adfbc8f2
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006022
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006022
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 14BF9C3A7D4D40DA9FD78720259BA19F Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:43Z
date: Mon, 23 Jan 2023 13:30:43 GMT
content-length: 0
X-Firefox-Spdy: h2
eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
20.50.201.200200 OK 0 B URL HTTP/1.1 eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
IP 20.50.201.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream HTTP/1.1
Host: eu-office.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Date: Mon, 23 Jan 2023 13:30:43 GMT
res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll2.js
23.36.79.43200 OK 344 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll2.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (726)
Size 344 kB (343589 bytes)
Hash 64e914c148ced9f92d3f3f44d09ebeb3
886dcb4f32d8f1011e5ddc74751207f1efdf9db1
75d73a1b75d13c52348b83c12190157399ef7b5af12fc6c01341d0f08e2e2e03
GET /officeonline/o/s/h2570E919D6E0371D_App_Scripts/OneNoteDS.box4.dll2.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 343589
last-modified: Tue, 10 Jan 2023 11:57:08 GMT
x-ms-request-id: b57d4eda-901e-000e-1d1f-27d627000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash a5f4ed65df1fe45243ea4be1fb98cd5c
2be16d672f08af2651350699693c0ba2f3bc3f5f
4e3432f8f45dfc84c77a77d3c5023c63dbfee9d37f840b3a03f7f4bb6967f160
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:06 GMT
Last-Modified: Mon, 23 Jan 2023 10:13:33 GMT
ETag: "4e3432f8f45dfc84c77a77d3c5023c63dbfee9d37f840b3a03f7f4bb6967f160"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: B1EB0B85FB4A4172A394F682CB6ACBD4 Ref B: OSL30EDGE0414 Ref C: 2023-01-23T13:30:43Z
Date: Mon, 23 Jan 2023 13:30:42 GMT
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js
23.36.79.43200 OK 2.0 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7514), with no line terminators
Hash f5e913c674615324eaee392a5c0d8091
b03ee48579c156902fef2c1f4d0bcd31e7ce19bb
a9319a09689113b67b9a0716862a5cbc617f41b899b1b47d1c698832d80a2cef
GET /officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2014
last-modified: Tue, 10 Jan 2023 12:02:05 GMT
x-ms-request-id: bb6c8fe6-f01e-006a-7123-2727bf000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7909e1d2f9d328a5ee7fd27b343298d1
cedd8106212f22ebd9419eb05b49df7b19f1f08b
352edf7987adb4af285aa50fb0e8509a90fb70ff6ece698365a84474fe8ab3d9
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:06 GMT
Last-Modified: Sun, 22 Jan 2023 14:13:33 GMT
ETag: "352edf7987adb4af285aa50fb0e8509a90fb70ff6ece698365a84474fe8ab3d9"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 61D4D5DD8C87423B9B607DA35312B21E Ref B: OSL30EDGE0222 Ref C: 2023-01-23T13:30:43Z
Date: Mon, 23 Jan 2023 13:30:43 GMT
messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2
52.111.231.13204 No Content 0 B URL HTTP/2 messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2
IP 52.111.231.13:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2 HTTP/1.1
Host: messaging.engagement.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Referer: https://onenote.officeapps.live.com/
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 13:30:43 GMT
server: Microsoft-HTTPAPI/2.0
access-control-allow-headers: x-correlationid,x-usersessionid
access-control-allow-methods: GET
access-control-allow-origin: *
x-activitytraceid: 9be405b340c8e40605bcdf7df97a646d
x-correlationid: 9be405b3-40c8-e406-05bc-df7df97a646d
x-machine: OmexNode2000001__omexexternal-prod-frc-2-000_1
x-buildversion: 23.4.10109.12115
x-servicefabricrequestid: a3dcfd2b-0535-44a2-9c61-0a32b558ff02
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.core.js
23.36.79.43200 OK 76 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.core.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65312), with no line terminators
Hash 8b8a226fce38dbfbcfd5e0b5d4ac8a00
5667201f478903994c5a4908b477a3401d377e8d
14401f9831a189c30af468083ddafff7585bc8106e77c0aa264d7441fbed89ac
GET /officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.core.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 75702
last-modified: Tue, 10 Jan 2023 12:02:17 GMT
x-ms-request-id: 78698c1e-701e-004b-1a23-2703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filesbucket3-5286f09d.css
23.36.79.43200 OK 2.2 kB URL HTTP/2 res-1.cdn.office.net/files/onedrive-website-release-prod_master_20230112.001//filesbucket3-5286f09d.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (8026), with no line terminators
Hash 8e9e7bf279db000fc6c32738485056a5
0fc5198eaf09341003a9b749b84d8f47c5361419
dd167a94bf33df6f55b651862c05eeaf42d97a57b614aca5a64f77d9656c8611
GET /files/onedrive-website-release-prod_master_20230112.001//filesbucket3-5286f09d.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2247
content-type: text/css
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 00:07:47 GMT
x-ms-request-id: da69e6dd-801e-003d-34a9-2a898c000000
cache-control: public, max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
20.50.201.200200 OK 9 B URL HTTP/1.1 eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
IP 20.50.201.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash a1e74a5b10bc1f2648f657c1b9945cf7
9818ad34dbfc6c3f58293e412364a02871b00464
50250bbc09f470c0a36f6ef540dbfa189af59e689e49aa99e822c2ab6d8f600d
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream HTTP/1.1
Host: eu-office.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.4
apikey: 79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,1705ef36a51840648341da866d62baf8-ddbcd60b-4ce4-48da-96be-ad5f28b48954-8035,86258c80efed47d9b34bf77fc663b381-af82a060-b49f-448b-baf0-956ba7709592-7634,31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063
upload-time: 1674480641805
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 11284
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Cookie: MUID=02FCB0EC723264591CDBA15976326249; MC1=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1839
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 23 Jan 2023 13:30:42 GMT
c.live.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893
20.234.93.27302 Found 0 B URL HTTP/2 c.live.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893 HTTP/1.1
Host: c.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BP=l=SDX.Skydrive&FR=&ST=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&RedC=c.live.com&MXFR=2E5C1E92B6BC6ADC13E80C30B2BC6E43
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.live.com; path=/; SameSite=None; Secure;
MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43; domain=.live.com; expires=Sat, 17-Feb-2024 13:30:43 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 23 Jan 2023 13:30:43 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/uiFabricLazy.min.js
23.36.79.43200 OK 793 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/uiFabricLazy.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1837)
Hash dc8f53dab46b0c3c3a5fccdaa43a5261
fcf81aaeb6eab9a2ebc563945bbaa89d39657a34
78fef38e8ac0fef7d5d47f4d6676855270b5e85e3e5fda44aa3ba514319463b3
GET /officeonline/o/s/161610941019_App_Scripts/uiFabricLazy.min.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 793
last-modified: Tue, 10 Jan 2023 11:57:53 GMT
x-ms-request-id: 9c688970-f01e-0037-221f-272d3b000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:43 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
20.42.73.26200 OK 0 B URL HTTP/1.1 browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
IP 20.42.73.26:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157 HTTP/1.1
Host: browser.pipe.aria.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2327
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1450
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Date: Mon, 23 Jan 2023 13:30:43 GMT
c.bing.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&RedC=c.live.com&MXFR=2E5C1E92B6BC6ADC13E80C30B2BC6E43
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&RedC=c.live.com&MXFR=2E5C1E92B6BC6ADC13E80C30B2BC6E43
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&RedC=c.live.com&MXFR=2E5C1E92B6BC6ADC13E80C30B2BC6E43 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.live.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43; domain=.bing.com; expires=Sat, 17-Feb-2024 13:30:44 GMT; path=/; SameSite=None; Secure; Priority=High;
SRM_B=2E5C1E92B6BC6ADC13E80C30B2BC6E43; domain=c.bing.com; expires=Sat, 17-Feb-2024 13:30:44 GMT; path=/; SameSite=None; Secure;
SRM_L=2E5C1E92B6BC6ADC13E80C30B2BC6E43; domain=c.bing.com; expires=Sat, 17-Feb-2024 13:30:44 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A1FBF0EEE864019B77025963B710BD2 Ref B: OSL30EDGE0511 Ref C: 2023-01-23T13:30:44Z
date: Mon, 23 Jan 2023 13:30:43 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 25701
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: b6789b8e-9549-48ba-88c8-ce07943efabe
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695A
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 31879C74E81A436694FD0F5C3DCC77E5 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:44Z
date: Mon, 23 Jan 2023 13:30:43 GMT
content-length: 0
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/osfruntime_strings.js
23.36.79.43200 OK 2.2 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/1033/osfruntime_strings.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11325), with no line terminators
Hash 2e835fc1c1a77cc5e2335f490f30c64c
948c45c7098127932568a6e5d167a4e6f57e5155
5db5603e546d731255c14fe40aaef761086cf946af7b436b51a124ca19f2c6ae
GET /officeonline/o/s/161610941019_App_Scripts/1033/osfruntime_strings.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2188
last-modified: Tue, 10 Jan 2023 11:58:03 GMT
x-ms-request-id: 5487f34b-301e-0028-3230-279e3f000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/Meetings_manifest.xml
23.36.79.43200 OK 14 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/Meetings_manifest.xml
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash fd8b6be40405f68fb27844c79e6bed05
dd2b88138b9b2234cfdf7e36b1cb25d68a3ea8ce
724f598d9dbf9e5b602c50d98ef4da9abf285d41c07ae4ce032d9e5e7c488200
GET /officeonline/o/s/161610941019_resources/1033/Meetings_manifest.xml HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/xml
last-modified: Tue, 10 Jan 2023 11:58:07 GMT
x-ms-request-id: 6ce0a5cf-b01e-006b-2230-277863000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
content-length: 14502
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-US&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239
13.107.6.171403 Forbidden 1.2 kB URL HTTP/2 onenote.officeapps.live.com/o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-US&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 11ca4578cb026a23713aea6781b8ece3
a05ae51b4a3e2e0076222cbcbe9c58833cdef108
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
GET /o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-US&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-OfficeVersion: 16.0.16109.41019
X-WacCluster: PNL1
X-WacFrontEnd: AM4PEPF00006957
X-WacUserAgent: MSWACONSync
X-IsCoauthSession: true
X-UserType: WOPI
haep: 1
X-Key: KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c=,638100774390997544
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
cache-control: private
content-length: 1233
content-type: text/html
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: c34113f3-90da-4552-b70e-67b68b76f825
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006956
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-officefd: AM4PEPF00006956
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 597EF00F9E114F0FA66FCADA25D7CE41 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:44Z
date: Mon, 23 Jan 2023 13:30:44 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
23.36.79.43200 OK 48 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (44104)
Hash a273e4b2a17e2e16a580d8c11ed5e018
0b30a28853c8ebaf3f0e0bbddda9589aa807ba69
3a02e869b534743030650168c93da1608f6e4cb477f239eb154573765581543b
GET /officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 47464
last-modified: Tue, 10 Jan 2023 12:02:13 GMT
x-ms-request-id: 438c506a-d01e-0042-4c23-274617000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/moeerrorux.css
23.36.79.43200 OK 1.5 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/moeerrorux.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 8ad234d7002b31c549841c86ca238a4c
dacd78b2a5e4a093b4e4923032ef468cdabf9f4d
3a3c28e5472736b539e729341cbc5fa6dc92166ee8978ff85d2e766863c4786c
GET /officeonline/o/s/161610941019_resources/1033/moeerrorux.css HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1475
content-type: text/css
last-modified: Tue, 10 Jan 2023 11:59:12 GMT
x-ms-request-id: 1f27f9c4-f01e-0045-3630-272a74000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/moe_status_icons.png
23.36.79.43200 OK 6.1 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/moe_status_icons.png
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 82 x 258, 8-bit/color RGBA, non-interlaced\012- data
Hash 2443f04dfd8ce58264835f7cd477799c
e798ef676a42aa8f723246c95fa6a918010223b2
77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd
GET /officeonline/o/s/161610941019_resources/1033/moe_status_icons.png HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 6140
content-type: image/png
last-modified: Tue, 10 Jan 2023 11:59:17 GMT
x-ms-request-id: 5487f3ef-301e-0028-4030-279e3f000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/agavedefaulticon96x96.png
23.36.79.43200 OK 1.1 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_resources/1033/agavedefaulticon96x96.png
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 084e7612635dfcf69a16255b41e70caa
0d9721aa70b01487d3340b864c0bd49fb1d95206
7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395
GET /officeonline/o/s/161610941019_resources/1033/agavedefaulticon96x96.png HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1115
content-type: image/png
last-modified: Tue, 10 Jan 2023 11:57:34 GMT
x-ms-request-id: 75fe904a-e01e-0014-2f30-27b7f8000000
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
c.live.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
20.234.93.27200 OK 42 B URL HTTP/2 c.live.com/c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?DI=15347&wlxid=83713452-96e2-4033-a959-bdb3c22d2855&reqid=002e1332861&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC93ACDE%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.%26PLT%3D5902%26IR%3D1%26EX%3D0%26L.h%3D1337%26L.bc%3D1415%26L.ac%3D1416%26L.f%3D1439%26L.sjs%3D5345%26L.ttg%3D3533%26C.st%3D1674480635869%26N.jsPlt%3D2887%26N.domIn%3D1439%26N.req%3D1085%26N.resp%3D3%26N.navType%3D255%26N.redirectCount%3D0&r=0.3200033279381893&CtsSyncId=7646FE9FE7B14E619E702D2C6A20406E&MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43 HTTP/1.1
Host: c.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Connection: keep-alive
Cookie: SM=T; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.live.com; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.live.com; expires=Mon, 23-Jan-2023 13:40:44 GMT; path=/; SameSite=None; Secure;
date: Mon, 23 Jan 2023 13:30:44 GMT
content-length: 42
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js
23.36.79.43200 OK 30 kB URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24136)
Hash accc377be03d783e40f653a891044d2e
3e0617266b3b6c1a2acd15d57c525fb819218bf7
db66f6a5f864cb7c4761545cb9ded7a279c78461ca80b26603b981e96d97c633
GET /officeonline/o/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 30538
last-modified: Tue, 10 Jan 2023 12:02:03 GMT
x-ms-request-id: 438c5255-d01e-0042-0e23-274617000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:44 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
www.onenote.com/officeaddins/learningtools/?et=
52.109.88.139200 OK 824 B URL HTTP/2 www.onenote.com/officeaddins/learningtools/?et=
IP 52.109.88.139:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 816923d9cb59b9c50ce8b6214afe577a
6a8e5d8811bebf6f66db2f844aa628b4768dd4fb
60ad104eaee87619ea9403e6c502b57e87841396a699cf95d6a5a9e95a2a33ca
GET /officeaddins/learningtools/?et= HTTP/1.1
Host: www.onenote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-routingofficecluster: weu-000.reverseproxy.onenote.com
x-routingofficefe: ReverseProxyFrontEnd_IN_15
x-routingofficeversion: 16.0.16117.40450
x-routingsessionid: ac6b9186-43dd-4a9c-9245-94aaa2788d34
x-routingcorrelationid: 56821950-a612-4e1b-b83f-18223e77f9b5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR", CP="P3P is not supported anymore; see: https://msdn.microsoft.com/en-us/library/mt146424%28v=vs.85%29.aspx"
x-correlationid: 56821950-a612-4e1b-b83f-18223e77f9b5
x-usersessionid: ac6b9186-43dd-4a9c-9245-94aaa2788d34
x-officefe: AgavesFrontEnd_IN_13
x-officeversion: 16.0.16104.40455
x-officecluster: neu-000.appsforoffice.onenote.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Mon, 23 Jan 2023 13:30:43 GMT
content-length: 824
X-Firefox-Spdy: h2
eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
20.50.201.200200 OK 9 B URL HTTP/1.1 eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream
IP 20.50.201.200:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash a33ab50bcc3a87bb64afdd6011f46ed8
1f320b0879bf3de96690b6198716f1a641895d77
4d759e2181902905e5ff0b704fba4d6baba35fa16221f612c3416d2d54a38b9a
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream HTTP/1.1
Host: eu-office.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.4
apikey: 1705ef36a51840648341da866d62baf8-ddbcd60b-4ce4-48da-96be-ad5f28b48954-8035
upload-time: 1674480643034
time-delta-to-apply-millis: 1839
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 9054
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Cookie: MUID=02FCB0EC723264591CDBA15976326249; MC1=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 9
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1626
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://onenote.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 23 Jan 2023 13:30:43 GMT
storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1674480643078
13.104.208.165302 Found 0 B URL HTTP/2 storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1674480643078
IP 13.104.208.165:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1674480643078 HTTP/1.1
Host: storage.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BP=l=SDX.Skydrive&FR=&ST=; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
content-length: 0
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674480644&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver: DB3PPFE3CE64A93
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: ZIl+hwp/Vky+HvQyfRMX8Q.0
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
x-errorcodechain: Unauthenticated
x-asmversion: UNKNOWN; 19.1074.105.2005
date: Mon, 23 Jan 2023 13:30:44 GMT
X-Firefox-Spdy: h2
appsforoffice.microsoft.com/lib/1.1/hosted/office.js
23.13.245.138200 OK 17 kB URL HTTP/1.1 appsforoffice.microsoft.com/lib/1.1/hosted/office.js
IP 23.13.245.138:0
File type ASCII text, with very long lines (32944), with CRLF line terminators
Hash 81575800f05da7eb2d5ff83ca1a09727
1ae16529315553ce6d744e61670f96921f7eda0c
0348c36f62b29de7b1ccaed99012ce58e42b81475dc979a4c16b8eb85463ea46
GET /lib/1.1/hosted/office.js HTTP/1.1
Host: appsforoffice.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 02 Jan 2023 13:33:18 GMT
Accept-Ranges: bytes
ETag: "0a3cc6ae1ed91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 17098
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
cdn.onenote.net/officeaddins/161610440455_Scripts/BrowserUls.js
23.13.240.151200 OK 739 B URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/BrowserUls.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (1922), with no line terminators
Hash ac24b8787fabf968c1a39e45ea1eee93
ddafc2859f91e4f157d63c4f903826c41dacf8d7
47fc6e42dac2c33f5150726b11dd305354909658347c4594b765b2d3a7f0b6ac
GET /officeaddins/161610440455_Scripts/BrowserUls.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: e578841c-e8d6-4335-8e54-4106a92eacf3
X-RoutingCorrelationId: dc2954b3-2728-4541-b50d-7f0913974382
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: dc2954b3-2728-4541-b50d-7f0913974382
x-usersessionid: e578841c-e8d6-4335-8e54-4106a92eacf3
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 739
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/CommonDiagnostics.js
23.13.240.151200 OK 12 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/CommonDiagnostics.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (41116)
Hash 86eae2951abd25d7f8de735b34b4505d
390ea8ead75400b1846f399de122437feb13f16e
d0d49bcb1a6ad51803066555fc97838d2ab42256e88dfebefc005130a85de82a
GET /officeaddins/161610440455_Scripts/CommonDiagnostics.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_12
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: 7d06f7fc-91b7-4dcc-9c3e-3a131a7a9f8a
X-RoutingCorrelationId: 6263743c-38f3-4c9a-9d4d-11784be01f2d
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 6263743c-38f3-4c9a-9d4d-11784be01f2d
x-usersessionid: 7d06f7fc-91b7-4dcc-9c3e-3a131a7a9f8a
x-officefe: AgavesFrontEnd_IN_8
x-officeversion: 16.0.16011.40450
x-officecluster: neu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 12330
Cache-Control: public, max-age=29951327
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/Instrumentation.js
23.13.240.151200 OK 1.1 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/Instrumentation.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (3527), with no line terminators
Hash 0e51b44ce48f0daed0ffc4054f8ba3c5
3036ae93cc04b00bbb181d36a6eeb8d73c0498ca
e0124850edfc05cb1420d41bfb352294057551f87478de4eacb8e1c2b79cb2c0
GET /officeaddins/161610440455_Scripts/Instrumentation.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: d9712f32-79f5-4621-80d9-17ffbe5e38b7
X-RoutingCorrelationId: a7c0112c-a12b-4878-b169-ed39d98a6027
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: a7c0112c-a12b-4878-b169-ed39d98a6027
x-usersessionid: d9712f32-79f5-4621-80d9-17ffbe5e38b7
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 1077
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/ExternalResources/js-cookie.js
23.13.240.151200 OK 1.5 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/ExternalResources/js-cookie.js
IP 23.13.240.151:0
File type ASCII text, with CRLF line terminators
Hash f653dea104dff7e68155ead74248d4ff
cec0703f09caf499342796c1d6601a69660ab8be
b0109df348474906322c45fa39e55a63626d51f8abbf56800c4ecf2309673724
GET /officeaddins/161610440455_Scripts/ExternalResources/js-cookie.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: 07f924fb-cf1d-4f63-be05-01fed3987637
X-RoutingCorrelationId: dda03105-c8a1-4911-87ab-47e1fc2219b2
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: dda03105-c8a1-4911-87ab-47e1fc2219b2
x-usersessionid: 07f924fb-cf1d-4f63-be05-01fed3987637
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 1459
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/LearningTools/LearningTools.js
23.13.240.151200 OK 6.6 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/LearningTools/LearningTools.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (20082), with no line terminators
Hash 273699cad2fffbcf88632eb9b6fed032
cb8ceffc9436a13600dd73274acf7d8b3180662b
eee38243bdfd91c4712178f6bcb0b3918b81455ed3f4b39e9cf8d90c5ee32be4
GET /officeaddins/161610440455_Scripts/LearningTools/LearningTools.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: 7b359ca0-7b48-4b57-9447-1e5e2e708891
X-RoutingCorrelationId: bc37152e-a3c4-4826-894f-c75e822ca66b
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: bc37152e-a3c4-4826-894f-c75e822ca66b
x-usersessionid: 7b359ca0-7b48-4b57-9447-1e5e2e708891
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 6645
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/pickadate.min.js
23.13.240.151200 OK 7.1 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/pickadate.min.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (20116), with no line terminators
Hash 061bc1b6a0ba2031667ff20236d13950
2616db935d8a736c873e78a60229ea2adc868bdb
430dde13c4ec34dff881aab2ad3882a49cc828b829a41232fbf9e86c40100787
GET /officeaddins/161610440455_Scripts/pickadate.min.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: 649f1786-0e2b-4b91-b0e0-2af9d6ef8cef
X-RoutingCorrelationId: e756e9de-e25b-415b-b8ad-2b0e8b2e1f91
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: e756e9de-e25b-415b-b8ad-2b0e8b2e1f91
x-usersessionid: 649f1786-0e2b-4b91-b0e0-2af9d6ef8cef
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 7064
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
cdn.onenote.net/officeaddins/161610440455_Scripts/aria-web-telemetry-2.9.0.min.js
23.13.240.151200 OK 14 kB URL HTTP/1.1 cdn.onenote.net/officeaddins/161610440455_Scripts/aria-web-telemetry-2.9.0.min.js
IP 23.13.240.151:0
File type ASCII text, with very long lines (32011), with CRLF line terminators
Hash 35f53b8278eb70203fbb8a05c590ad61
269f05c52cf97fb65e727dfd13e1fc5569454a35
19069fc24984e85c540cb2741ffae433ab4ff935b64632bc38568bf17c93e1a9
GET /officeaddins/161610440455_Scripts/aria-web-telemetry-2.9.0.min.js HTTP/1.1
Host: cdn.onenote.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 14:19:12 GMT
Accept-Ranges: bytes
ETag: "03063844720d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: weu-000.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_21
X-RoutingOfficeVersion: 16.0.16015.40457
X-RoutingSessionId: cb3440ab-90aa-4a86-8da7-3d806543f211
X-RoutingCorrelationId: 5153e4ac-febc-4f52-b36b-32dc3e434287
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 5153e4ac-febc-4f52-b36b-32dc3e434287
x-usersessionid: cb3440ab-90aa-4a86-8da7-3d806543f211
x-officefe: AgavesFrontEnd_IN_12
x-officeversion: 16.0.16011.40450
x-officecluster: weu-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 13498
Cache-Control: public, max-age=29951328
Date: Mon, 23 Jan 2023 13:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
152.199.19.160200 OK 40 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash 7430c47a01e65f65bae1ebf0ab979966
0f07b295683d65354e42bddf457e65a48d3cee0f
dd9e5665fbcee40e28fbe09bd4912032fc711f4666424d96e8ec5b6f250edfe2
GET /ajax/jQuery/jquery-3.5.0.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 13348633
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 23 Jan 2023 13:30:45 GMT
etag: "c844f287112d61:0"
last-modified: Tue, 14 Apr 2020 15:26:14 GMT
server: ECAcc (ska/F6BF)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 39744
X-Firefox-Spdy: h2
browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
20.42.73.26200 OK 0 B URL HTTP/1.1 browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
IP 20.42.73.26:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157 HTTP/1.1
Host: browser.pipe.aria.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1249
Origin: https://onedrive.live.com
Connection: keep-alive
Referer: https://onedrive.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1439
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Date: Mon, 23 Jan 2023 13:30:44 GMT
appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js
23.13.245.138200 OK 118 kB URL HTTP/1.1 appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js
IP 23.13.245.138:0
File type ASCII text, with very long lines (64824), with CRLF line terminators
Size 118 kB (118447 bytes)
Hash 2fff3bfecbd88e45993c69cba26f798d
695c80299bd31b9262a6904025227cf52cd61cb5
24acc83f67ba62e787c90ee023e45a0327a4a84b67cc5f34c0207a05e12dcf83
GET /lib/1.1/hosted/onenote-web-16.00.js HTTP/1.1
Host: appsforoffice.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 02 Jan 2023 13:33:18 GMT
Accept-Ranges: bytes
ETag: "0a3cc6ae1ed91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 118447
Cache-Control: public, max-age=11813
Date: Mon, 23 Jan 2023 13:30:45 GMT
Connection: keep-alive
appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js
23.13.245.138200 OK 5.7 kB URL HTTP/1.1 appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js
IP 23.13.245.138:0
File type ASCII text, with very long lines (20946), with CRLF line terminators
Hash 426c1fd0fb752a7eb38a37d2ce00bc7a
52baa005a1dc9aeeb4f9a6b7feb9f48630358e23
d6a61c875241ee05c155c4e8ad8baa689a80bbd614aa0b832f648f45e92e89ba
GET /lib/1.1/hosted/en-us/office_strings.js HTTP/1.1
Host: appsforoffice.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onenote.com
Connection: keep-alive
Referer: https://www.onenote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 02 Jan 2023 13:33:18 GMT
Accept-Ranges: bytes
ETag: "0a3cc6ae1ed91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 5650
Cache-Control: public, max-age=13134
Date: Mon, 23 Jan 2023 13:30:45 GMT
Connection: keep-alive
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-BrowserUlsBeacon: [{"Index":8,"MsSinceStart":6001,"Value":"SessionExited","Type":"SessionBoundary"}]
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 47cf0c88-1032-4722-b741-2a798a0405ae
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006B53
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006B53
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 3D7DB8E6AEC840A3A30881563BFADAEE Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:44 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteTelemetry.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 1823
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 646314ab-2360-4ba1-b248-3187e67509f5
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006957
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006957
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 725AD317A9874E2EA304F9AACCCDEEFD Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:44 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/OneNote.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&waccluster=PNL1&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&access_token=4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295037768&haep=1
13.107.6.171200 OK 113 B URL HTTP/2 onenote.officeapps.live.com/o/OneNote.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&waccluster=PNL1&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&access_token=4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295037768&haep=1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash a09a351adf1e71057e7c22d51ba4c1b2
062cda6a63181a78821e6f0b12d9f3d982ca7463
dfd318333069fc240da81fd6d001f087e5624fa71a170cc80ea68c92c7080423
POST /o/OneNote.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&waccluster=PNL1&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&access_token=4wU0sfnmczC_j22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W_wTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx_Cafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295037768&haep=1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 483
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 113
content-type: application/json; charset=utf-8
content-encoding: gzip
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 8232b1a5-6760-4fda-b22d-22aa06b1f65a
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006B52
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006B52
x-wacfrontend: AM4PEPF00006B52
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: D4CE7DB81A4940C89BFC4063376086E3 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:44 GMT
X-Firefox-Spdy: h2
login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674480644&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
20.190.159.22200 OK 11 kB URL HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674480644&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
IP 20.190.159.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864)
Hash e94dd55b756da25f3e0a1a814086bff7
4e6476e9c1403db5698a53a90c155f3155ace3ea
c1709c8d1e2e6572f93011c6c076d07448a7e383c7dcec635f6f23c985b8af26
GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1674480644&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/
Connection: keep-alive
Cookie: MSCC=91.90.42.154-NO; E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BP=l=SDX.Skydrive&FR=&ST=; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Cache-Control: no-store, max-age=0
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 13:29:45 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-Frame-Options: DENY
X-DNS-Prefetch-Control: on
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 673ddfc6-eeda-4512-88cb-5ec757d9709a
PPServer: PPV: 30 H: BL02PFB206CB1DD V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=10614920cabc47aabf61af19ce3c6cc8; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=63539<=1674480645&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DUAgMSQMQrhBEgU4YckGxK0hM16MKi*ZdHHKJVhWQpqBYznm!84xE3jz8ub67rXUncoFFUoLWh56Zpv6KYqyO41pwCWpIXMJ88*oBRo32KKvcEAiEzYPx4Efid4TqlqGzzHHX!qy0UvsDv459Q33p80gX9XUIFPxP41OPd2BJrVekMysJu2o3UMrYhqGHWPE1PEk3FZlJ8wWtvdgRR0jgVi12Mih8j4onFmoU41glH8mH!3gRrf3wl*Cw!W!3XZddIQ6RdpPCnGcTFrl8S!I8rw3kRmkT3yEe402RaYAuI6MDlFGgyMjUCaX7G9HYoIo*SkxAau5v4BQLUuN629GOAPkmJFa0W*MrSC0R2c!!72AwM1qvhMc3gFfcdLAIoUaKXgWqWi2gMVDJnbjCRXjroPRTCiAMlzsfnsRXQqMTgh*rMXbcA9Q5igRH4yKDcPe!7Doo9yKXYwRznuB0VEDzl90EdI9L3nG9KKVG4f8enbl; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPOK=$uuid-32729f1d-448b-4486-9bb9-046464ff11b7; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 23 Jan 2023 13:30:44 GMT
Content-Length: 10929
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 58172
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: a86c94eb-aeda-4806-bb1b-b8549079b13c
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006022
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-buls-suppressedtags: 378069,1671813,2208151,2209344,3249545,3290144,4285850,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19214611,19743902,19939648,20486158,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22922182,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37754499,37856259,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40777251,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51492170,51504083,51667010,306230939,306978834,509743362,510252435,512522335,512522337,512522368,520926864,520926865,520979847,521007315,521749855,523613141,524150164,524883107,524883136,524883138,537159041,537159051,537159499,537167070,537169937,538542792,538543587,539075678,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,560550470,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,589101015,589101018,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595359709,595359710,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,947352439,963472182,963915891,1630679666,1630679667,1633958006,1647605351,1647863416,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006022
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 31C430151A6D49E28282B6B2F3E328FF Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:44 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=9fc0847e-426a-4180-9d11-5f500544d432&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 10292
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: ae51d4d9-429a-49a9-8e0d-8c10de0464e4
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006960
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-buls-suppressedtags: 378069,1671813,2208151,2209344,3249545,3290144,4285850,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19214611,19743902,19939648,20486158,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22922182,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37754499,37856259,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40777251,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51492170,51504083,51667010,306230939,306978834,509743362,510252435,512522335,512522337,512522368,520926864,520926865,520979847,521007315,521749855,523613141,524150164,524883107,524883136,524883138,537159041,537159051,537159499,537167070,537169937,538542792,538543587,539075678,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,560550470,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,589101015,589101018,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595359709,595359710,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,947352439,963472182,963915891,1630679666,1630679667,1633958006,1647605351,1647863416,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006960
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 58479618F442414C9C3E7BCD3F84ACC5 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:45 GMT
content-length: 0
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/WsaUpload.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
13.107.6.171200 OK 122 B URL HTTP/2 onenote.officeapps.live.com/o/WsaUpload.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 70e60f5f836a088eb0751a811278f36a
5f87eb2b1abd72fc8b225f9e54f346738622e5d8
fa01a9d7f4029c2554bf4d72f162da9d2da5342986319818b60b6c176902298e
POST /o/WsaUpload.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&build=16.0.16109.41019&WacUserType=WOPI&ckey=KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c%3D%2C638100774390997544&haep=1 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
Content-Type: text/plain;charset=UTF-8
Content-Length: 6585
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 122
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 5003b98b-c39e-48a8-8b6b-722d22b14684
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006960
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onenote.officeapps.live.com
x-officefd: AM4PEPF00006960
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 6D29C3052EA3493294D56CC1859F9DA4 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:45 GMT
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /o/RemoteUls.ashx?usid=9fc0847e-426a-4180-9d11-5f500544d432&officeserverversion=16.0.16109.41019 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 628
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; BP=l=SDX.Skydrive&FR=&ST=; ShCLSessionID=1674480641822_0.9427807302605619; MUID=2E5C1E92B6BC6ADC13E80C30B2BC6E43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/plain
content-encoding: gzip
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 19469637-5708-46ac-8a36-73266f86d7a1
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000695A
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
access-control-allow-origin: https://onedrive.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cross-origin-resource-policy: cross-origin
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-buls-suppressedtags: 378069,1671813,2208151,2209344,3249545,3290144,4285850,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19214611,19743902,19939648,20486158,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22922182,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37754499,37856259,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40777251,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51492170,51504083,51667010,306230939,306978834,509743362,510252435,512522335,512522337,512522368,520926864,520926865,520979847,521007315,521749855,523613141,524150164,524883107,524883136,524883138,537159041,537159051,537159499,537167070,537169937,538542792,538543587,539075678,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,560550470,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,589101015,589101018,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595359709,595359710,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,947352439,963472182,963915891,1630679666,1630679667,1633958006,1647605351,1647863416,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF0000695A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 12B1ABB1CCB942B58B8BAD13B8B6AB51 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:45Z
date: Mon, 23 Jan 2023 13:30:45 GMT
content-length: 0
X-Firefox-Spdy: h2
onedrive.live.com/redir?resid=BA3287463A171E86!6925&authkey=!AjOjgH7s87DIIdE&ithint=onenote&e=DvZhBMSWhkK9rgE0l67VGA&at=9
13.107.42.13200 OK 0 B URL HTTP/2 onedrive.live.com/redir?resid=BA3287463A171E86!6925&authkey=!AjOjgH7s87DIIdE&ithint=onenote&e=DvZhBMSWhkK9rgE0l67VGA&at=9
IP 13.107.42.13:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /redir?resid=BA3287463A171E86!6925&authkey=!AjOjgH7s87DIIdE&ithint=onenote&e=DvZhBMSWhkK9rgE0l67VGA&at=9 HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: MSFPC=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:Vo8UA0b92og=:O1irD1PryGDo+64QBoHlJBVaPcQcXx5usaaciqT9R1Y=:F; domain=.live.com; path=/
xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; domain=.live.com; path=/
xidseq=1; domain=.live.com; path=/
LD=; domain=.live.com; expires=Mon, 23-Jan-2023 11:50:36 GMT; path=/
wla42=; domain=live.com; expires=Mon, 30-Jan-2023 13:30:37 GMT; path=/
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' sentry.contentvalidation.com sentry.ppe.contentvalidation.com sentry.int.contentvalidation.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC93E188
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5702E73D29FF4A3AB8720F49017C9573 Ref B: OSL30EDGE0318 Ref C: 2023-01-23T13:30:36Z
date: Mon, 23 Jan 2023 13:30:37 GMT
X-Firefox-Spdy: h2
onedrive.live.com/view.aspx?resid=BA3287463A171E86!6925&ithint=onenote&wdo=2&authkey=!AjOjgH7s87DIIdE
13.107.42.13200 OK 0 B URL HTTP/2 onedrive.live.com/view.aspx?resid=BA3287463A171E86!6925&ithint=onenote&wdo=2&authkey=!AjOjgH7s87DIIdE
IP 13.107.42.13:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /view.aspx?resid=BA3287463A171E86!6925&ithint=onenote&wdo=2&authkey=!AjOjgH7s87DIIdE HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onedrive.live.com/redir?resid=BA3287463A171E86!6925&authkey=!AjOjgH7s87DIIdE&ithint=onenote&e=DvZhBMSWhkK9rgE0l67VGA&at=9
Cookie: MSFPC=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960; E=P:Vo8UA0b92og=:O1irD1PryGDo+64QBoHlJBVaPcQcXx5usaaciqT9R1Y=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=1; wla42=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:FHBuA0b92og=:F8CXqq9upBAVGr2Tf9H7y54AhA8FRPZ4s+zKplTx4MI=:F; domain=.live.com; path=/
xidseq=2; domain=.live.com; path=/
LD=; domain=.live.com; expires=Mon, 23-Jan-2023 11:50:37 GMT; path=/
wla42=; domain=live.com; expires=Mon, 30-Jan-2023 13:30:38 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC93ACDE
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B126CE13B68B428996771E5AF17F7CE0 Ref B: OSL30EDGE0318 Ref C: 2023-01-23T13:30:37Z
date: Mon, 23 Jan 2023 13:30:38 GMT
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
POST /o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 1408
Origin: https://onedrive.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid: 9fc0847e-426a-4180-9d11-5f500544d432
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
origin-agent-cluster: ?1
x-officefe: AM4PEPF00006957
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: 'self' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *.microsoft.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net *.msftauth.net *.officeapps.live.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *.video.msn.com realtimesync.onenote.com oreonavpane.azureedge.net contentstorage.onenote.office.net *.msftauth.net *.officeapps.live.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *; style-src-elem 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *; media-src *.skype.com *.skypeassets.com 'self' *; object-src 'self' *; child-src blob: * onenote:; worker-src blob: *; img-src * data: blob:; report-uri /o/reportcsp.ashx
document-policy: js-profiling
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://onenoteonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-SVG20r5b&DC=PNL1"}]}
x-officefd: AM4PEPF00006957
x-wacfrontend: AM4PEPF00006957
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: A0E364A8E9B84497B41F4B5A30619344 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:39Z
date: Mon, 23 Jan 2023 13:30:38 GMT
X-Firefox-Spdy: h2
onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.773.0927.2003&useRequiresJs=False
13.107.42.13200 OK 0 B URL HTTP/2 onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.773.0927.2003&useRequiresJs=False
IP 13.107.42.13:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.773.0927.2003&useRequiresJs=False HTTP/1.1
Host: onedrive.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onedrive.live.com/view.aspx?resid=BA3287463A171E86!6925&ithint=onenote&wdo=2&authkey=!AjOjgH7s87DIIdE
Connection: keep-alive
Cookie: MSFPC=GUID=2b12c4928f2f4c0a932dbc143a0bc267&HASH=2b12&LV=202205&V=4&LU=1653986466960; E=P:FHBuA0b92og=:F8CXqq9upBAVGr2Tf9H7y54AhA8FRPZ4s+zKplTx4MI=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=2; wla42=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 23 Jan 2024 13:30:38 GMT
vary: Accept-Encoding
set-cookie: mkt=en-US; domain=.live.com; expires=Tue, 23-Jan-2024 00:00:00 GMT; path=/
xidseq=3; domain=.live.com; path=/
LD=; domain=.live.com; expires=Mon, 23-Jan-2023 11:50:38 GMT; path=/
E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; domain=.live.com; path=/
wla42=; domain=live.com; expires=Mon, 30-Jan-2023 13:30:38 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC93E188
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DF200B19169E49299AABB1EE6312F6A0 Ref B: OSL30EDGE0318 Ref C: 2023-01-23T13:30:38Z
date: Mon, 23 Jan 2023 13:30:38 GMT
X-Firefox-Spdy: h2
onenote.officeapps.live.com/o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239
13.107.6.171200 OK 0 B URL HTTP/2 onenote.officeapps.live.com/o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239
IP 13.107.6.171:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
POST /o/OneNoteS2SHandler.ashx?action=educationuser&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffolders%2FBA3287463A171E86%216925&access_token=4wU0sfnmczC%5Fj22gZElHufoWf11FUktQrDVMzX1gY9KnlU5jQ7W%5FwTneDb3J8fMtw514JDepqXQTSwxo7BZjvmMsBFfx%5FCafzf4EsvbaPIrAHr9qrlqC2tFDa92wTMlS9uCJAFKkUGu7LhYzNAGqHiHQ&access_token_ttl=1676295038239 HTTP/1.1
Host: onenote.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=%2F0DJmbo1uUuQVpkC6PjzQw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FBA3287463A171E86!6925&wdo=2&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&wdorigin=Other&wdhostclicktime=1674480635869&jsapi=1&jsapiver=v1&newsession=1&corrid=9fc0847e-426a-4180-9d11-5f500544d432&usid=9fc0847e-426a-4180-9d11-5f500544d432&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-UserSessionId: 9fc0847e-426a-4180-9d11-5f500544d432
X-OfficeVersion: 16.0.16109.41019
X-WacCluster: PNL1
X-WacFrontEnd: AM4PEPF00006957
X-WacUserAgent: MSWACONSync
X-IsCoauthSession: false
X-UserType: WOPI
haep: 1
X-Key: KIrnMryUdlsVuTnS3AsH0kJfuIgo5om8w3eb14T490c=,638100774390997544
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Cookie: E=P:ZHEYBEb92og=:m18OXx7NPM6xlN06vdrJqzqS9xJ+MSoum+GGyJhlAx8=:F; xid=83713452-96e2-4033-a959-bdb3c22d2855&&RDE42AAC93E188&55; xidseq=3; wla42=; mkt=en-US; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie:
x-correlationid: 6f813b08-01e0-48e5-917e-414f6310d6e9
x-usersessionid: 9fc0847e-426a-4180-9d11-5f500544d432
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006956
x-officeversion: 16.0.16109.41019
x-officecluster: PNL1
x-content-type-options: nosniff
x-download-options: noopen
content-disposition: attachment
x-officefd: AM4PEPF00006956
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: C95CC1869B7C4FD6A6D6C6BFBE2D8310 Ref B: SVG20EDGE0306 Ref C: 2023-01-23T13:30:40Z
date: Mon, 23 Jan 2023 13:30:40 GMT
X-Firefox-Spdy: h2
res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback_floodgate.js
23.36.79.43200 OK 0 B URL HTTP/2 res-1.cdn.office.net/officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback_floodgate.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
GET /officeonline/o/s/161610941019_App_Scripts/Feedback/officebrowserfeedback_floodgate.js HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 103312
last-modified: Tue, 10 Jan 2023 11:57:36 GMT
x-ms-request-id: 94daafa5-301e-005a-1c1f-279970000000
content-encoding: br
cache-control: max-age=630720000
date: Mon, 23 Jan 2023 13:30:40 GMT
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2
messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2
52.111.231.13200 OK 0 B URL HTTP/2 messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2
IP 52.111.231.13:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /campaignmetadataaggregator?country=US&locale=en-US&app=2158&platform=Web&version=16.0.16109.41019&campaignParams=pageWidth%3D1280%26pageHeight%3D939%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bfloodgateflight1%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight1%3B&ageGroup=0&sessionUserType=2 HTTP/1.1
Host: messaging.engagement.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-correlationid: 668e6f82-859c-4ca8-fee2-9ba31ef3857a
x-usersessionid: 62455ed8-17e0-4dfe-0248-031469662ebb
Origin: https://onenote.officeapps.live.com
Connection: keep-alive
Referer: https://onenote.officeapps.live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 13:30:43 GMT
content-type: text/plain; charset=utf-8
server: Microsoft-HTTPAPI/2.0
access-control-allow-origin: *
x-activitytraceid: 1bf31c338c55a90501ee2215fe08a7c8
x-correlationid: 1bf31c33-8c55-a905-01ee-2215fe08a7c8
x-machine: OMEXNODE2000004__omexexternal-prod-frc-2-000_4
x-buildversion: 23.4.10109.12115
x-servicefabricrequestid: 89647fe0-867f-4728-abd1-1d2552c0e65c
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2