hxxps://boykinbr-my[.]sharepoint[.]com/[:]o[:]/g/personal/marla_boykinbrothers_com/EuCKb1WAbudFkRyNYfTA0LQB6tJB6WS_nk3M8dtbZtVdiQ?e=zwj1Zj

Analysis

max time kernel
299s
max time network
296s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
12/04/2023, 19:43 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://boykinbr-my.sharepoint.com/:o:/g/personal/marla_boykinbrothers_com/EuCKb1WAbudFkRyNYfTA0LQB6tJB6WS_nk3M8dtbZtVdiQ?e=zwj1Zj

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133258094146178739"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1880	chrome.exe
1880	chrome.exe
4140	chrome.exe
4140	chrome.exe

Suspicious behavior: LoadsDriver 2 IoCs

pid	Process
628	Process not Found
628	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe
Token: SeShutdownPrivilege	1880	chrome.exe
Token: SeCreatePagefilePrivilege	1880	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe
1880	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1880 wrote to memory of 2028	1880	chrome.exe	66
PID 1880 wrote to memory of 2028	1880	chrome.exe	66
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4280	1880	chrome.exe	69
PID 1880 wrote to memory of 4052	1880	chrome.exe	68
PID 1880 wrote to memory of 4052	1880	chrome.exe	68
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70
PID 1880 wrote to memory of 1008	1880	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://boykinbr-my.sharepoint.com/:o:/g/personal/marla_boykinbrothers_com/EuCKb1WAbudFkRyNYfTA0LQB6tJB6WS_nk3M8dtbZtVdiQ?e=zwj1Zj
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffde5009758,0x7ffde5009768,0x7ffde5009778
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:8
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1600 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:2
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1916 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:8
  2⤵
  PID:1008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4396 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:1756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4568 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5056 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5176 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5676 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4916 --field-trial-handle=1716,i,17085050487529766160,15254359292667207089,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4140

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4656

Network

DNS

boykinbr-my.sharepoint.com

chrome.exe

Remote address:

8.8.8.8:53

Request

boykinbr-my.sharepoint.com

IN A

Response

boykinbr-my.sharepoint.com

IN CNAME

boykinbr.sharepoint.com

boykinbr.sharepoint.com

IN CNAME

2917-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com

2917-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com

IN CNAME

193287-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com

193287-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com

IN CNAME

193287-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net

193287-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net

IN CNAME

193287-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0003.spo-msedge.net

193287-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0003.spo-msedge.net

IN CNAME

dual-spo-0003.spo-msedge.net

dual-spo-0003.spo-msedge.net

IN A

13.107.136.8

dual-spo-0003.spo-msedge.net

IN A

13.107.138.8
DNS

res-1.cdn.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

res-1.cdn.office.net

IN A

Response

res-1.cdn.office.net

IN CNAME

res-1.cdn.office.net-c.edgekey.net

res-1.cdn.office.net-c.edgekey.net

IN CNAME

res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net

res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net

IN CNAME

e40491.dscd.akamaiedge.net

e40491.dscd.akamaiedge.net

IN A

92.123.26.49

e40491.dscd.akamaiedge.net

IN A

92.123.26.131
GET

https://res-1.cdn.office.net/officeonline/o/s/h16E04A6A20ABEA36_App_Scripts/onenote-boot.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h16E04A6A20ABEA36_App_Scripts/onenote-boot.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 35676
last-modified: Thu, 30 Mar 2023 05:31:46 GMT
x-ms-request-id: de0e712c-401e-0050-195c-673dc7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f336e"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/require-9eb54831.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /files/odsp-web-prod_2023-03-24.010/require-9eb54831.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9633
last-modified: Fri, 31 Mar 2023 19:36:56 GMT
x-ms-request-id: 74ab76e2-f01e-006a-3d16-6427bf000000
x-ms-meta-sourcebuild: odsp-web-prod_2023-03-24.010
x-ms-meta-sourceid: 5DA92AC3B91CB279600B0644A84B620C7912261BB695E5485B0ECA8B0D4648B100
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f3370"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4702
content-type: text/css
last-modified: Thu, 30 Mar 2023 05:35:18 GMT
x-ms-request-id: 83ae4456-201e-0034-5f3c-67cc5f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f392d"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 53783
content-type: text/css
last-modified: Thu, 30 Mar 2023 05:34:19 GMT
x-ms-request-id: eb8e8b14-301e-0065-6829-6651d3000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3933"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h9E1DA5BF71513549_resources/1033/FavIcon_OneNote.ico

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h9E1DA5BF71513549_resources/1033/FavIcon_OneNote.ico HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 7886
content-type: image/x-icon
last-modified: Thu, 30 Mar 2023 05:35:26 GMT
x-ms-request-id: 2bc566df-301e-0028-5844-679e3f000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f4454"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/progress.gif

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/progress.gif HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 695
content-type: image/gif
last-modified: Thu, 30 Mar 2023 05:32:09 GMT
x-ms-request-id: 7d172fac-201e-0024-30ec-620937000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f480c"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/box42.png

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/m2/box42.png HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6336
content-type: image/png
last-modified: Thu, 30 Mar 2023 05:36:36 GMT
x-ms-request-id: f01ec2ce-e01e-0066-49ec-62b0b7000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f4812"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/box43.png

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/m2/box43.png HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1922
content-type: image/png
last-modified: Thu, 30 Mar 2023 05:36:42 GMT
x-ms-request-id: d072277b-a01e-003a-7fec-62e5ef000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f486a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js HTTP/2.0
host: res-1.cdn.office.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1336
last-modified: Thu, 30 Mar 2023 05:32:05 GMT
x-ms-request-id: c3206e90-a01e-0005-4b4b-672d4c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f48f3"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/one.png

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/m2/one.png HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 51120
content-type: image/png
last-modified: Thu, 30 Mar 2023 05:36:43 GMT
x-ms-request-id: 4c7f90c7-201e-0034-69ec-62cc5f000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f4a4e"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/otelNext.worker.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/otelNext.worker.min.js HTTP/2.0
host: res-1.cdn.office.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 31861
last-modified: Thu, 30 Mar 2023 05:32:08 GMT
x-ms-request-id: e138a176-001e-0033-2555-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f5a8f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/pen_32x32.cur

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/pen_32x32.cur HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4286
content-type: image/x-icon
last-modified: Thu, 30 Mar 2023 05:32:01 GMT
x-ms-request-id: f01efed1-e01e-0066-22ec-62b0b7000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:41 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328621.52f77dd"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/moeerrorux.css

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/moeerrorux.css HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1475
content-type: text/css
last-modified: Thu, 30 Mar 2023 05:32:04 GMT
x-ms-request-id: e176c705-001e-0033-345a-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:41 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328621.52f78ec"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/moe_status_icons.png

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/moe_status_icons.png HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6140
content-type: image/png
last-modified: Thu, 30 Mar 2023 05:31:57 GMT
x-ms-request-id: f8c7df0f-901e-0043-63ec-6219cb000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:41 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328621.52f793b"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/agavedefaulticon96x96.png

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/agavedefaulticon96x96.png HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1115
content-type: image/png
last-modified: Thu, 30 Mar 2023 05:32:20 GMT
x-ms-request-id: 4c7f9f7a-201e-0034-4eec-62cc5f000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:41 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328621.52f793f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback.css

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback.css HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2840
content-type: text/css
last-modified: Thu, 30 Mar 2023 05:36:22 GMT
x-ms-request-id: f06a2c8b-701e-004b-115a-6703c4000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:53 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc62f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
DNS

195.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.179.250.142.in-addr.arpa

IN PTR

Response

195.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f31e100net
DNS

250.255.255.239.in-addr.arpa

Remote address:

8.8.8.8:53

Request

250.255.255.239.in-addr.arpa

IN PTR

Response
DNS

8.136.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.136.107.13.in-addr.arpa

IN PTR

Response
DNS

usc-onenote.officeapps.live.com

chrome.exe

Remote address:

8.8.8.8:53

Request

usc-onenote.officeapps.live.com

IN A

Response

usc-onenote.officeapps.live.com

IN CNAME

usc-onenote.wac.trafficmanager.net.b-0016.b-dc-msedge.net.b-0016.b-msedge.net

usc-onenote.wac.trafficmanager.net.b-0016.b-dc-msedge.net.b-0016.b-msedge.net

IN CNAME

b-0016.b-msedge.net

b-0016.b-msedge.net

IN A

13.107.6.171
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/wachostwebpack/en-us/plt.resx-plt.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /files/odsp-web-prod_2023-03-24.010/wachostwebpack/en-us/plt.resx-plt.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://boykinbr-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 588
last-modified: Fri, 31 Mar 2023 19:39:26 GMT
x-ms-request-id: 2662ef9e-501e-003e-7a75-6668e8000000
x-ms-meta-sourcebuild: odsp-web-prod_2023-03-24.010
x-ms-meta-sourceid: 7051CDCD0D50B9EA0D9715A682FA4BCA817BF5BCA61A923AA0C88F454001AA1C00
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34d8"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.aria/odsp.aria.lib-92f3a5cc.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /files/sp-client/odsp.aria/odsp.aria.lib-92f3a5cc.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://boykinbr-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 42629
content-encoding: gzip
last-modified: Fri, 10 Mar 2023 08:59:07 GMT
x-ms-request-id: 3386bbcf-a01e-0015-21cc-55e824000000
x-ms-meta-sourcebuild: odsp-web-prod_2023-03-10.001
x-ms-meta-sourceid: 4A88142A6FA3972FB897026AA720C087B05E895FA7BF571DE96E6FB06B9111FA00
cache-control: public, max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34db"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-32072d62.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /files/sp-client/odsp.react/odsp.react.lib-32072d62.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://boykinbr-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 222596
last-modified: Fri, 31 Mar 2023 19:39:27 GMT
x-ms-request-id: 650850d4-d01e-001f-0d4b-674c93000000
x-ms-meta-sourcebuild: odsp-web-prod_2023-03-24.010
x-ms-meta-sourceid: 552BF2A4022F5CA14AA70AE0BE5F9AAAF073217AA1D91200111610A0D4667BE200
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/wachostwebpack/wachostwebpack.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /files/odsp-web-prod_2023-03-24.010/wachostwebpack/wachostwebpack.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://boykinbr-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://boykinbr-my.sharepoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13427
content-encoding: gzip
last-modified: Fri, 10 Mar 2023 08:59:06 GMT
x-ms-request-id: a8dbde46-d01e-000f-4acc-5589fb000000
x-ms-meta-sourcebuild: odsp-web-prod_2023-03-10.001
x-ms-meta-sourceid: A29CAF2A6C3B4188CB4BCECA7C547B545421EF649677DBF0B820B8D102B9480400
cache-control: public, max-age=630720000
date: Wed, 12 Apr 2023 19:43:31 GMT
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34d9"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h5E4E81520A909AF4_App_Scripts/wacBootNew.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h5E4E81520A909AF4_App_Scripts/wacBootNew.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13427
last-modified: Thu, 30 Mar 2023 05:31:40 GMT
x-ms-request-id: 0b61f95f-801e-0060-604b-678308000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3934"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h852F0636531EEE15_App_Scripts/onenoteSyncNew.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h852F0636531EEE15_App_Scripts/onenoteSyncNew.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 39561
last-modified: Thu, 30 Mar 2023 05:32:11 GMT
x-ms-request-id: c1f28117-401e-0022-194b-673a88000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3935"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 27785
last-modified: Thu, 30 Mar 2023 05:32:06 GMT
x-ms-request-id: 519cb2a1-101e-003f-0e4b-673734000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3944"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h9A640F82B3702991_App_Scripts/1033/CommonIntl.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h9A640F82B3702991_App_Scripts/1033/CommonIntl.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 31849
last-modified: Thu, 30 Mar 2023 05:35:29 GMT
x-ms-request-id: 9dc76377-901e-0053-365a-67dca3000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3945"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/hCBA89239522795D5_App_Scripts/Compat.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/hCBA89239522795D5_App_Scripts/Compat.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1373
last-modified: Thu, 30 Mar 2023 05:32:26 GMT
x-ms-request-id: a016156e-201e-000b-784b-6704fc000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3947"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 12903
last-modified: Thu, 30 Mar 2023 05:35:49 GMT
x-ms-request-id: 4e667cbb-101e-004d-704b-67307b000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f394a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4977
last-modified: Thu, 30 Mar 2023 05:33:52 GMT
x-ms-request-id: e3187d61-901e-001e-6c4b-67134f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f394d"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h5930D7A90D3A61CC_App_Scripts/1033/OneNoteIntl.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h5930D7A90D3A61CC_App_Scripts/1033/OneNoteIntl.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6718
last-modified: Thu, 30 Mar 2023 05:35:51 GMT
x-ms-request-id: ddf99c10-401e-0050-115a-673dc7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3952"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDs.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDs.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 892516
last-modified: Thu, 30 Mar 2023 05:32:11 GMT
x-ms-request-id: a7a4145b-801e-0002-794b-67412f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3954"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3414
last-modified: Thu, 30 Mar 2023 05:31:40 GMT
x-ms-request-id: c413f327-b01e-0036-4c4b-6772e7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:32 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328612.52f3958"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2796
last-modified: Thu, 30 Mar 2023 05:32:24 GMT
x-ms-request-id: 60dfd8f1-101e-0062-7560-633db0000000
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:33 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328613.52f4017"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/common.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/common.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 119246
last-modified: Thu, 30 Mar 2023 05:32:16 GMT
x-ms-request-id: 3d00fd5f-a01e-0015-2955-67e824000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f44cb"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-intl.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-intl.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 54421
last-modified: Thu, 30 Mar 2023 05:31:26 GMT
x-ms-request-id: aed5c262-e01e-0049-6e5a-67bd7c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f44ce"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-intl-mlr.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/onenote-intl-mlr.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 25862
last-modified: Thu, 30 Mar 2023 05:32:00 GMT
x-ms-request-id: 9dc765cd-901e-0053-395a-67dca3000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f44d1"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appChrome.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/appChrome.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 193424
last-modified: Thu, 30 Mar 2023 05:31:32 GMT
x-ms-request-id: 91879b85-801e-005f-4e55-674bab000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f44db"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/wacairspaceanimationlibrary.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/wacairspaceanimationlibrary.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6113
last-modified: Thu, 30 Mar 2023 05:32:25 GMT
x-ms-request-id: b6c6f3f1-201e-0069-5e5a-67c6db000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f4777"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-navpane-strings.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/onenote-navpane-strings.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1680
last-modified: Thu, 30 Mar 2023 05:32:36 GMT
x-ms-request-id: b6c6f428-201e-0069-0d5a-67c6db000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:34 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328614.52f47fe"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/navigation.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/navigation.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 80350
last-modified: Thu, 30 Mar 2023 05:31:45 GMT
x-ms-request-id: 9187d7a1-801e-005f-6155-674bab000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f4b39"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 108830
last-modified: Thu, 30 Mar 2023 05:36:37 GMT
x-ms-request-id: 7f109f23-d01e-000f-20d0-6689fb000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f4b3b"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/common50.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/common50.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 244968
last-modified: Thu, 30 Mar 2023 05:31:58 GMT
x-ms-request-id: 3d012b1d-a01e-0015-2755-67e824000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f5103"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appChromeLazy.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/appChromeLazy.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 130121
last-modified: Thu, 30 Mar 2023 05:32:18 GMT
x-ms-request-id: e138c136-001e-0033-5555-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f5104"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/uiSlice20.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/uiSlice20.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 94951
last-modified: Thu, 30 Mar 2023 05:31:58 GMT
x-ms-request-id: a7f530c0-801e-0002-7b55-67412f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f5109"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 51354
last-modified: Thu, 30 Mar 2023 05:32:28 GMT
x-ms-request-id: ff4ec98b-c01e-005e-5b5a-671477000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f5168"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appIconsLazy.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/appIconsLazy.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 62430
last-modified: Thu, 30 Mar 2023 05:32:22 GMT
x-ms-request-id: 3d01371a-a01e-0015-7f55-67e824000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:35 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328615.52f5169"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll1.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll1.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 473421
last-modified: Thu, 30 Mar 2023 05:32:37 GMT
x-ms-request-id: b6c6ff4a-201e-0069-275a-67c6db000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:36 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328616.52f54c5"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreonavpane.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/oreonavpane.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 46125
last-modified: Thu, 30 Mar 2023 05:31:41 GMT
x-ms-request-id: e13931e9-001e-0033-0655-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f5829"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreolazy.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/oreolazy.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 14173
last-modified: Thu, 30 Mar 2023 05:32:19 GMT
x-ms-request-id: 660cf6a8-501e-004c-7d55-676fa7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f582a"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/onenoteloadingspinner.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/onenoteloadingspinner.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1625
last-modified: Thu, 30 Mar 2023 05:31:22 GMT
x-ms-request-id: 5bd2387b-a01e-0048-5e55-67e2a0000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f5da5"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreonotebookpane.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/oreonotebookpane.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1076
last-modified: Thu, 30 Mar 2023 05:31:46 GMT
x-ms-request-id: ff281d33-c01e-005e-5355-671477000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f5dbd"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreosearchpane.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/oreosearchpane.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 15423
last-modified: Thu, 30 Mar 2023 05:31:59 GMT
x-ms-request-id: f883e2ab-601e-0057-1055-6751a4000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:37 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328617.52f5de8"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 94232
last-modified: Thu, 30 Mar 2023 05:32:34 GMT
x-ms-request-id: 5c7517c5-001e-0051-765a-67621b000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:38 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328618.52f6007"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 33885
last-modified: Thu, 30 Mar 2023 05:32:36 GMT
x-ms-request-id: ff4ed075-c01e-005e-575a-671477000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:38 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328618.52f6009"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/osfruntime_ono.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/osfruntime_ono.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 122014
last-modified: Thu, 30 Mar 2023 05:31:30 GMT
x-ms-request-id: b6c70476-201e-0069-6e5a-67c6db000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:38 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328618.52f6014"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/OfficeExtension.WacRuntime.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/OfficeExtension.WacRuntime.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16640
last-modified: Thu, 30 Mar 2023 05:31:57 GMT
x-ms-request-id: 9dc76dcd-901e-0053-605a-67dca3000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:38 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328618.52f6018"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /shellux/api/ShellBootInfo/consumer/OneShell/en-us HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://usc-onenote.officeapps.live.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
pragma: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
x-o365suiteuxshell-correlationid: 5aeb64cb-04af-4f12-9496-8618044e4f41
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
date: Wed, 12 Apr 2023 19:43:38 GMT
content-length: 5118
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328618.52f6369"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/strings/en/shellstrings.json

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/suiteux-shell/strings/en/shellstrings.json HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://usc-onenote.officeapps.live.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 30 Mar 2023 05:41:46 GMT
x-ms-request-id: 2cf2a46a-b01e-0036-28ec-6272e7000000
content-encoding: gzip
content-length: 4441
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:39 GMT
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328619.52f68d5"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll2.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll2.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 360591
last-modified: Thu, 30 Mar 2023 05:32:00 GMT
x-ms-request-id: 9dc77087-901e-0053-4d5a-67dca3000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:39 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328619.52f6983"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.core.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 78118
last-modified: Thu, 30 Mar 2023 05:36:38 GMT
x-ms-request-id: ff4ed666-c01e-005e-5f5a-671477000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:39 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328619.52f6b9d"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/uiFabricLazy.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/uiFabricLazy.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 781
last-modified: Thu, 30 Mar 2023 05:32:08 GMT
x-ms-request-id: e13941cd-001e-0033-6655-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:39 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328619.52f6e72"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2024
last-modified: Thu, 30 Mar 2023 05:36:04 GMT
x-ms-request-id: 0f3f8f7d-101e-0000-3455-67ff97000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:39 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328619.52f6fc1"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 47615
last-modified: Thu, 30 Mar 2023 05:36:52 GMT
x-ms-request-id: e176c487-001e-0033-785a-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:40 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328620.52f728f"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/onenoteink.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/onenoteink.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 25000
last-modified: Thu, 30 Mar 2023 05:32:19 GMT
x-ms-request-id: 6e92a7dd-c01e-002c-4ccd-661338000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:40 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328620.52f7326"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/al.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/al.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 71992
last-modified: Thu, 30 Mar 2023 05:32:11 GMT
x-ms-request-id: 43d95b5f-e01e-0004-5e5a-677290000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:40 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328620.52f74a8"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/osfruntime_strings.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/1033/osfruntime_strings.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2197
last-modified: Thu, 30 Mar 2023 05:32:33 GMT
x-ms-request-id: e176c304-001e-0033-095a-67a03c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:40 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328620.52f74b7"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/Meetings_manifest.xml

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_resources/1033/Meetings_manifest.xml HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://usc-onenote.officeapps.live.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/xml
last-modified: Thu, 30 Mar 2023 05:32:03 GMT
x-ms-request-id: 5db7fbe8-e01e-0059-04ec-627814000000
content-encoding: gzip
content-length: 14502
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:40 GMT
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328620.52f7527"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 32250
last-modified: Thu, 30 Mar 2023 05:36:35 GMT
x-ms-request-id: aed5ea87-e01e-0049-1e5a-67bd7c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:41 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328621.52f76d4"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/hammer.min.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/hammer.min.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 5366
last-modified: Thu, 30 Mar 2023 05:31:29 GMT
x-ms-request-id: 094539fc-a01e-002a-385a-672087000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:46 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328626.52f968d"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

chrome.exe

Remote address:

92.123.26.49:443

Request

GET /officeonline/o/s/161632941008_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://usc-onenote.officeapps.live.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://usc-onenote.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 786
last-modified: Thu, 30 Mar 2023 05:44:56 GMT
x-ms-request-id: ddfa2132-401e-0050-585a-673dc7000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 12 Apr 2023 19:43:53 GMT
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
DNS

m365cdn.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

m365cdn.nel.measure.office.net

IN A

Response

m365cdn.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

23.72.252.163

a1894.dscb.akamai.net

IN A

23.72.252.160
OPTIONS

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea

chrome.exe

Remote address:

23.72.252.163:443

Request

OPTIONS /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea HTTP/2.0
host: m365cdn.nel.measure.office.net
origin: https://res-1.cdn.office.net
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 12 Apr 2023 19:43:31 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea

chrome.exe

Remote address:

23.72.252.163:443

Request

POST /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea HTTP/2.0
host: m365cdn.nel.measure.office.net
content-length: 464
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 12 Apr 2023 19:43:31 GMT
content-length: 164
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
DNS

browser.pipe.aria.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

browser.pipe.aria.microsoft.com

IN A

Response

browser.pipe.aria.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdeus03.eastus.cloudapp.azure.com

onedscolprdeus03.eastus.cloudapp.azure.com

IN A

20.42.73.24
DNS

49.26.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

49.26.123.92.in-addr.arpa

IN PTR

Response

49.26.123.92.in-addr.arpa

IN PTR

a92-123-26-49deploystaticakamaitechnologiescom
DNS

171.6.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.6.107.13.in-addr.arpa

IN PTR

Response
DNS

163.252.72.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.252.72.23.in-addr.arpa

IN PTR

Response

163.252.72.23.in-addr.arpa

IN PTR

a23-72-252-163deploystaticakamaitechnologiescom
DNS

onenoteonlinesync.onenote.com

chrome.exe

Remote address:

8.8.8.8:53

Request

onenoteonlinesync.onenote.com

IN A

Response

onenoteonlinesync.onenote.com

IN CNAME

onenoteonlinesync.onenote.trafficmanager.net

onenoteonlinesync.onenote.trafficmanager.net

IN CNAME

osiprod-inw-cressida-000.westindia.cloudapp.azure.com

osiprod-inw-cressida-000.westindia.cloudapp.azure.com

IN A

52.109.64.28
DNS

28.64.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.64.109.52.in-addr.arpa

IN PTR

Response
DNS

24.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.73.42.20.in-addr.arpa

IN PTR

Response
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.179.202

content-autofill.googleapis.com

IN A

142.251.36.10

content-autofill.googleapis.com

IN A

142.251.39.106

content-autofill.googleapis.com

IN A

172.217.168.202

content-autofill.googleapis.com

IN A

216.58.208.106

content-autofill.googleapis.com

IN A

142.250.179.138

content-autofill.googleapis.com

IN A

142.251.36.42

content-autofill.googleapis.com

IN A

172.217.168.234

content-autofill.googleapis.com

IN A

142.250.179.170
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkuU2oEa5d8vxIFDdjY4LISBQ11LGDr?alt=proto

chrome.exe

Remote address:

142.250.179.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkuU2oEa5d8vxIFDdjY4LISBQ11LGDr?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CKyOywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHgliSbhHygKUFxIFDYmyVeUSBQ3Y2OCyEgUNdSxg6w==?alt=proto

chrome.exe

Remote address:

142.250.179.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHgliSbhHygKUFxIFDYmyVeUSBQ3Y2OCyEgUNdSxg6w==?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CKyOywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

251.0.0.224.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.0.0.224.in-addr.arpa

IN PTR

Response
DNS

b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa

Remote address:

8.8.8.8:53

Request

b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa

IN PTR

Response
DNS

browser.events.data.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

browser.events.data.microsoft.com

IN A

Response

browser.events.data.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdfrc05.francecentral.cloudapp.azure.com

onedscolprdfrc05.francecentral.cloudapp.azure.com

IN A

40.79.150.121
DNS

202.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.179.250.142.in-addr.arpa

IN PTR

Response

202.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f101e100net
DNS

121.150.79.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

121.150.79.40.in-addr.arpa

IN PTR

Response
DNS

spoprod-a.akamaihd.net

chrome.exe

Remote address:

8.8.8.8:53

Request

spoprod-a.akamaihd.net

IN A

Response

spoprod-a.akamaihd.net

IN CNAME

spoprod-a.akamaihd.net.edgesuite.net

spoprod-a.akamaihd.net.edgesuite.net

IN CNAME

a1531.g2.akamai.net

a1531.g2.akamai.net

IN A

2.19.198.145

a1531.g2.akamai.net

IN A

2.19.198.138
DNS

amcdn.msftauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

amcdn.msftauth.net

IN A

Response

amcdn.msftauth.net

IN CNAME

mecontrol-prod.azurefd.net

mecontrol-prod.azurefd.net

IN CNAME

region-azurefd-prod-ts1.trafficmanager.net

region-azurefd-prod-ts1.trafficmanager.net

IN CNAME

dual.part-0040.t-0009.t-s1-msedge.net

dual.part-0040.t-0009.t-s1-msedge.net

IN CNAME

part-0040.t-0009.t-s1-msedge.net

part-0040.t-0009.t-s1-msedge.net

IN A

13.107.228.51

part-0040.t-0009.t-s1-msedge.net

IN A

13.107.229.51
DNS

145.198.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.198.19.2.in-addr.arpa

IN PTR

Response

145.198.19.2.in-addr.arpa

IN PTR

a2-19-198-145deploystaticakamaitechnologiescom
DNS

51.228.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.228.107.13.in-addr.arpa

IN PTR

Response
DNS

js.monitor.azure.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.monitor.azure.com

IN A

Response

js.monitor.azure.com

IN CNAME

aijscdn2.azureedge.net

aijscdn2.azureedge.net

IN CNAME

aijscdn2.afd.azureedge.net

aijscdn2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net

shed.dual-low.part-0020.t-0009.fdv2-t-msedge.net

IN CNAME

part-0020.t-0009.fdv2-t-msedge.net

part-0020.t-0009.fdv2-t-msedge.net

IN A

13.107.237.48

part-0020.t-0009.fdv2-t-msedge.net

IN A

13.107.238.48
DNS

storage.live.com

chrome.exe

Remote address:

8.8.8.8:53

Request

storage.live.com

IN A

Response

storage.live.com

IN CNAME

common-geo.ha.1drv.com

common-geo.ha.1drv.com

IN CNAME

common-geo.onedrive.trafficmanager.net

common-geo.onedrive.trafficmanager.net

IN CNAME

am3pcor004-com.be.1drv.com

am3pcor004-com.be.1drv.com

IN CNAME

i-am3p-cor004.api.p001.1drv.com

i-am3p-cor004.api.p001.1drv.com

IN A

13.104.158.177
DNS

augloop.office.com

chrome.exe

Remote address:

8.8.8.8:53

Request

augloop.office.com

IN A

Response

augloop.office.com

IN CNAME

augloop-prod.trafficmanager.net

augloop-prod.trafficmanager.net

IN CNAME

augloop-prod-pb01.centralindia.cloudapp.azure.com

augloop-prod-pb01.centralindia.cloudapp.azure.com

IN A

52.111.252.7
GET

https://augloop.office.com/

chrome.exe

Remote address:

52.111.252.7:443

Request

GET / HTTP/1.1
Host: augloop.office.com
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Upgrade: websocket
Origin: https://usc-onenote.officeapps.live.com
Sec-WebSocket-Version: 13
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Sec-WebSocket-Key: QD4OXO0puNWjeX5tIPZOBw==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Response

HTTP/1.1 101 Switching Protocols

Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: BHbSZjnd5p+hENGtjyn+vVLtakw=
DNS

48.237.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.237.107.13.in-addr.arpa

IN PTR

Response
DNS

177.158.104.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.158.104.13.in-addr.arpa

IN PTR

Response

177.158.104.13.in-addr.arpa

IN PTR

i-am3p-cor004apip0011drvcom
DNS

17.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.160.190.20.in-addr.arpa

IN PTR

Response
DNS

www.onenote.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.onenote.com

IN A

Response

www.onenote.com

IN CNAME

reverseproxy.onenote.trafficmanager.net

reverseproxy.onenote.trafficmanager.net

IN CNAME

osiprod-inw-celadon-000.westindia.cloudapp.azure.com

osiprod-inw-celadon-000.westindia.cloudapp.azure.com

IN A

52.109.64.20
DNS

cdn.onenote.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.onenote.net

IN A

Response

cdn.onenote.net

IN CNAME

cdn.onenote.net.edgekey.net

cdn.onenote.net.edgekey.net

IN CNAME

e1553.dspg.akamaiedge.net

e1553.dspg.akamaiedge.net

IN A

104.91.108.59
DNS

ajax.aspnetcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ajax.aspnetcdn.com

IN A

Response

ajax.aspnetcdn.com

IN CNAME

mscomajax.vo.msecnd.net

mscomajax.vo.msecnd.net

IN CNAME

cs22.wpc.v0cdn.net

cs22.wpc.v0cdn.net

IN A

117.18.232.200
DNS

appsforoffice.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

appsforoffice.microsoft.com

IN A

Response

appsforoffice.microsoft.com

IN CNAME

appsforoffice.microsoft.com.edgekey.net

appsforoffice.microsoft.com.edgekey.net

IN CNAME

e2682.g.akamaiedge.net

e2682.g.akamaiedge.net

IN A

104.91.112.168
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/BrowserUls.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/BrowserUls.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_0
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: 37d310f1-248f-4c3d-8c7b-c27d96a49193
X-RoutingCorrelationId: d34f8829-48b8-4bba-b83e-f3867b0f59eb
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: d34f8829-48b8-4bba-b83e-f3867b0f59eb
x-usersessionid: 37d310f1-248f-4c3d-8c7b-c27d96a49193
x-officefe: AgavesFrontEnd_IN_2
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 739
Cache-Control: public, max-age=30885176
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/ExternalResources/js-cookie.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/ExternalResources/js-cookie.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_7
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: 23755faf-374b-41e4-bd28-3ff25538b88e
X-RoutingCorrelationId: 653ee8e2-8530-4d51-be9c-c5752c11e66d
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 653ee8e2-8530-4d51-be9c-c5752c11e66d
x-usersessionid: 23755faf-374b-41e4-bd28-3ff25538b88e
x-officefe: AgavesFrontEnd_IN_0
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 1459
Cache-Control: public, max-age=30885179
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/Instrumentation.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/Instrumentation.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_6
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: ae80d359-baa4-4092-b411-9e1a7d47f1dd
X-RoutingCorrelationId: e2873997-e84d-4fe7-ba52-7266e7b40bc9
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: e2873997-e84d-4fe7-ba52-7266e7b40bc9
x-usersessionid: ae80d359-baa4-4092-b411-9e1a7d47f1dd
x-officefe: AgavesFrontEnd_IN_6
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 1077
Cache-Control: public, max-age=30885181
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/LearningTools/LearningTools.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/LearningTools/LearningTools.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_3
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: 40591981-651e-4eea-8edf-c9f3a0a38452
X-RoutingCorrelationId: b26d766a-858c-4cef-8f38-22ac7e80fae4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: b26d766a-858c-4cef-8f38-22ac7e80fae4
x-usersessionid: 40591981-651e-4eea-8edf-c9f3a0a38452
x-officefe: AgavesFrontEnd_IN_5
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 6645
Cache-Control: public, max-age=30885146
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/pickadate.min.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/pickadate.min.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_2
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: 2765312a-27b9-4bc3-8aa8-6ed86dacb1f8
X-RoutingCorrelationId: 42edd46c-23e1-4d82-a746-e44d46555a56
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 42edd46c-23e1-4d82-a746-e44d46555a56
x-usersessionid: 2765312a-27b9-4bc3-8aa8-6ed86dacb1f8
x-officefe: AgavesFrontEnd_IN_1
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 7064
Cache-Control: public, max-age=30885151
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/CommonDiagnostics.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/CommonDiagnostics.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_13
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: fd726320-2711-4533-a834-155156faa419
X-RoutingCorrelationId: dab6e9a5-248c-47e6-ae84-58ad5a5e8b65
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: dab6e9a5-248c-47e6-ae84-58ad5a5e8b65
x-usersessionid: fd726320-2711-4533-a834-155156faa419
x-officefe: AgavesFrontEnd_IN_0
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 12330
Cache-Control: public, max-age=30885158
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://cdn.onenote.net/officeaddins/161640240451_Scripts/aria-web-telemetry-2.9.0.min.js

chrome.exe

Remote address:

104.91.108.59:443

Request

GET /officeaddins/161640240451_Scripts/aria-web-telemetry-2.9.0.min.js HTTP/1.1
Host: cdn.onenote.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 22:37:12 GMT
Accept-Ranges: bytes
ETag: "05c9baab365d91:0"
Vary: Accept-Encoding
X-RoutingOfficeCluster: eus-azsc-001.reverseproxy.onenote.com
X-RoutingOfficeFE: ReverseProxyFrontEnd_IN_3
X-RoutingOfficeVersion: 16.0.16324.40466
X-RoutingSessionId: 4ac2f42d-bda6-46d7-b60b-3f6225ccb88a
X-RoutingCorrelationId: 9f20d4d8-4b35-417f-bc4b-b4d329fc303c
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 9f20d4d8-4b35-417f-bc4b-b4d329fc303c
x-usersessionid: 4ac2f42d-bda6-46d7-b60b-3f6225ccb88a
x-officefe: AgavesFrontEnd_IN_5
x-officeversion: 16.0.16402.40451
x-officecluster: eus-000.appsforoffice.onenote.com
x-content-type-options: nosniff
Content-Length: 13498
Cache-Control: public, max-age=30885152
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://www.onenote.com
GET

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js

chrome.exe

Remote address:

117.18.232.200:443

Request

GET /ajax/jQuery/jquery-3.5.0.min.js HTTP/2.0
host: ajax.aspnetcdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.onenote.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 19939000
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 12 Apr 2023 19:43:42 GMT
etag: "06faa87112d61:0"
last-modified: Tue, 14 Apr 2020 15:26:14 GMT
server: ECAcc (hkc/BD37)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30977
GET

https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js

chrome.exe

Remote address:

104.91.112.168:443

Request

GET /lib/1.1/hosted/office.js HTTP/1.1
Host: appsforoffice.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 16:12:04 GMT
Accept-Ranges: bytes
ETag: "0e213383454d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 17111
Date: Wed, 12 Apr 2023 19:43:42 GMT
Connection: keep-alive
GET

https://appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js

chrome.exe

Remote address:

104.91.112.168:443

Request

GET /lib/1.1/hosted/onenote-web-16.00.js HTTP/1.1
Host: appsforoffice.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 16:12:04 GMT
Accept-Ranges: bytes
ETag: "0e213383454d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 126922
Cache-Control: public, max-age=9636
Date: Wed, 12 Apr 2023 19:43:43 GMT
Connection: keep-alive
GET

https://appsforoffice.microsoft.com/lib/1.1/hosted/telemetry/oteljs_agave.js

chrome.exe

Remote address:

104.91.112.168:443

Request

GET /lib/1.1/hosted/telemetry/oteljs_agave.js HTTP/1.1
Host: appsforoffice.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 16:12:04 GMT
Accept-Ranges: bytes
ETag: "0e213383454d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 19004
Cache-Control: public, max-age=9614
Date: Wed, 12 Apr 2023 19:43:43 GMT
Connection: keep-alive
DNS

7.252.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

7.252.111.52.in-addr.arpa

IN PTR

Response
DNS

20.64.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.64.109.52.in-addr.arpa

IN PTR

Response
DNS

59.108.91.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.108.91.104.in-addr.arpa

IN PTR

Response

59.108.91.104.in-addr.arpa

IN PTR

a104-91-108-59deploystaticakamaitechnologiescom
DNS

168.112.91.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.112.91.104.in-addr.arpa

IN PTR

Response

168.112.91.104.in-addr.arpa

IN PTR

a104-91-112-168deploystaticakamaitechnologiescom
DNS

200.232.18.117.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.232.18.117.in-addr.arpa

IN PTR

Response
GET

https://appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js

chrome.exe

Remote address:

104.91.112.168:443

Request

GET /lib/1.1/hosted/en-us/office_strings.js HTTP/1.1
Host: appsforoffice.microsoft.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Origin: https://www.onenote.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: script
Referer: https://www.onenote.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 16:12:04 GMT
Accept-Ranges: bytes
ETag: "0e213383454d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 5650
Date: Wed, 12 Apr 2023 19:43:43 GMT
Connection: keep-alive
DNS

login.0000059.com

chrome.exe

Remote address:

8.8.8.8:53

Request

login.0000059.com

IN A

Response

login.0000059.com

IN A

104.234.147.232
GET

https://login.0000059.com/favicon.ico

chrome.exe

Remote address:

104.234.147.232:443

Request

GET /favicon.ico HTTP/1.1
Host: login.0000059.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://login.0000059.com/wrDaiIej
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: epaS=7c4c2efa25eca3e431f9071744d503115a0259353e5026687ddc3d3b61541fbb

Response

HTTP/1.1 404 Not Found

Cache-Control: private
Connection: close
Date: Wed, 12 Apr 2023 19:43:50 GMT
Nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
Set-Cookie: x-ms-gateway-slice=estsfd; Path=/; HttpOnly; Secure; SameSite=None
Transfer-Encoding: chunked
X-Ms-Ests-Server: 2.1.14939.4 - NCUS ProdSlices
X-Ms-Request-Id: 631dfbb9-cd8d-47b3-8fae-3cfe99136301
GET

https://login.0000059.com/wrDaiIej

chrome.exe

Remote address:

104.234.147.232:443

Request

GET /wrDaiIej HTTP/1.1
Host: login.0000059.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: close
Content-Type: text/html
Set-Cookie: epaS=7c4c2efa25eca3e431f9071744d503115a0259353e5026687ddc3d3b61541fbb; Path=/; Domain=0000059.com; Expires=Wed, 12 Apr 2023 20:43:50 GMT; Max-Age=3600
Transfer-Encoding: chunked
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

23.72.252.171

a1952.dscq.akamai.net

IN A

23.72.252.163
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

23.72.252.171:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 12 Apr 2023 20:43:49 GMT
Date: Wed, 12 Apr 2023 19:43:49 GMT
Connection: keep-alive
DNS

232.147.234.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.147.234.104.in-addr.arpa

IN PTR

Response
DNS

171.252.72.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.252.72.23.in-addr.arpa

IN PTR

Response

171.252.72.23.in-addr.arpa

IN PTR

a23-72-252-171deploystaticakamaitechnologiescom
DNS

254.135.241.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

254.135.241.8.in-addr.arpa

IN PTR

Response
DNS

js.hcaptcha.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hcaptcha.com

IN A

Response

js.hcaptcha.com

IN A

104.16.169.131

js.hcaptcha.com

IN A

104.16.168.131
DNS

cdnjs.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.24.14

cdnjs.cloudflare.com

IN A

104.17.25.14
GET

https://js.hcaptcha.com/1/api.js

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /1/api.js HTTP/2.0
host: js.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login.0000059.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:43:50 GMT
content-type: application/javascript
cf-ray: 7b6df5e6eb61b761-AMS
age: 0
cache-control: max-age=120
etag: W/"2075fad1311d013946a64547e783a14b"
last-modified: Thu, 06 Apr 2023 22:01:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SzgGbY02GCahYweLqIMAF0dRgHcjqJYy5JmPMvOH0ENbF6qEyK0HDg==
x-amz-cf-pop: AMS50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://newassets.hcaptcha.com/captcha/v1/c5067ef/static/hcaptcha.html

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /captcha/v1/c5067ef/static/hcaptcha.html HTTP/2.0
host: newassets.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.0000059.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:43:51 GMT
content-type: text/html
cf-ray: 7b6df5e84e5fb761-AMS
access-control-allow-origin: *
age: 17863
cache-control: max-age=1209600
last-modified: Thu, 06 Apr 2023 22:01:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0vz3UXvIb2kmImkPQwtZTZ32XFE4wcbNIs6IzuXxls3KaSVrQ-XxVw==
x-amz-cf-pop: AMS50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST

https://hcaptcha.com/checksiteconfig?v=c5067ef&host=login.0000059.com&sitekey=44c7bfed-9343-4950-9d6f-9d1e4b3cba3f&sc=1&swa=1

chrome.exe

Remote address:

104.16.169.131:443

Request

POST /checksiteconfig?v=c5067ef&host=login.0000059.com&sitekey=44c7bfed-9343-4950-9d6f-9d1e4b3cba3f&sc=1&swa=1 HTTP/2.0
host: hcaptcha.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: application/json
content-type: text/plain
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://newassets.hcaptcha.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:43:51 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b6df5eaca07b761-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/nmy3m4/Xhw96hXm3X+jNM/1gqgKzxsT9ONbjTJfSVmbywqgl419E3eb/uQWSVhikXwrGQRiClaJIySa3eZPUpCPu7x/s4BmDYXwTSGyVVfmC5lNtXkIgTPgTff9xdkytjDx6yZKxgqqDji+GPBDtyI5zXxqfzVqRBfiT2Gypktwlt4Vj7c0klcCGLadSsBJcGK+5tFSCy+U5gfBb1l5mA0eF/Us/Adnx74VGoAi7sl4EU1Y=fAdtsLQ3MgJ0EPPa

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /nmy3m4/Xhw96hXm3X+jNM/1gqgKzxsT9ONbjTJfSVmbywqgl419E3eb/uQWSVhikXwrGQRiClaJIySa3eZPUpCPu7x/s4BmDYXwTSGyVVfmC5lNtXkIgTPgTff9xdkytjDx6yZKxgqqDji+GPBDtyI5zXxqfzVqRBfiT2Gypktwlt4Vj7c0klcCGLadSsBJcGK+5tFSCy+U5gfBb1l5mA0eF/Us/Adnx74VGoAi7sl4EU1Y=fAdtsLQ3MgJ0EPPa HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 3963
cf-ray: 7b6df62039b5b761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 9370
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "c002ff996aa216468ebf59bcb3740b9f"
last-modified: Wed, 12 Apr 2023 13:30:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: V493CmthMth0p9uzE5vAt4bm2X_Obxr_SFALHvlcCRewyeE7Mt2kvw==
x-amz-cf-pop: AMS1-P1
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/z2z2xiEASQQnQh0tqtyBxdwMkAiIfO48jpBF2dzoANhISLM/92Qr0scPB0v5J8Aid2kUiejWaenFTKwSp8f0QFtH/01H3wvqoNINgYLX4SmUafOuxWFFrqMNjQGbv2Q6hrzv83fFoyUYk2fJpC8qOpkCddwlN2JNTs2NZ8COyB1U65WUjgIQgY1DYJX2Llz0a9eDIgk7vjSRyyxzQ6EwyAYzKtToBDdJ44xpX+A=pxQvYkZX98Z0d7x+

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /z2z2xiEASQQnQh0tqtyBxdwMkAiIfO48jpBF2dzoANhISLM/92Qr0scPB0v5J8Aid2kUiejWaenFTKwSp8f0QFtH/01H3wvqoNINgYLX4SmUafOuxWFFrqMNjQGbv2Q6hrzv83fFoyUYk2fJpC8qOpkCddwlN2JNTs2NZ8COyB1U65WUjgIQgY1DYJX2Llz0a9eDIgk7vjSRyyxzQ6EwyAYzKtToBDdJ44xpX+A=pxQvYkZX98Z0d7x+ HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 3796
cf-ray: 7b6df62039b9b761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 9806
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "b06569de989709f1d0e7f610434aee6d"
last-modified: Wed, 12 Apr 2023 13:31:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zAidlx6-hN9d2SkBf4DBNheAkXgysTtiWEb53ZjySpfrzIlcr1hAwQ==
x-amz-cf-pop: AMS1-P1
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/SoZQIzcLejKh+Svg4+NbsTrc+xHr81mSCNJDWVjoEZ3ZABTQYQ03PDTsqfxA9udORPaQHXfegiiZig6M6RonN1nvkmjEmRD6Y1Y+GHTahQXsJsxEmKsu2WPBuI9xTiomtW9XDifFSPGGEA0AJSOENGYDdxSK/KcGS5jzkKzDA/Q4rFm9rqcy3WxY6ZT8Mb2kk22frWeVkf1tcXPqPVt2dKqN78MHL+i9cEX2axJXg+68v3EhnhoSJJXZDfXilxt3

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /SoZQIzcLejKh+Svg4+NbsTrc+xHr81mSCNJDWVjoEZ3ZABTQYQ03PDTsqfxA9udORPaQHXfegiiZig6M6RonN1nvkmjEmRD6Y1Y+GHTahQXsJsxEmKsu2WPBuI9xTiomtW9XDifFSPGGEA0AJSOENGYDdxSK/KcGS5jzkKzDA/Q4rFm9rqcy3WxY6ZT8Mb2kk22frWeVkf1tcXPqPVt2dKqN78MHL+i9cEX2axJXg+68v3EhnhoSJJXZDfXilxt3 HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 3777
cf-ray: 7b6df62039bcb761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 9112
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "77f6c93420b3291b263d808108031db8"
last-modified: Wed, 12 Apr 2023 13:30:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 96067a94609f0eba55814e78a68eeb7e.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kHCBvP2t-JSVlRj_i-1iPcmDOrAtiqqm0uKqFYm4nNFkzFSiwa_LwQ==
x-amz-cf-pop: MAD56-P3
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/ElQwOS5toVYktSQ6Ipk2USvWRWbQYjR/fuJ3MK0FTTxJjM8LOajFZsSzHdpMPPrMTnq+iOQE6eD8j0g5cNuEhS2RkLuC/8SGultF+U/rAASqtowKhGQ/M+OOd4WfufN785lXnaoEpynsU4NblXYBzzG/1lZDFYgXdK5nC/zpDs884rl1tsVkUPISuI+IecVbSRB9hr38y1iSJZVdCO/21D8jntwsNhYpJl8zTNgR2oU6xfKRkw==pPDqGQZfZJh0EOIW

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /ElQwOS5toVYktSQ6Ipk2USvWRWbQYjR/fuJ3MK0FTTxJjM8LOajFZsSzHdpMPPrMTnq+iOQE6eD8j0g5cNuEhS2RkLuC/8SGultF+U/rAASqtowKhGQ/M+OOd4WfufN785lXnaoEpynsU4NblXYBzzG/1lZDFYgXdK5nC/zpDs884rl1tsVkUPISuI+IecVbSRB9hr38y1iSJZVdCO/21D8jntwsNhYpJl8zTNgR2oU6xfKRkw==pPDqGQZfZJh0EOIW HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 3308
cf-ray: 7b6df62029b3b761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 8911
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "890ca1c2e6e764b64e3cee25cf63bd01"
last-modified: Wed, 12 Apr 2023 13:30:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 fecc88aab4864fba141da4bfceb073e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jgxnETUJnPZkhH0OaO-nXLLtVaYvDJumjOqzdDP4y7FaY4_9JeTdsQ==
x-amz-cf-pop: MAD56-P3
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/z4KcZ6IKfP+mx88eNlcKRPawMK7DdWTtEvLiKKdJNgRhzv4Z8RUQUZcQTnk2ycg9VFhMIM3SxcaVeqPWuCylc+DHBP2gmC6EUjpi0pYm70Yo7SRR4HZWRqUWoQnNNzmd4ssUHz7vgTLH4hYLioBThQAMA8jrwMVNy7TaljdBlNsjWX3gE/VbZOhko8X0kCDINGke7JCEXairgtUmSdSWyG2hrvid/WwyX8VT/bMtQyU0+3c=kKkZU/Mz6uakWs5o

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /z4KcZ6IKfP+mx88eNlcKRPawMK7DdWTtEvLiKKdJNgRhzv4Z8RUQUZcQTnk2ycg9VFhMIM3SxcaVeqPWuCylc+DHBP2gmC6EUjpi0pYm70Yo7SRR4HZWRqUWoQnNNzmd4ssUHz7vgTLH4hYLioBThQAMA8jrwMVNy7TaljdBlNsjWX3gE/VbZOhko8X0kCDINGke7JCEXairgtUmSdSWyG2hrvid/WwyX8VT/bMtQyU0+3c=kKkZU/Mz6uakWs5o HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 2978
cf-ray: 7b6df62039bab761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 8922
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "d8021b5559be9dddfaf89212f900df20"
last-modified: Wed, 12 Apr 2023 13:31:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b4039afb7e5d533f15aeb062d64384f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XIFnukH9LHWNlS_WJPB_xuyND-csAmsc_Gt71pIGkti5xdmuc48BNg==
x-amz-cf-pop: MAD56-P3
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://imgs.hcaptcha.com/cRbu87ADyPpftvGCKtc7zIgWKVYl2CfZZSlw3NR2OV/feIROnLkSO8PJJUo3XgG2Go+CTs6AxJmagsvf7YlUwCS50ah2+PjvBqeGfuYz8sTZALOzxGTh+53WzVBAofuccq0Cr9V/sFZUR0XDHU0Zz3kkN6ho8WIfsbWMzb6Kg09PBvA0WD4cmC7PrKL7TF/823Kgw/i7e0leObx2xzhRmlFBC4feIh3Syya8nok=IUkw+IVkP/v4DkXV

chrome.exe

Remote address:

104.16.169.131:443

Request

GET /cRbu87ADyPpftvGCKtc7zIgWKVYl2CfZZSlw3NR2OV/feIROnLkSO8PJJUo3XgG2Go+CTs6AxJmagsvf7YlUwCS50ah2+PjvBqeGfuYz8sTZALOzxGTh+53WzVBAofuccq0Cr9V/sFZUR0XDHU0Zz3kkN6ho8WIfsbWMzb6Kg09PBvA0WD4cmC7PrKL7TF/823Kgw/i7e0leObx2xzhRmlFBC4feIh3Syya8nok=IUkw+IVkP/v4DkXV HTTP/2.0
host: imgs.hcaptcha.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:44:00 GMT
content-type: image/jpeg
content-length: 2974
cf-ray: 7b6df62039b8b761-AMS
accept-ranges: bytes
access-control-allow-origin: *
age: 1445
cache-control: max-age=86400,s-maxage=86400, max-age=7776000
etag: "cb34e6564f04f45441055b1d4b4dd7b3"
last-modified: Wed, 12 Apr 2023 13:31:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
cross-origin-resource-policy: cross-origin
x-amz-cf-id: uDSSLODUR0KrZIZGZuXsapMghp4pGoDzWdI1ju_9k6aXIypcn7uLQA==
x-amz-cf-pop: FRA60-P3
x-amz-expiration: expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="Expire after 180 days"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.slim.min.js

chrome.exe

Remote address:

104.17.24.14:443

Request

GET /ajax/libs/jquery/3.2.1/jquery.slim.min.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login.0000059.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 19:43:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 21580
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-10fdd"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1150258
expires: Mon, 01 Apr 2024 19:43:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9xPegTZOsirV9ofQBNjHBiK%2BVwD19G4m1Pf7f%2B5JfArzoBMmBQs3GFqZ0zX4RDxqaY8tqSopUKUMV4UJjGg7cwMnyYMVHLlxZ85xGwodgIDS59oN1BVLrhUWku4qNhZbHTuVfgu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b6df5e6eea0b8bb-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

newassets.hcaptcha.com

chrome.exe

Remote address:

8.8.8.8:53

Request

newassets.hcaptcha.com

IN A

Response

newassets.hcaptcha.com

IN A

104.16.168.131

newassets.hcaptcha.com

IN A

104.16.169.131
DNS

131.169.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.169.16.104.in-addr.arpa

IN PTR

Response
DNS

14.24.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.24.17.104.in-addr.arpa

IN PTR

Response
DNS

131.168.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.168.16.104.in-addr.arpa

IN PTR

Response
DNS

hcaptcha.com

chrome.exe

Remote address:

8.8.8.8:53

Request

hcaptcha.com

IN A

Response

hcaptcha.com

IN A

104.16.169.131

hcaptcha.com

IN A

104.16.168.131
DNS

messaging.engagement.office.com

chrome.exe

Remote address:

8.8.8.8:53

Request

messaging.engagement.office.com

IN A

Response

messaging.engagement.office.com

IN CNAME

prod-campaignaggregator.omexexternallfb.office.net.akadns.net

prod-campaignaggregator.omexexternallfb.office.net.akadns.net

IN A

52.111.243.12
DNS

12.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.243.111.52.in-addr.arpa

IN PTR

Response
DNS

imgs.hcaptcha.com

chrome.exe

Remote address:

8.8.8.8:53

Request

imgs.hcaptcha.com

IN A

Response

imgs.hcaptcha.com

IN A

104.16.169.131

imgs.hcaptcha.com

IN A

104.16.168.131
DNS

45.8.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.8.109.52.in-addr.arpa

IN PTR

Response
OPTIONS

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636

chrome.exe

Remote address:

23.72.252.163:443

Request

OPTIONS /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636 HTTP/2.0
host: m365cdn.nel.measure.office.net
origin: https://res-1.cdn.office.net
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 12 Apr 2023 19:44:31 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636

chrome.exe

Remote address:

23.72.252.163:443

Request

POST /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636 HTTP/2.0
host: m365cdn.nel.measure.office.net
content-length: 940
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 12 Apr 2023 19:44:31 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
OPTIONS

https://onenoteonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline

chrome.exe

Remote address:

23.72.252.163:443

Request

OPTIONS /api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline HTTP/2.0
host: onenoteonline.nel.measure.office.net
origin: https://usc-onenote.officeapps.live.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 12 Apr 2023 19:44:31 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
OPTIONS

https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san

chrome.exe

Remote address:

23.72.252.163:443

Request

OPTIONS /api/report?catId=GW+estsfd+san HTTP/2.0
host: identity.nel.measure.office.net
origin: https://login.0000059.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 12 Apr 2023 19:44:31 GMT
content-length: 164
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://onenoteonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline

chrome.exe

Remote address:

23.72.252.163:443

Request

POST /api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline HTTP/2.0
host: onenoteonline.nel.measure.office.net
content-length: 13547
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 164
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 12 Apr 2023 19:44:32 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san

chrome.exe

Remote address:

23.72.252.163:443

Request

POST /api/report?catId=GW+estsfd+san HTTP/2.0
host: identity.nel.measure.office.net
content-length: 438
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 164
content-type: text/plain; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 12 Apr 2023 19:44:36 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
DNS

identity.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

identity.nel.measure.office.net

IN A

Response

identity.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

23.72.252.163

a1894.dscb.akamai.net

IN A

23.72.252.160
DNS

onenoteonline.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

onenoteonline.nel.measure.office.net

IN A

Response

onenoteonline.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

23.72.252.160

a1894.dscb.akamai.net

IN A

23.72.252.163

13.107.136.8:443

boykinbr-my.sharepoint.com

tls

chrome.exe

4.3kB
55.2kB
36
58
92.123.26.49:443

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback.css

tls, http2

chrome.exe

10.3kB
249.4kB
158
230

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h16E04A6A20ABEA36_App_Scripts/onenote-boot.min.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/require-9eb54831.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h816A0F42A2BF4732_resources/1033/EditSurface.css

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h2370440C296E813C_resources/1033/OneNote.Refresh.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h9E1DA5BF71513549_resources/1033/FavIcon_OneNote.ico

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/progress.gif

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/box42.png

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/box43.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h83A01E6C86B10A1B_App_Scripts/healthSmallOffline.worker.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/m2/one.png

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/otelNext.worker.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/pen_32x32.cur

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/moeerrorux.css

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/moe_status_icons.png

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/agavedefaulticon96x96.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback.css

HTTP Response

200
92.123.26.49:443

res-1.cdn.office.net

tls

chrome.exe

989 B
6.2kB
10
9
13.107.6.171:443

usc-onenote.officeapps.live.com

tls

chrome.exe

280.9kB
171.6kB
345
419
92.123.26.49:443

https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

tls, http2

chrome.exe

147.7kB
4.2MB
2495
3056

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/wachostwebpack/en-us/plt.resx-plt.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.aria/odsp.aria.lib-92f3a5cc.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-32072d62.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2023-03-24.010/wachostwebpack/wachostwebpack.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h5E4E81520A909AF4_App_Scripts/wacBootNew.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h852F0636531EEE15_App_Scripts/onenoteSyncNew.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h9A640F82B3702991_App_Scripts/1033/CommonIntl.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/hCBA89239522795D5_App_Scripts/Compat.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h63DD56F3589796D2_App_Scripts/1033/Box4Intl.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h5930D7A90D3A61CC_App_Scripts/1033/OneNoteIntl.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDs.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/common.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-intl.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-intl-mlr.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appChrome.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/wacairspaceanimationlibrary.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-navpane-strings.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/navigation.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/common50.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appChromeLazy.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/uiSlice20.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/onenote-ribbon-sprite-lazy.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/appIconsLazy.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll1.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreonavpane.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreolazy.min.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/onenoteloadingspinner.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreonotebookpane.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/oreosearchpane.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/OneNoteSimplified.Wac.TellMeModel.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/OneNoteSimplified.Wac.TellMeSuggestionModel.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/osfruntime_ono.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/OfficeExtension.WacRuntime.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/strings/en/shellstrings.json

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/h4F045AC67AE3AD8D_App_Scripts/OneNoteDS.box4.dll2.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/uiFabricLazy.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/onenoteink.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/al.min.js

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/1033/osfruntime_strings.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_resources/1033/Meetings_manifest.xml

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/hammer.min.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/officeonline/o/s/161632941008_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

HTTP Response

200
23.72.252.163:443

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea

tls, http2

chrome.exe

2.7kB
8.6kB
20
28

HTTP Request

OPTIONS https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea

HTTP Response

200

HTTP Request

POST https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328611.52f34ea

HTTP Response

200
20.42.73.24:443

browser.pipe.aria.microsoft.com

tls

chrome.exe

31.6kB
9.8kB
37
26
52.109.64.28:443

onenoteonlinesync.onenote.com

tls

chrome.exe

3.7kB
7.8kB
13
13
142.250.179.202:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHgliSbhHygKUFxIFDYmyVeUSBQ3Y2OCyEgUNdSxg6w==?alt=proto

tls, http2

chrome.exe

2.3kB
7.6kB
22
25

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkuU2oEa5d8vxIFDdjY4LISBQ11LGDr?alt=proto

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHgliSbhHygKUFxIFDYmyVeUSBQ3Y2OCyEgUNdSxg6w==?alt=proto
40.79.150.121:443

browser.events.data.microsoft.com

tls

chrome.exe

50.6kB
11.8kB
54
33
40.79.150.121:443

browser.events.data.microsoft.com

tls

chrome.exe

1.8kB
8.1kB
10
12
2.19.198.145:443

spoprod-a.akamaihd.net

tls

chrome.exe

4.8kB
163.9kB
78
149
13.107.228.51:443

amcdn.msftauth.net

tls

chrome.exe

2.1kB
17.7kB
18
27
13.107.237.48:443

js.monitor.azure.com

tls

chrome.exe

2.9kB
43.0kB
36
43
13.104.158.177:443

storage.live.com

tls

chrome.exe

1.9kB
10.5kB
14
16
52.111.252.7:443

https://augloop.office.com/

tls, http

chrome.exe

3.7kB
61.9kB
37
54

HTTP Request

GET https://augloop.office.com/

HTTP Response

101
52.109.64.20:443

www.onenote.com

tls

chrome.exe

3.5kB
9.1kB
23
23
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/BrowserUls.js

tls, http

chrome.exe

1.9kB
9.1kB
16
20

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/BrowserUls.js

HTTP Response

200
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/ExternalResources/js-cookie.js

tls, http

chrome.exe

2.0kB
9.9kB
16
20

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/ExternalResources/js-cookie.js

HTTP Response

200
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/LearningTools/LearningTools.js

tls, http

chrome.exe

2.7kB
17.5kB
20
27

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/Instrumentation.js

HTTP Response

200

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/LearningTools/LearningTools.js

HTTP Response

200
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/pickadate.min.js

tls, http

chrome.exe

2.0kB
15.6kB
18
24

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/pickadate.min.js

HTTP Response

200
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/CommonDiagnostics.js

tls, http

chrome.exe

2.1kB
21.1kB
20
28

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/CommonDiagnostics.js

HTTP Response

200
104.91.108.59:443

https://cdn.onenote.net/officeaddins/161640240451_Scripts/aria-web-telemetry-2.9.0.min.js

tls, http

chrome.exe

2.2kB
22.3kB
21
29

HTTP Request

GET https://cdn.onenote.net/officeaddins/161640240451_Scripts/aria-web-telemetry-2.9.0.min.js

HTTP Response

200
117.18.232.200:443

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js

tls, http2

chrome.exe

3.4kB
41.5kB
43
46

HTTP Request

GET https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js

HTTP Response

200
104.91.112.168:443

https://appsforoffice.microsoft.com/lib/1.1/hosted/telemetry/oteljs_agave.js

tls, http

chrome.exe

6.0kB
176.9kB
79
142

HTTP Request

GET https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js

HTTP Response

200

HTTP Request

GET https://appsforoffice.microsoft.com/lib/1.1/hosted/onenote-web-16.00.js

HTTP Response

200

HTTP Request

GET https://appsforoffice.microsoft.com/lib/1.1/hosted/telemetry/oteljs_agave.js

HTTP Response

200
117.18.232.200:443

ajax.aspnetcdn.com

tls, http2

chrome.exe

1.6kB
8.9kB
15
18
104.91.112.168:443

https://appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js

tls, http

chrome.exe

2.0kB
7.4kB
14
17

HTTP Request

GET https://appsforoffice.microsoft.com/lib/1.1/hosted/en-us/office_strings.js

HTTP Response

200
104.234.147.232:443

https://login.0000059.com/favicon.ico

tls, http

chrome.exe

1.9kB
7.2kB
13
17

HTTP Request

GET https://login.0000059.com/favicon.ico

HTTP Response

404
104.234.147.232:443

https://login.0000059.com/wrDaiIej

tls, http

chrome.exe

2.0kB
13.3kB
17
24

HTTP Request

GET https://login.0000059.com/wrDaiIej

HTTP Response

200
23.72.252.171:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.7kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
40.79.150.121:443

browser.events.data.microsoft.com

tls

chrome.exe

10.1kB
8.0kB
18
15
104.16.169.131:443

https://imgs.hcaptcha.com/cRbu87ADyPpftvGCKtc7zIgWKVYl2CfZZSlw3NR2OV/feIROnLkSO8PJJUo3XgG2Go+CTs6AxJmagsvf7YlUwCS50ah2+PjvBqeGfuYz8sTZALOzxGTh+53WzVBAofuccq0Cr9V/sFZUR0XDHU0Zz3kkN6ho8WIfsbWMzb6Kg09PBvA0WD4cmC7PrKL7TF/823Kgw/i7e0leObx2xzhRmlFBC4feIh3Syya8nok=IUkw+IVkP/v4DkXV

tls, http2

chrome.exe

6.6kB
116.7kB
75
119

HTTP Request

GET https://js.hcaptcha.com/1/api.js

HTTP Response

200

HTTP Request

GET https://newassets.hcaptcha.com/captcha/v1/c5067ef/static/hcaptcha.html

HTTP Response

200

HTTP Request

POST https://hcaptcha.com/checksiteconfig?v=c5067ef&host=login.0000059.com&sitekey=44c7bfed-9343-4950-9d6f-9d1e4b3cba3f&sc=1&swa=1

HTTP Response

200

HTTP Request

GET https://imgs.hcaptcha.com/nmy3m4/Xhw96hXm3X+jNM/1gqgKzxsT9ONbjTJfSVmbywqgl419E3eb/uQWSVhikXwrGQRiClaJIySa3eZPUpCPu7x/s4BmDYXwTSGyVVfmC5lNtXkIgTPgTff9xdkytjDx6yZKxgqqDji+GPBDtyI5zXxqfzVqRBfiT2Gypktwlt4Vj7c0klcCGLadSsBJcGK+5tFSCy+U5gfBb1l5mA0eF/Us/Adnx74VGoAi7sl4EU1Y=fAdtsLQ3MgJ0EPPa

HTTP Request

GET https://imgs.hcaptcha.com/z2z2xiEASQQnQh0tqtyBxdwMkAiIfO48jpBF2dzoANhISLM/92Qr0scPB0v5J8Aid2kUiejWaenFTKwSp8f0QFtH/01H3wvqoNINgYLX4SmUafOuxWFFrqMNjQGbv2Q6hrzv83fFoyUYk2fJpC8qOpkCddwlN2JNTs2NZ8COyB1U65WUjgIQgY1DYJX2Llz0a9eDIgk7vjSRyyxzQ6EwyAYzKtToBDdJ44xpX+A=pxQvYkZX98Z0d7x+

HTTP Request

GET https://imgs.hcaptcha.com/SoZQIzcLejKh+Svg4+NbsTrc+xHr81mSCNJDWVjoEZ3ZABTQYQ03PDTsqfxA9udORPaQHXfegiiZig6M6RonN1nvkmjEmRD6Y1Y+GHTahQXsJsxEmKsu2WPBuI9xTiomtW9XDifFSPGGEA0AJSOENGYDdxSK/KcGS5jzkKzDA/Q4rFm9rqcy3WxY6ZT8Mb2kk22frWeVkf1tcXPqPVt2dKqN78MHL+i9cEX2axJXg+68v3EhnhoSJJXZDfXilxt3

HTTP Request

GET https://imgs.hcaptcha.com/ElQwOS5toVYktSQ6Ipk2USvWRWbQYjR/fuJ3MK0FTTxJjM8LOajFZsSzHdpMPPrMTnq+iOQE6eD8j0g5cNuEhS2RkLuC/8SGultF+U/rAASqtowKhGQ/M+OOd4WfufN785lXnaoEpynsU4NblXYBzzG/1lZDFYgXdK5nC/zpDs884rl1tsVkUPISuI+IecVbSRB9hr38y1iSJZVdCO/21D8jntwsNhYpJl8zTNgR2oU6xfKRkw==pPDqGQZfZJh0EOIW

HTTP Request

GET https://imgs.hcaptcha.com/z4KcZ6IKfP+mx88eNlcKRPawMK7DdWTtEvLiKKdJNgRhzv4Z8RUQUZcQTnk2ycg9VFhMIM3SxcaVeqPWuCylc+DHBP2gmC6EUjpi0pYm70Yo7SRR4HZWRqUWoQnNNzmd4ssUHz7vgTLH4hYLioBThQAMA8jrwMVNy7TaljdBlNsjWX3gE/VbZOhko8X0kCDINGke7JCEXairgtUmSdSWyG2hrvid/WwyX8VT/bMtQyU0+3c=kKkZU/Mz6uakWs5o

HTTP Request

GET https://imgs.hcaptcha.com/cRbu87ADyPpftvGCKtc7zIgWKVYl2CfZZSlw3NR2OV/feIROnLkSO8PJJUo3XgG2Go+CTs6AxJmagsvf7YlUwCS50ah2+PjvBqeGfuYz8sTZALOzxGTh+53WzVBAofuccq0Cr9V/sFZUR0XDHU0Zz3kkN6ho8WIfsbWMzb6Kg09PBvA0WD4cmC7PrKL7TF/823Kgw/i7e0leObx2xzhRmlFBC4feIh3Syya8nok=IUkw+IVkP/v4DkXV

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.17.24.14:443

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.slim.min.js

tls, http2

chrome.exe

2.3kB
26.9kB
26
35

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.slim.min.js

HTTP Response

200
104.16.168.131:443

newassets.hcaptcha.com

tls, http2

chrome.exe

989 B
3.0kB
9
7
52.111.243.12:443

messaging.engagement.office.com

tls

chrome.exe

3.0kB
7.3kB
17
21
20.189.173.6:443

322 B
7
13.107.6.171:443

usc-onenote.officeapps.live.com

tls

chrome.exe

2.0kB
8.1kB
15
19
23.72.252.163:443

https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san

tls, http2

chrome.exe

18.9kB
4.6kB
41
40

HTTP Request

OPTIONS https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636

HTTP Response

200

HTTP Request

POST https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.2d1a7b5c.1681328633.52fc636

HTTP Request

OPTIONS https://onenoteonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline

HTTP Request

OPTIONS https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san

HTTP Response

200

HTTP Request

POST https://onenoteonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-AMS23r8c&DC=PUS9&FileSource=SharePointOnline

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san

HTTP Response

200

HTTP Response

200

8.8.8.8:53

boykinbr-my.sharepoint.com

dns

chrome.exe

72 B
394 B
1
1

DNS Request

boykinbr-my.sharepoint.com

DNS Response

13.107.136.8

13.107.138.8
8.8.8.8:53

res-1.cdn.office.net

dns

chrome.exe

66 B
248 B
1
1

DNS Request

res-1.cdn.office.net

DNS Response

92.123.26.49

92.123.26.131
8.8.8.8:53

195.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.179.250.142.in-addr.arpa
8.8.8.8:53

250.255.255.239.in-addr.arpa

dns

74 B
131 B
1
1

DNS Request

250.255.255.239.in-addr.arpa
8.8.8.8:53

8.136.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

8.136.107.13.in-addr.arpa
8.8.8.8:53

usc-onenote.officeapps.live.com

dns

chrome.exe

77 B
198 B
1
1

DNS Request

usc-onenote.officeapps.live.com

DNS Response

13.107.6.171
8.8.8.8:53

m365cdn.nel.measure.office.net

dns

chrome.exe

76 B
187 B
1
1

DNS Request

m365cdn.nel.measure.office.net

DNS Response

23.72.252.163

23.72.252.160
8.8.8.8:53

browser.pipe.aria.microsoft.com

dns

chrome.exe

77 B
198 B
1
1

DNS Request

browser.pipe.aria.microsoft.com

DNS Response

20.42.73.24
8.8.8.8:53

49.26.123.92.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

49.26.123.92.in-addr.arpa
8.8.8.8:53

171.6.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

171.6.107.13.in-addr.arpa
8.8.8.8:53

163.252.72.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

163.252.72.23.in-addr.arpa
8.8.8.8:53

onenoteonlinesync.onenote.com

dns

chrome.exe

75 B
213 B
1
1

DNS Request

onenoteonlinesync.onenote.com

DNS Response

52.109.64.28
8.8.8.8:53

28.64.109.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

28.64.109.52.in-addr.arpa
8.8.8.8:53

24.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

24.73.42.20.in-addr.arpa
224.0.0.251:5353

chrome.exe

1.2kB
9
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
221 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.179.202

142.251.36.10

142.251.39.106

172.217.168.202

216.58.208.106

142.250.179.138

142.251.36.42

172.217.168.234

142.250.179.170
8.8.8.8:53

251.0.0.224.in-addr.arpa

dns

70 B
127 B
1
1

DNS Request

251.0.0.224.in-addr.arpa
8.8.8.8:53

b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa

dns

118 B
182 B
1
1

DNS Request

b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
8.8.8.8:53

browser.events.data.microsoft.com

dns

chrome.exe

79 B
207 B
1
1

DNS Request

browser.events.data.microsoft.com

DNS Response

40.79.150.121
8.8.8.8:53

202.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.179.250.142.in-addr.arpa
8.8.8.8:53

121.150.79.40.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

121.150.79.40.in-addr.arpa
8.8.8.8:53

spoprod-a.akamaihd.net

dns

chrome.exe

68 B
177 B
1
1

DNS Request

spoprod-a.akamaihd.net

DNS Response

2.19.198.145

2.19.198.138
142.250.179.202:443

content-autofill.googleapis.com

https

chrome.exe

3.5kB
7.3kB
9
13
8.8.8.8:53

amcdn.msftauth.net

dns

chrome.exe

64 B
248 B
1
1

DNS Request

amcdn.msftauth.net

DNS Response

13.107.228.51

13.107.229.51
8.8.8.8:53

145.198.19.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

145.198.19.2.in-addr.arpa
8.8.8.8:53

51.228.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

51.228.107.13.in-addr.arpa
8.8.8.8:53

js.monitor.azure.com

dns

chrome.exe

66 B
287 B
1
1

DNS Request

js.monitor.azure.com

DNS Response

13.107.237.48

13.107.238.48
8.8.8.8:53

storage.live.com

dns

chrome.exe

62 B
232 B
1
1

DNS Request

storage.live.com

DNS Response

13.104.158.177
8.8.8.8:53

augloop.office.com

dns

chrome.exe

64 B
185 B
1
1

DNS Request

augloop.office.com

DNS Response

52.111.252.7
8.8.8.8:53

48.237.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

48.237.107.13.in-addr.arpa
8.8.8.8:53

177.158.104.13.in-addr.arpa

dns

73 B
118 B
1
1

DNS Request

177.158.104.13.in-addr.arpa
8.8.8.8:53

17.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

17.160.190.20.in-addr.arpa
8.8.8.8:53

www.onenote.com

dns

chrome.exe

61 B
193 B
1
1

DNS Request

www.onenote.com

DNS Response

52.109.64.20
8.8.8.8:53

cdn.onenote.net

dns

chrome.exe

61 B
151 B
1
1

DNS Request

cdn.onenote.net

DNS Response

104.91.108.59
8.8.8.8:53

ajax.aspnetcdn.com

dns

chrome.exe

64 B
146 B
1
1

DNS Request

ajax.aspnetcdn.com

DNS Response

117.18.232.200
8.8.8.8:53

appsforoffice.microsoft.com

dns

chrome.exe

73 B
175 B
1
1

DNS Request

appsforoffice.microsoft.com

DNS Response

104.91.112.168
8.8.8.8:53

7.252.111.52.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

7.252.111.52.in-addr.arpa
8.8.8.8:53

20.64.109.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

20.64.109.52.in-addr.arpa
8.8.8.8:53

59.108.91.104.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

59.108.91.104.in-addr.arpa
8.8.8.8:53

168.112.91.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

168.112.91.104.in-addr.arpa
8.8.8.8:53

200.232.18.117.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

200.232.18.117.in-addr.arpa
8.8.8.8:53

login.0000059.com

dns

chrome.exe

63 B
79 B
1
1

DNS Request

login.0000059.com

DNS Response

104.234.147.232
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

23.72.252.171

23.72.252.163
8.8.8.8:53

232.147.234.104.in-addr.arpa

dns

74 B
140 B
1
1

DNS Request

232.147.234.104.in-addr.arpa
8.8.8.8:53

171.252.72.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

171.252.72.23.in-addr.arpa
8.8.8.8:53

254.135.241.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

254.135.241.8.in-addr.arpa
8.8.8.8:53

js.hcaptcha.com

dns

chrome.exe

61 B
93 B
1
1

DNS Request

js.hcaptcha.com

DNS Response

104.16.169.131

104.16.168.131
8.8.8.8:53

cdnjs.cloudflare.com

dns

chrome.exe

66 B
98 B
1
1

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.24.14

104.17.25.14
8.8.8.8:53

newassets.hcaptcha.com

dns

chrome.exe

68 B
100 B
1
1

DNS Request

newassets.hcaptcha.com

DNS Response

104.16.168.131

104.16.169.131
104.16.168.131:443

newassets.hcaptcha.com

https

chrome.exe

39.5kB
509.4kB
137
459
8.8.8.8:53

131.169.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

131.169.16.104.in-addr.arpa
8.8.8.8:53

14.24.17.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

14.24.17.104.in-addr.arpa
8.8.8.8:53

131.168.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

131.168.16.104.in-addr.arpa
8.8.8.8:53

hcaptcha.com

dns

chrome.exe

58 B
90 B
1
1

DNS Request

hcaptcha.com

DNS Response

104.16.169.131

104.16.168.131
8.8.8.8:53

messaging.engagement.office.com

dns

chrome.exe

77 B
168 B
1
1

DNS Request

messaging.engagement.office.com

DNS Response

52.111.243.12
8.8.8.8:53

12.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

12.243.111.52.in-addr.arpa
8.8.8.8:53

imgs.hcaptcha.com

dns

chrome.exe

63 B
95 B
1
1

DNS Request

imgs.hcaptcha.com

DNS Response

104.16.169.131

104.16.168.131
8.8.8.8:53

45.8.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

45.8.109.52.in-addr.arpa
8.8.8.8:53

identity.nel.measure.office.net

dns

chrome.exe

77 B
188 B
1
1

DNS Request

identity.nel.measure.office.net

DNS Response

23.72.252.163

23.72.252.160
8.8.8.8:53

onenoteonline.nel.measure.office.net

dns

chrome.exe

82 B
193 B
1
1

DNS Request

onenoteonline.nel.measure.office.net

DNS Response

23.72.252.160

23.72.252.163

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
cd1962d3f4aea486cbe8582f11775bdc

SHA1
3b67e04549622c7c9d4a8d1ced6cd23c7f265e94

SHA256
539434dad9cbb904827d0caee8be56936584eb316d5189a09c61ecc9738f8641

SHA512
b20e53fd3e0c625ee702ba7f87b15158d544ba66cb18b93b3b57f06aa6c257452ea535e437486f6fe3d2e51566e82f67d46d76b944f07e80e4065dab5452b7d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1ed84b04aab6ff9dbabc47798ae3024f

SHA1
52c11a8db894da5a80cf54c0c820dcda250c7d73

SHA256
1915c2f56a1eb53693c0c15650246c0ffba15e2bdbb14c35f54101b3629d8b2f

SHA512
e2af310f733b7f23ca1b487f03a78861e871ed16622915f10322d4e2843aa050be7f1c0e04bf90cfe0b965e66270dd37907aff6794a6ba576f1d7b021c2fea7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e4cb34448c56f27233039174116897f0

SHA1
84dcabb834b941f53cd3ca57f964633c3fb9c99b

SHA256
a8307323e625e7d8c7d3d87260cbbcbf08c5d9313a63278763dcbd4f20d45619

SHA512
0766642c4488a4929a6d7e59d70724b45e36b63ded4c86b25e7bee2e68a9383f190fd90aa378772b969b60049119b4b75b6a86c9feeb1ada2aef7fe5abd4783e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
8d433cd76a0493be45c7807f0e0e5254

SHA1
74832c35e61467364a98853f985c8f0039e541d1

SHA256
0b362b6b6a9a9ffa3ee3cdab8f4b75729785adbd25b903a82387077f572c13c1

SHA512
176586f1471c4526d03e90dccd513c6faa583f788e6cab930583a0d3b4cb0065da7558cbd265411319b607a8ec970f76d36c27ee8cad286cff9a210bcd322e8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7c832c08212494acabfcc7a09f6a0e47

SHA1
7a91e17e595e430dfea07228b14b802d7463e99b

SHA256
dfcb8716a59616872ec27c0eb7a8528e90499c8e58019755135ee446d621677b

SHA512
dfb8d84e426c2b0d9d304bae4cc86550e2a03dbea0e4a54578bef900842001fbb5ae224ff18e6a16ba43a9c7a9968f42f8f97c142378dec2a946ee3450b9ad8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3e70966ae187c7684df43a8f9e33bf03

SHA1
5530c904fc0efff3a30801ddd4d7b39077293fc3

SHA256
f0f94c07eca4ae868b290c16444aab0917eeb70bd3e6233781d8c8c2812accd2

SHA512
4059b9c09a6a18d521f9506dec6e55af2be154f3832f49d7e2a58e2a5cc6e0bf6b7feabae12baf58a85788ac5b5252cb6fd72ccf15f0dac7f710faa963ba4b34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
34cdc9006bc4c3ec65789b73f7e25c90

SHA1
69f669a7e7a10420dd08f1a7551e0585b9b141db

SHA256
22cb48a20ef0f70c508c3bce323a6573a9e50a757477ba477ba13e13d089475e

SHA512
a00d1f86848572d1e706de99b7f6b02e658a57de45c2560b127d08bfd31d890d80002c77d7c3d13492e4c05a2235ae6dec711dd151be82483095cf2959353e8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
fc3ba7680b8c796d5f0ca56d3945dafa

SHA1
dd13b15eae2ed6c8684517691272ea2cb2114961

SHA256
6be572e3ee1a306c81e2a8f74e70c7c78947e08d5d5bc27fbe2b6b4598783080

SHA512
1588d7244f6175e78d96256f4cc199b6423154ed2e65a1d9f4446e879a31f53234a5b255e1f093f03548c9f3f87e1f886fd73f234d54cc2e5d05d5c6c3e8589b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c3fc4542c24ac968c90c0dc0e9debb15

SHA1
ac0870b02675bf5f3b45111095d2857be50b4e6d

SHA256
d95f27474514fd7454fde5e23dfbfc78b8034dd1462d88a17546f645b11602d9

SHA512
3296a3b504df50cab51e5a9fd1b5359d57601d08cfbcf77578c42aadebefbfb49ed7ddca64fab7a68893e803afc32f994e4574a23e8f75490d67c61c55fe82a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
252ecb3b6c06fc92070a17d84e6866d3

SHA1
e03808f81bf285616f82ca47e7c996fcc4ee8c5a

SHA256
3cab2430f437b0ad8724f0a5e04896cf4a3e92702b657f1019aee971f72b9332

SHA512
2efe9b480032047bb1e11eacc5317ec389f3fb6c99007bbb6a0e0b746b2fa2dcf9edccd87cfb5bf88fbdf427eb65e2975d8a8f0b61f266abcc8363d05f3c3a28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c5866c0190f7d844999ee795140470a9

SHA1
23dc8e720660df30b63188b88a2a0ac85d660aff

SHA256
f014f7a04dc0fa635daf7e9525a930094988e739ee669e4c755bcf7bd66c91ac

SHA512
f3b208a4eb1df397df547853766d306e00275738520778a547432ceb22198d082544e4f4b3369948bb511503e7f017c8856648b63cda73f955a275a1151a69c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
96c3e50a0f2283d05acc4e4d9f153a19

SHA1
6d817d58dbf6dca6b80fabe0c7cea39d699aa256

SHA256
53a6a25cb900502b8b6ac5004c80c4b3ae9e6a876a36e79513e5cfe33678dda0

SHA512
6d5f3ed1301b3ecfd47a2363dac896ddb9518679e0a69a1ae947768848dc9c55905e98dd50f242c09b423ac06e3e78e60b16d3e1b7fcee9f6a1cd40b9387fe8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
52eaf1aa91158327f8f23c0d470c0ece

SHA1
627bfa01d7a1e9a7cb0aa88309307de50da89fd4

SHA256
32528ddf43a9930b6307f04e2e62dba4b442461563c9da6646765ea8518c7c32

SHA512
901400c482338e4a6e84c6e5d34471169a0dd5f12a2e11ae15810cde4d6dac62fe5ba09903a2b9c54bb673b06c70a623ca6e1a2b56677a05b356bfec3769221a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
bcfc06113c8d74fc09d0352cbedc6bed

SHA1
29caf0234818dafe8f0507848088b3457ee94cba

SHA256
f94b06922c5ea85494b28740c5bc9a4bd403aa481ff11e4103f5198ae3a762c9

SHA512
33f1600e90ad1fb5df629a92090ec8bf20a67b35c648c2286c5c2c2b5924f3c0361b2563d0c385857225bf252f54622ee1dde1ce6716cb0d509a8de410e6b9ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7bb6428439845f1f827094861ddff08b

SHA1
11267e4dc927db734d491fb09f0b5009c871c021

SHA256
d23d9a33984bbd12d5d5540f9fff719d565cd7b47e0d1cc59edc2e22993f0f0e

SHA512
c076b80128710bbad027e7374ae6c25fca7ee53ee8eb5d2a2a1469ec5992c5f743583f37697bbfec7e6ffa4a57296c5865473d42a942e2f3c9413bad8d750dca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
84d1fde47709bd2587bc85a535152a90

SHA1
9ce655c14c1a04ce5b1c89f17d9393c80a276d74

SHA256
c37882384fc5abd49f81b407bea126b42f92e6888ad5d53204385c5003767100

SHA512
26a15c0e5aa2f66880adafee302e3d261203793550b35694873bc5a8c731f0970a016178a229e52b1a913188e63314ac83aef7101851d03064b0510d660f97b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
1d8d03f26867e1946717961a3740207f

SHA1
cb388e2275e12cea1fa4963d4ce47b12ac729375

SHA256
87fa83a93efe4d06ba97f089f433aa519eff4cbf0b84e8564a02a19bbb2a27d9

SHA512
e74d6a015c8769629f42f3db3d6df764e0ad9a29f40ba4078b7225eba14e6b7d6f45621f2f58cb402b66ffb6773c57c385c4b4ebdb5051cb2bdd740ac2d70f98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request