service.onerf.microsoft.com Open in urlscan Pro
40.127.240.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://service.onerf.microsoft.com/
Effective URL:
https://service.onerf.microsoft.com/en-us/?rtc=1
Submission: On September 17 via automatic, source certstream-suspicious (September 17th 2021, 9:03:45 am UTC) — Scanned from DE

Summary HTTP 114 Redirects Links 128 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 40 domains to perform 114 HTTP transactions. The main IP is 40.127.240.222, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is service.onerf.microsoft.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on August 2nd 2021. Valid for: a year.

This is the only time service.onerf.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	40.127.240.222 40.127.240.222	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	2.18.233.62 2.18.233.62	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.107.253.45 13.107.253.45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 19	18.200.208.216 18.200.208.216	16509 (AMAZON-02) (AMAZON-02)
2	52.213.161.66 52.213.161.66	16509 (AMAZON-02) (AMAZON-02)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
1	34.247.157.93 34.247.157.93	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	40.126.31.6 40.126.31.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	104.111.243.12 104.111.243.12	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	192.229.221.185 192.229.221.185	15133 (EDGECAST) (EDGECAST)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
10 11	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
7	34.192.66.233 34.192.66.233	14618 (AMAZON-AES) (AMAZON-AES)
5	34.241.235.219 34.241.235.219	16509 (AMAZON-02) (AMAZON-02)
1	104.18.11.79 104.18.11.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
3	13.78.111.199 13.78.111.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
1 1	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.217.216.1 3.217.216.1	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.45.16.192 52.45.16.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
114	34

4 40.127.240.222 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

service.onerf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.233.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-62.deploy.static.akamaitechnologies.com

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.253.45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2.16.186.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.200.208.216 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.161.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-161-66.eu-west-1.compute.amazonaws.com

mscom.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

msftenterprise.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.157.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-157-93.eu-west-1.compute.amazonaws.com

target.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.126.31.6 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.243.12 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-12.deploy.static.akamaitechnologies.com

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.185 (United States)

ASN15133 (EDGECAST, US)

logincdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

rtd.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.49 (United States) 10 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.192.66.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-66-233.compute-1.amazonaws.com

ing-district.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.241.235.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com

c.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.79 (None, )

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.78.111.199 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.13.5 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (None, )

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

dmpsync.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.16.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-16-192.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.129.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	microsoft.com 3 redirects service.onerf.microsoft.com www.microsoft.com target.microsoft.com c1.microsoft.com browser.events.data.microsoft.com	367 KB
21	demdex.net 1 redirects dpm.demdex.net mscom.demdex.net	25 KB
21	akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net	577 KB
19	clicktale.net cdnssl.clicktale.net ing-district.clicktale.net c.clicktale.net	138 KB
12	everesttech.net 11 redirects cm.everesttech.net rtd-tm.everesttech.net sync-tm.everesttech.net	2 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	gfx.ms mem.gfx.ms	54 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	469 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	3lift.com 2 redirects dmpsync.3lift.com	756 B
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	936 B
2	tubemogul.com 2 redirects rtd.tubemogul.com	373 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	803 B
2	bing.com 2 redirects c.bing.com	829 B
2	live.com 1 redirects login.live.com	6 KB
2	s-microsoft.com c.s-microsoft.com	63 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	589 B
1	taboola.com trc.taboola.com	238 B
1	facebook.com www.facebook.com	1 KB
1	pubmatic.com image2.pubmatic.com	548 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	adentifi.com rtb.adentifi.com	88 B
1	bttrack.com bttrack.com	380 B
1	reson8.com ds.reson8.com	169 B
1	postrelease.com jadserve.postrelease.com	427 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	894 B
1	flashtalking.com 1 redirects servedby.flashtalking.com	545 B
1	quantserve.com 1 redirects pixel.quantserve.com	494 B
1	rfihub.com 1 redirects p.rfihub.com	755 B
1	twitter.com analytics.twitter.com	582 B
1	media6degrees.com idpix.media6degrees.com	278 B
1	msauth.net logincdn.msauth.net	6 KB
1	mathtag.com 1 redirects sync.mathtag.com	653 B
1	omtrdc.net msftenterprise.sc.omtrdc.net	325 B
114	40

	Domain	Requested by
21	img-prod-cms-rt-microsoft-com.akamaized.net	service.onerf.microsoft.com
19	dpm.demdex.net	1 redirects www.microsoft.com service.onerf.microsoft.com
17	www.microsoft.com	service.onerf.microsoft.com www.microsoft.com
9	sync-tm.everesttech.net	9 redirects
7	ing-district.clicktale.net	www.microsoft.com
7	cdnssl.clicktale.net	service.onerf.microsoft.com cdnssl.clicktale.net
5	c.clicktale.net
4	service.onerf.microsoft.com	2 redirects service.onerf.microsoft.com
3	s.amazon-adsystem.com	2 redirects
3	px.owneriq.net	2 redirects
3	browser.events.data.microsoft.com	www.microsoft.com
3	cm.g.doubleclick.net	2 redirects
3	ib.adnxs.com	2 redirects
3	mem.gfx.ms	service.onerf.microsoft.com mem.gfx.ms
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	dmpsync.3lift.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtd-tm.everesttech.net	1 redirects
2	rtd.tubemogul.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	c.bing.com	2 redirects
2	c1.microsoft.com	1 redirects
2	login.live.com	1 redirects mem.gfx.ms
2	mscom.demdex.net	www.microsoft.com
2	c.s-microsoft.com	www.microsoft.com
1	sync.srv.stackadapt.com	1 redirects
1	trc.taboola.com
1	www.facebook.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	rtb.adentifi.com
1	bttrack.com
1	ds.reson8.com
1	jadserve.postrelease.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	analytics.twitter.com
1	idpix.media6degrees.com
1	logincdn.msauth.net	login.live.com
1	sync.mathtag.com	1 redirects
1	target.microsoft.com	www.microsoft.com
1	cm.everesttech.net	1 redirects
1	msftenterprise.sc.omtrdc.net	www.microsoft.com
114	50

This site contains links to these domains. Also see Links.

Domain
microsoftedgewelcome.microsoft.com
www.microsoft.com
www.xbox.com
support.microsoft.com
onedrive.live.com
outlook.live.com
www.skype.com
www.onenote.com
azure.microsoft.com
go.microsoft.com
visualstudio.microsoft.com
developer.microsoft.com
docs.microsoft.com
powerplatform.microsoft.com
powerapps.microsoft.com
news.microsoft.com
inculture.microsoft.com
www.facebook.com
twitter.com
www.linkedin.com
account.microsoft.com
products.office.com
channel9.msdn.com
careers.microsoft.com
privacy.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
marketingsites-prod.microsoft.com Microsoft RSA TLS CA 02	`2021-08-02` - `2022-08-02`	a year	crt.sh
www.microsoft.com Microsoft RSA TLS CA 01	`2021-07-28` - `2022-07-28`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2021-08-29` - `2022-08-24`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
target.microsoft.com DigiCert SHA2 High Assurance Server CA	`2020-02-05` - `2022-02-09`	2 years	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-08-26` - `2022-08-26`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
*.clicktale.net DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-24`	a year	crt.sh
c.clicktale.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-09` - `2022-05-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-08-12` - `2022-08-07`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-25` - `2022-04-24`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://service.onerf.microsoft.com/en-us/?rtc=1
Frame ID: ADD04732DB2DFDFC4FDBE6F4AE858E21
Requests: 75 HTTP requests in this frame

Frame: https://mscom.demdex.net/dest5.html?d_nsid=0
Frame ID: D3914123D9144C84207BDA904E9EB9A2
Requests: 35 HTTP requests in this frame

Frame: https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1
Frame ID: 9B841D868F3BEB12B193DCE4F49608D5
Requests: 1 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fservice.onerf.microsoft.com&uaid=4b96ca09-6a95-4526-a608-b918430e3bc3&partnerId=mshomepage
Frame ID: 9F3FB0A4F9455E31F4F12266645D3892
Requests: 2 HTTP requests in this frame

Frame: https://www.microsoft.com/store/buy/cartcount
Frame ID: D8F314861AC8DCEEC9EE313F7836FE73
Requests: 1 HTTP requests in this frame

Frame: https://cdnssl.clicktale.net/uxa/xdframe-single-domain-1.1.0.html?pid=2422&cookieNames=_cs_id,_cs_s,_cs_cvars,_cs_ex
Frame ID: 5B182E70B0E547138FFCC7126D500219
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft – Cloud, Computers, Apps & Gaming

Page URL History Show full URLs

https://service.onerf.microsoft.com/ HTTP 302
https://service.onerf.microsoft.com/en-us/?rtc=1 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

114
Requests

96 %
HTTPS

0 %
IPv6

40
Domains

50
Subdomains

34
IPs

8
Countries

1241 kB
Transfer

3157 kB
Size

74
Cookies

128 Outgoing links

These are links going to different origins than the main page.

URL: https://microsoftedgewelcome.microsoft.com/launch?url=https%3A%2F%2Faka.ms%2FUHFOandO
Title: Switch now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/microsoft-office
Title: Office

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/
Title: Windows

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/surface
Title: Surface

Search URL Search Domain Scan URL

URL: https://www.xbox.com/
Title: Xbox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/sale?icid=gm_nav_L0_salepage
Title: Deals

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/apps/windows?icid=CNavAppsWindowsApps
Title: Windows Apps

Search URL Search Domain Scan URL

URL: https://onedrive.live.com/about/en-us/
Title: OneDrive

Search URL Search Domain Scan URL

URL: https://outlook.live.com/owa/
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.skype.com/en/
Title: Skype

Search URL Search Domain Scan URL

URL: https://www.onenote.com/
Title: OneNote

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Title: Microsoft Teams

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/pc?icid=CNavDevicesPC
Title: Computers

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/xbox?icid=CNavDevicesXbox
Title: Shop Xbox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/accessories?icid=CNavDevicesAccessories
Title: Accessories

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/virtualreality?icid=CNavVirtualReality
Title: VR & mixed reality

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/mobile?icid=CNavDevicesMobile
Title: Phones

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/xbox-game-pass-ultimate/cfq7ttc0khs0?WT.mc_id=CNavGamesXboxGamePassUltimate
Title: Xbox Game Pass Ultimate

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/xbox-live-gold/cfq7ttc0k5dj?WT.mc_id=CNavGamesXboxLiveGold
Title: Xbox Live Gold

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/games/windows?icid=CNavGamesWindowsGames
Title: PC games

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/games/windows?icid=TopNavWindowsGames
Title: Windows digital games

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/movies-and-tv?icid=TopNavMoviesTv
Title: Movies & TV

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/
Title: Microsoft Azure

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/dynamics365/home
Title: Microsoft Dynamics 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365/business/all-business
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/windows-365
Title: Windows 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/enterprise
Title: Microsoft Industry

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sql-server/
Title: Data platform

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2026638
Title: Microsoft Advertising

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/business?icid=CNavBusinessStore
Title: Shop Business

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/net/
Title: .NET

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/cloud-platform/windows-server
Title: Windows Server

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/windows
Title: Windows Dev Center

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/
Title: Docs

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com/en-us
Title: Power Platform

Search URL Search Domain Scan URL

URL: https://powerapps.microsoft.com/en-us
Title: Power Apps

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/hololens
Title: HoloLens 2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/rewards
Title: Microsoft Rewards

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/default.aspx
Title: Free downloads & security

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education?icid=CNavMSCOML0_Studentsandeducation
Title: Education

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/workshops-training-and-events?icid=vl_uf_932020
Title: Virtual workshops and training

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/gift-cards
Title: Gift cards

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/licensing/
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/locations/ny/new-york/fifth-avenue-/store-1087?ICID=uhf_h_mec
Title: Microsoft Experience Center

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sitemap.aspx
Title: View Sitemap

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/buy
Title: 0 Cart 0 items in shopping cart

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-laptop-go/94FC0BDGQ7WV?icid=mscom_marcom_H1a_SurfaceLaptopGo
Title: Shop now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/d/surface-pro-7-and-pro-type-cover-bundle/8t2k2lvn9qhj?icid=mscom_marcom_H2a_SurfacePro7BundleOffer
Title: Shop now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/online-computer-shopping-appointments?atc=true&icid=mscom_marcom_H2b_personalshopper
Title: Book an appointment

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/EN-US/microsoft-365/compare-all-microsoft-365-products?icid=MSCOM_QL_M365
Title: Choose your Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/collections/surfacelist?icid=MSCOM_QL_Surface&headerid=department-surface
Title: Shop Surface devices

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/xbox?icid=MSCOM_QL_Xbox
Title: Buy Xbox games and consoles

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/compare-windows-10-home-vs-pro?icid=mscom_marcom_QL_Windows
Title: Get Windows 10

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/pc?icid=MSCOM_QL_PCs
Title: Find your next PC

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/business?icid=MSCOM_QL_Business
Title: Shop Business

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/d/surface-go-2/8pt3s2vjmdr6?icid=mscom_marcom_CPH1a_SurfaceGo2Offer
Title: Shop now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/p/microsoft-365-family/cfq7ttc0k5dm?icid=mscom_marcom_CPH2a_M365Family
Title: For up to 6 people

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/p/microsoft-365-personal/cfq7ttc0k5bf?icid=mscom_marcom_CPH2b_M365Personal
Title: For 1 person

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/xbox-game-pass-ultimate/cfq7ttc0khs0?icid=mscom_marcom_CPH3a_GamePassUltimate
Title: Join now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/compare-xbox-game-pass-plans?icid=mscom_marcom_CPH3b_XboxGamePassPlans
Title: Compare all plans

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/pc?icid=mscom_marcom_CPH4a_PCs
Title: Find your next PC

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/collections/HLGFY22/XBOX?icid=mscom_marcom_MPH1a__MMTV
Title: Browse games

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/movies-and-tv/collection/cp/fh_hispaniclatinxcommunitypicks?icid=mscom_marcom_MPH1b_MMTV
Title: Browse movies and TV

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/d/surface-pro-7-for-business/8p43n3k93409?icid=mscom_marcom_CPW1a_SurfacePro7SMB
Title: Shop now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/surface/business?icid=mscom_marcom_CPW1b_SurfaceforBusinessEnterprise
Title: Shop Enterprise

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/microsoft-teams/group-chat-software?icid=mscom_marcom_CPW2a_Teams
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/resilience/hybrid-work-solutions?icid=mscom_marcom_CPW3a_ResilienceHybridWork
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/business/compare-all-microsoft-365-business-products?icid=mscom_marcom_CPW4a_M365forBusiness&activetab=tab%3aprimaryr2
Title: Shop now

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/business-consultation?icid=mscom_marcom_CPW4b_BusinessConsultation
Title: Book a consultation

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/covid-19-response/?icid=mscom_marcom_BM1a_covid19response
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/hispanic-heritage-month?icid=mscom_marcom_SAM1a_HHM22
Title: Learn more

Search URL Search Domain Scan URL

URL: https://inculture.microsoft.com/social-good/inclusion/xbox-gaming-special-olympics/?icid=mscom_marcom_SAM2a_SpecialOlympics
Title: Register now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Microsoft

Search URL Search Domain Scan URL

URL: https://twitter.com/microsoft

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/microsoft

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-laptop-4/946627FB12T1
Title: Surface Laptop 4

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-laptop-go/94FC0BDGQ7WV
Title: Surface Laptop Go

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-go-2/8PT3S2VJMDR6
Title: Surface Go 2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-pro-x/8QG3BMRHNWHK
Title: Surface Pro X

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/Surface-Duo/8p98gbqkdzl5
Title: Surface Duo

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/windows-10-apps
Title: Windows 10 apps

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download
Title: Download Center

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/why-microsoft-store?icid=footer_why-msft-store_7102020
Title: Microsoft Store Promise

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/payment-financing-options?icid=footer_financing_vcc
Title: Flexible Payments

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education
Title: Microsoft in education

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education/products/office/default.aspx
Title: Office for students

Search URL Search Domain Scan URL

URL: https://products.office.com/en-us/academic/compare-office-365-education-plans
Title: Office 365 for schools

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/education?icid=CNavfooter_Studentsandeducation
Title: Deals for students & parents

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/community/education/
Title: Microsoft Azure in education

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/
Title: Azure

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=808093
Title: AppSource

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/automotive
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/government
Title: Government

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/health/microsoft-cloud-for-healthcare
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/manufacturing/microsoft-cloud-for-manufacturing
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/financial-services/microsoft-cloud-for-financial-services
Title: Financial services

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/retail/microsoft-cloud-for-retail
Title: Retail

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/store/register
Title: Microsoft developer program

Search URL Search Domain Scan URL

URL: https://channel9.msdn.com/
Title: Channel 9

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/microsoft-365
Title: Microsoft 365 Dev Center

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/microsoft-365/dev-program
Title: Microsoft 365 Developer Program

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/garage/
Title: Microsoft Garage

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/about
Title: About Microsoft

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/investor/default.aspx
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/diversity/
Title: Diversity and inclusion

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/default.aspx
Title: Security

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/locale.aspx?absoluteReturnUrl=https%3a%2f%2fservice.onerf.microsoft.com%2fen-us%2f%3frtc%3d1
Title: English (United States)

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sitemap1.aspx
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/contactus
Title: Contact Microsoft

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/trademarks
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/devices/safety-and-eco
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://service.onerf.microsoft.com/ HTTP 302
https://service.onerf.microsoft.com/en-us/?rtc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cm.everesttech.net/cm/dd?d_uuid=73269857536323916193908179334516605745 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YURZ6gAAAGeddgQE

Request Chain 35

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=73269857536323916193908179334516605745&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d73269857536323916193908179334516605745 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3e916144-59ea-4200-af6c-eee2199805c9&ddsuuid=73269857536323916193908179334516605745

Request Chain 36

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=603108474039718461

Request Chain 38

https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3a%2f%2fservice.onerf.microsoft.com%2fen-us%2fmscomhp%2fonerf%2fMeSilentPassport%3fSilentAuth%3d1&lc=1033&id=74335 HTTP 302
https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1

Request Chain 41

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&RedC=c1.microsoft.com&MXFR=3C90B62659596C40371EA69358146DF3 HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&MUID=3C90B62659596C40371EA69358146DF3

Request Chain 48

https://idsync.rlcdn.com/365868.gif?partner_uid=73269857536323916193908179334516605745 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDUQABoNCOqzkYoGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=e0a3d264c1d08151a0d3c1b03f11563630944638ce9830b7e6ea3a43ba63fbb5b0da87c991749652

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENcJMcVKnQ3xpNAXgZeuK8c&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 56

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

Request Chain 67

https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471598152314518

Request Chain 69

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=05b4c399-45a7-468f-8cce-9c53ad81d3a5

Request Chain 73

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Z2g0oWRgZfd8bjSlYGAt8GRtM_F8P2WiaT3c-1PC

Request Chain 74

https://c.bing.com/c.gif?uid=73269857536323916193908179334516605745&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3C90B62659596C40371EA69358146DF3

Request Chain 75

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50083D2EA9AE22&gdpr=0&gdpr_consent=

Request Chain 81

https://a.tribalfusion.com/i.match?p=b13&u=73269857536323916193908179334516605745&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=73269857536323916193908179334516605745&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 83

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=73269857536323916193908179334516605745&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-od0wxHxE2pFQSJfwCTEC_UbXbPVgYkMVfNk-~A

Request Chain 85

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ6851558201126812155&uid=Q6851558201126812155&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 91

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15289153132202586867&gdpr=0&gdpr_consent=

Request Chain 97

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73269857536323916193908179334516605745?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=73269857536323916193908179334516605745?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e59c4553db39384f00d1b77fd222c780

Request Chain 98

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

Request Chain 99

https://rtd.tubemogul.com/migrate_et3/ HTTP 302
https://rtd-tm.everesttech.net/migrate_et3/

Request Chain 100

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVSWjZnQUFBR2VkZGdRRQ==

Request Chain 101

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YURZ6gAAAGeddgQE&expires=90

Request Chain 102

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE&C=1

Request Chain 103

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YURZ6gAAAGeddgQE

Request Chain 105

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YURZ6gAAAGeddgQE HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YURZ6gAAAGeddgQE

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YURZ6gAAAGeddgQE

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1&__user_check__=1&sync_id=2764d101-1796-11ec-a8ae-1ef5e1e50306

Request Chain 108

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YURZ6gAAAGeddgQE&t=2592000&o=0

Request Chain 110

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PEdSSFh-QT-ky-byCwKk6A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=73269857536323916193908179334516605745

Request Chain 111

https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=bTEH5c8jQVtgVggE4tnH2NiDclQ

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
service.onerf.microsoft.com/en-us/
Redirect Chain

https://service.onerf.microsoft.com/
https://service.onerf.microsoft.com/en-us/?rtc=1

203 KB
42 KB

80ms
80ms

Document
text/html

40.127.240.222
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.240.222 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

29624624a24993591996490ebb7501d24ca7085e12184e3e43d10051a3687ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: service.onerf.microsoft.com
:scheme: https
:path: /en-us/?rtc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: isFirstSession=1; MUID=3C90B62659596C40371EA69358146DF3; X-FD-FEATURES=ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922; X-FD-Time=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, no-transform
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: User-Agent
server: Microsoft-IIS/10.0
x-activity-id: f0bfe64a-09c6-418f-bbf5-3ec6b21be1ac
ms-cv: xGMXIY8zzE2ylB4H.0
x-appversion: 1.0.7914.42211
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-09-02T07:27:02.0000000Z}
ms-operation-id: 41d18cd537ea154d9b339b3444e8259a
p3p: CP="CAO CONi OTR OUR DEM ONL"
set-cookie: X-FD-FEATURES=ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922; expires=Sat, 17-Sep-2022 09:03:37 GMT; path=/; secure; HttpOnly X-FD-Time=1; expires=Fri, 17-Sep-2021 09:08:37 GMT; path=/;SameSite=None; secure; HttpOnly
x-ua-compatible: IE=Edge;chrome=1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
date: Fri, 17 Sep 2021 09:03:37 GMT
content-length: 42347

Redirect headers

cache-control: private, no-transform
content-type: text/html; charset=utf-8
location: https://service.onerf.microsoft.com/en-us/?rtc=1
vary: User-Agent
server: Microsoft-IIS/10.0
x-activity-id: 76c36e3d-7c16-4e6e-ab0a-1e0260f3e922
ms-cv: 3qZifLh/CkuhNrLB.0
x-appversion: 1.0.7914.42211
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-09-02T07:27:02.0000000Z}
ms-operation-id: 2652caee9f5b4741b6d63ba46588b641
p3p: CP="CAO CONi OTR OUR DEM ONL"
set-cookie: isFirstSession=1; path=/;SameSite=None; secure; HttpOnly MUID=3C90B62659596C40371EA69358146DF3; domain=.microsoft.com; expires=Mon, 17-Oct-2022 09:03:37 GMT; path=/;SameSite=None; secure X-FD-FEATURES=ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922; expires=Sat, 17-Sep-2022 09:03:37 GMT; path=/; secure; HttpOnly X-FD-Time=1; expires=Fri, 17-Sep-2021 09:08:37 GMT; path=/;SameSite=None; secure; HttpOnly
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
date: Fri, 17 Sep 2021 09:03:37 GMT
content-length: 165

GET
H2 200 mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 22 KB
23 KB 129ms
19ms Font
application/font-woff2 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 1fdf3990465bea4c9ff79049a37f7d65
date: Fri, 17 Sep 2021 09:03:38 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 2de8b7b5-dd97-4d8b-a035-2de97aaab865
tls_version: tls1.3
ms-cv: Y5X+D9DAJECWuiWq.0
content-length: 22904
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 23:20:05 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=20960206
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 23:20:24 GMT

GET
H2 200 e3-082b89 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/2f-63ce8f/45-f9a0d4/aa-dc1460/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/6d-c07ea1/b0-ec9dd0/f6-aa5278/... 112 KB
30 KB 153ms
44ms Script
text/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/2f-63ce8f/45-f9a0d4/aa-dc1460/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/6d-c07ea1/b0-ec9dd0/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/f8-73a5f2/79-499886/7e-cda2d3/69-13871c/6a-234a32/de-884374/1f-100dea/33-abe4df/17-f90ef1/e3-082b89?ver=2.0&_cf=20210618

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1612c3696a257a1381e208e67ff67c762c6b0838a0c6a57fff0b4a3a679aff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: ac309d2f252b984298c24f3c7bfc95bc
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-09-14T22:11:13
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 6b990c48-7074-43ba-9ac4-e2b40013f075
tls_version: tls1.3
x-s1: 2021-09-14T22:11:13
ms-cv: bo7XlXnuNUeK4XIR.0
vary: Accept-Encoding
content-length: 29974
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 22:11:13 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-09-02T07:27:02.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31324040
timing-allow-origin: *
x-appversion: 1.0.7914.42211
expires: Wed, 14 Sep 2022 22:10:58 GMT

GET
H2 200 a4-539297 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/ 1 KB
1 KB 181ms
72ms Script
text/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/a4-539297?ver=2.0&_cf=20210618

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f5ff83c4168dccb1a1dcec97a9c5f826ba01038eda3d5fa3905c559bda488fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 7860c7236f127b4f912fb723eb49546b
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-08-10T19:23:02
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 618bfc20-6f1e-40cd-bba5-5ffd7939dea6
tls_version: tls1.3
x-s1: 2021-08-10T19:23:02
ms-cv: ZrglMe/QUkyNY0x/.0
vary: Accept-Encoding
content-length: 558
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Aug 2021 19:23:02 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-06-10T04:04:28.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=28289895
timing-allow-origin: *
x-appversion: 1.0.7830.36134
expires: Wed, 10 Aug 2022 19:21:53 GMT

GET
H2 200 cb-1abbc4 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/ 247 KB
69 KB 200ms
91ms Script
text/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

36ba7f8e7880e7a1bd44fe46980ae20b4c3a0159ffcafc4b60245adf85457ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 3332c209c3d91541996c8c12829695c8
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-08-18T18:44:56
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 8d72f459-af07-4137-a151-11abe2cbee3a
tls_version: tls1.3
x-s1: 2021-08-18T18:44:56
ms-cv: ND4vmbFgMkyDI2Sh.0
vary: Accept-Encoding
content-length: 70150
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Aug 2021 18:44:51 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-08-13T10:57:42.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=28978826
timing-allow-origin: *
x-appversion: 1.0.7895.5331
expires: Thu, 18 Aug 2022 18:44:04 GMT

GET
H2 200 social Show response
www.microsoft.com/mwf/js/MWF_20210208_31270267/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslide... 103 KB
26 KB 220ms
112ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/js/MWF_20210208_31270267/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslidecarousel/skiptomain/social?apiVersion=1.0

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef947c2450728f1ac8a89a4db8124d5a801f271d685774f2a570561f764ff230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: d78a8c37631b034484889ab1b4d67587
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-rtag: RT
x-s2: 2021-05-18T14:44:28
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: b566449c-b57b-4838-a77b-494339a4a620
tls_version: tls1.3
x-edgeconnect-midmile-rtt: 6
x-s1: 2021-05-18T14:44:28
strict-transport-security: max-age=31536000
ms-cv: Vst95Js8I0mjw3S8.0
content-length: 25892
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 14:44:26 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript; charset=utf-8
x-edgeconnect-origin-mex-latency: 105
cache-control: public, max-age=21015623
timing-allow-origin: *
x-appversion: 1.0.7797.2686
expires: Wed, 18 May 2022 14:44:01 GMT

GET
H2 200 social
www.microsoft.com/mwf/css/MWF_20210208_31270267/west-european/default/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pa... 389 KB
42 KB 128ms
20ms Stylesheet
text/css 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/css/MWF_20210208_31270267/west-european/default/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslidecarousel/skiptomain/social?apiVersion=1.0&include_base=true

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

890346a4b280fb25b5315c9294fd076bab64ed0d0d63e9cd8f2a9bf4cb7fedd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: d876308f7f004648b7a918b6ea30384f
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-rtag: RT
x-s2: 2021-05-18T15:44:10
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 4257bd5c-ec94-40ed-8dba-f596aebee1a2
tls_version: tls1.3
x-edgeconnect-midmile-rtt: 15
x-s1: 2021-05-18T15:44:10
strict-transport-security: max-age=31536000
ms-cv: Mj4DKlwJ1kKJ/mCI.0
content-length: 41962
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 15:44:09 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
x-edgeconnect-origin-mex-latency: 109
cache-control: public, max-age=21019245
timing-allow-origin: *
x-appversion: 1.0.7797.2686
expires: Wed, 18 May 2022 15:44:23 GMT

GET
H2 200 49-5e3df3
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/mscomhp/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/c2-721ede/57-7b1339/37-e29aca/21-7d6c87/5a-e79275/ 95 KB
14 KB 184ms
77ms Stylesheet
text/css 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/mscomhp/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/c2-721ede/57-7b1339/37-e29aca/21-7d6c87/5a-e79275/49-5e3df3?ver=2.0&_cf=20210618

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

c8b2571af80bd5d5fe0bf4fbcf33d633c8e38540209d2305f2e5726cdc07362a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: cff69cbcee7ac14ea181964d383ff0f3
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-09-14T20:24:34
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 6090bc17-c3bb-41f6-bb2f-500aa266cd49
tls_version: tls1.3
x-s1: 2021-09-14T20:24:33
ms-cv: qqRCWrVBWEagw8wb.0
vary: Accept-Encoding
content-length: 13635
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 20:24:33 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-09-02T07:27:02.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31317639
timing-allow-origin: *
x-appversion: 1.0.7914.42211
expires: Wed, 14 Sep 2022 20:24:17 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/ 87 KB
31 KB 25ms
23ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/jquery-3.5.1.min.js

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: e14498ea1ee25d43b9eae3f5e14215e7
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 5063f07f-ed8d-4e5d-ba59-19795a4f872f
tls_version: tls1.3
ms-cv: NEPERW35E0SbOFam.0
vary: Accept-Encoding
content-length: 30958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 14:51:29 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
x-edgeconnect-origin-mex-latency: 50
cache-control: public, max-age=20929542
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 14:49:20 GMT

GET
H2 200 at-v2.js Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/560cbfc6/mscom.statics/externalscripts/mscomhp/ 188 KB
55 KB 193ms
85ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/560cbfc6/mscom.statics/externalscripts/mscomhp/at-v2.js

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

c74029cbf99dfacf7ed78388fd5a2bf1466b71ac7e5bfd140eed4f98cf488864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 7c2f025785c11848864cbcb1d29005ff
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 7b549365-00b7-4134-b165-744f9a1210f1
tls_version: tls1.3
ms-cv: tbfVyu16g0mrct/q.0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 25 May 2021 22:03:46 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-20T09:49:24.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=21646819
x-appversion: 1.0.7810.3282
expires: Wed, 25 May 2022 22:03:57 GMT

GET
H2 200 meversion Show response
mem.gfx.ms/ 27 KB
9 KB 248ms
41ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.253.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a917a67b9b0ef8251500390e94ba937602730e042757dc2a060b64085eedd67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Sep 2021 09:03:38 GMT
x-azure-ref: 06llEYQAAAAB39MnOM9PESaBj5ILnXrz3TE9OMjFFREdFMDIxNABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Fri, 17 Sep 2021 20:50:33 GMT

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 81ms
7ms Image
image/png 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Thu, 16 Sep 2021 00:31:08 GMT
x-datacenter: NorthEU
x-source-length: 4054
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=314798
x-activityid: 7602211e-0d80-4b22-b6be-5c74a7e6b970
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length: 4054
expires: Tue, 21 Sep 2021 00:30:16 GMT

GET
H2 200 RE4G1h6
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 22 KB
23 KB 95ms
22ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4G1h6?ver=151f&q=0&m=8&h=600&w=1600&b=%23FFFFFFFF&l=f&x=0&y=198&s=2120&d=795&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f90cd4a62a8507adf31fcbd98021d21ada7f155b27a5df2875eb166f76fd16ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Tue, 14 Sep 2021 05:14:42 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=158966
content-length: 22828
expires: Sun, 19 Sep 2021 05:13:04 GMT

GET
H2 200 1x1clear.gif
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/ 43 B
641 B 21ms
20ms Image
image/gif 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/1x1clear.gif

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 690a6ce6fae75345b3bd12420454c650
date: Fri, 17 Sep 2021 09:03:38 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: d8ed0918-976e-4b6d-a350-1aaa6145b65b
tls_version: tls1.3
ms-cv: EOBcBmMW6EyC/Y0L.0
content-length: 43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 23:20:05 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/gif
x-edgeconnect-origin-mex-latency: 99
cache-control: public, max-age=20960243
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 23:21:01 GMT

GET
H2 200 facebook.svg
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/2532198d/coreui.statics/images/social/ 465 B
956 B 36ms
35ms Image
image/svg+xml 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/2532198d/coreui.statics/images/social/facebook.svg

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd1d4dec1f814e1ea8638db1ae3cf427c43aa487615fcb6e8dce629609079838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 7ce28070499f954bb8f512c3ead701be
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 2235b552-0b40-4132-930c-6a88bdb7b0f7
tls_version: tls1.3
ms-cv: nhvI+61NGEyTevjM.0
vary: Accept-Encoding
content-length: 333
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 23:20:12 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/svg+xml
x-edgeconnect-origin-mex-latency: 30
cache-control: public, max-age=20960204
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 23:20:22 GMT

GET
H2 200 twitter.svg
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/6f40299c/coreui.statics/images/social/ 835 B
1 KB 58ms
57ms Image
image/svg+xml 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/6f40299c/coreui.statics/images/social/twitter.svg

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

674ab08b0861f79fbe6273d213ba4ee5575635344b52a666d23b42331f3fca9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: ef0ec2d1449def43a975622441cda29f
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: cf1cea20-269f-4046-8762-2c0513730411
tls_version: tls1.3
ms-cv: hTF9TnK9XEiCBn1/.0
vary: Accept-Encoding
content-length: 470
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 19:37:42 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/svg+xml
x-edgeconnect-origin-mex-latency: 111
cache-control: public, max-age=20946846
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 19:37:44 GMT

GET
H2 200 linkedin.svg
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/413bd4a8/coreui.statics/images/social/ 472 B
947 B 79ms
78ms Image
image/svg+xml 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/413bd4a8/coreui.statics/images/social/linkedin.svg

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

91584b1a5233c46807a0d3ecc03a77c12e638c4aa74f4c7c08c708b58c3bd7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: 7bb7fa4eb13ea74e95efd901a4a56007
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 89dc4c8b-ed2c-42f5-85ea-f9e5a6ad5e98
tls_version: tls1.3
ms-cv: 0ngfL67sQE640RKr.0
vary: Accept-Encoding
content-length: 325
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 22 May 2021 09:49:58 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/svg+xml
x-edgeconnect-origin-mex-latency: 115
cache-control: public, max-age=21343611
x-appversion: 1.0.7797.2686
expires: Sun, 22 May 2022 09:50:29 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 7 KB
3 KB 166ms
38ms XHR
application/json 18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1631869418172

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/560cbfc6/mscom.statics/externalscripts/mscomhp/at-v2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

77c8a6f544909c8b61189a5310a8ecfb13fdd0ebd3f9ace526398f4ad8fdaff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v016-08e2cf008.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: m2Gs+Q5WRs8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://service.onerf.microsoft.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1987
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 69ms
8ms Font
font/woff2 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20210208_31270267/west-european/default/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslidecarousel/skiptomain/social?apiVersion=1.0&include_base=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://www.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=350034
accept-ranges: bytes
content-length: 34052
expires: Tue, 21 Sep 2021 10:17:32 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 29 KB
30 KB 41ms
7ms Font
font/woff2 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20210208_31270267/west-european/default/alert/autosuggest/banner/contentplacement/contentplacementitem/flipper/glyph/heading/hero/heroitem/hyperlinkgroup/image/list/pagebehaviors/singleslidecarousel/skiptomain/social?apiVersion=1.0&include_base=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer: https://www.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Fri, 10 Jan 2020 19:09:42 GMT
etag: "83cce83e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=244787
accept-ranges: bytes
content-length: 30132
expires: Mon, 20 Sep 2021 05:03:25 GMT

GET
H2 200 RE4sQDc
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 150 B
323 B 102ms
101ms Image
image/png 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4sQDc?ver=30c2&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8a51fc9883bae76c510d2f4480c9911c4b03a3ed451dff1064e6e7cf9694fb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Thu, 16 Sep 2021 11:18:50 GMT
server: Akamai Image Manager
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=353727
content-length: 150
expires: Tue, 21 Sep 2021 11:19:05 GMT

GET
H2 200 RE4pndL
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 512 B
716 B 40ms
39ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4pndL?ver=5217&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 83ab695ebe8f0a9bec07a9fdeff455aac41a90b548cded974c42204a8d30a73d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-check-cacheable: YES
x-serial: 685
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=265154
last-modified: Fri, 17 Sep 2021 03:33:21 GMT
content-length: 512
server: Akamai Image Manager
expires: Mon, 20 Sep 2021 10:42:52 GMT

GET
H2 200 RE4pxBu
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 502 B
676 B 50ms
49ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4pxBu?ver=eae5&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: de9d34e28176fced89c5b0f2454b1b51db8b192520f75082e0d92004593a1b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Fri, 17 Sep 2021 03:42:50 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=412787
content-length: 502
expires: Wed, 22 Sep 2021 03:43:25 GMT

GET
H2 200 RE4pkvE
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 214 B
418 B 80ms
79ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4pkvE?ver=d8fc&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2a8ca9c84724af1818d763ecca8d8d7103611a0b77534461a471223ecab11a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-check-cacheable: YES
x-serial: 1203
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=413358
last-modified: Fri, 17 Sep 2021 03:53:03 GMT
content-length: 214
server: Akamai Image Manager
expires: Wed, 22 Sep 2021 03:52:56 GMT

GET
H2 200 RE4pkvg
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 210 B
414 B 77ms
76ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4pkvg?ver=0c4c&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0c7f92b88cbe427640bb0865a83931b7b1e2eb3681acf030dbc19f8925defa97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-check-cacheable: YES
x-serial: 1593
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=412996
last-modified: Fri, 17 Sep 2021 03:45:33 GMT
content-length: 210
server: Akamai Image Manager
expires: Wed, 22 Sep 2021 03:46:54 GMT

GET
H2 200 RE4rriw
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 342 B
517 B 287ms
286ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4rriw?ver=b2d5&q=90&m=6&h=40&w=40&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 58b2bf14701eb62c3607be197642e0bfbe7aefe0f2fa32c766169e7039e082d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Fri, 17 Sep 2021 03:42:12 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=412747
content-length: 342
expires: Wed, 22 Sep 2021 03:42:45 GMT

GET
H2 200 RE4xikZ
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 2 KB
2 KB 56ms
55ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xikZ?ver=5587&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5c25a68d09403c4046d3530e357dd8dac128ca8e9032aaf9ecc0d3ec2fef8ca5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-check-cacheable: YES
x-serial: 1498
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=124124
last-modified: Mon, 13 Sep 2021 19:34:42 GMT
content-length: 1732
server: Akamai Image Manager
expires: Sat, 18 Sep 2021 19:32:22 GMT

GET
H2 200 RE4E4rR
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 5 KB
5 KB 115ms
114ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4E4rR?ver=1daf&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a1a34899e80ff8632eeb7bb04959e961a8e94f226a96effc2fc9324979e79ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-check-cacheable: YES
x-serial: 738
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=412223
last-modified: Fri, 17 Sep 2021 03:35:33 GMT
content-length: 4896
server: Akamai Image Manager
expires: Wed, 22 Sep 2021 03:34:01 GMT

GET
H2 200 RE4P80m
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 37 KB
37 KB 77ms
76ms Image
image/jpeg 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4P80m?ver=316d&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&x=1157&y=247&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c8a68d34f86aa62fdbee244638da3a510ccfce0f2c06b15176b4ed7c056d63cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Fri, 17 Sep 2021 03:37:55 GMT
server: Akamai Image Manager
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=412380
content-length: 38053
expires: Wed, 22 Sep 2021 03:36:38 GMT

GET
H2 200 RE2iCCW
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 8 KB
8 KB 96ms
95ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE2iCCW?ver=6d19&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 406339f282d02f58281d9492af211480251ad1937f56e89be92cc771e2c5d00d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Sat, 11 Sep 2021 19:00:55 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=338153
content-length: 8058
expires: Tue, 21 Sep 2021 06:59:31 GMT

GET
H/1.1 200
OK dest5.html Show response
mscom.demdex.net/ Frame D391 7 KB
3 KB 132ms
30ms Document
text/html 52.213.161.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mscom.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/560cbfc6/mscom.statics/externalscripts/mscomhp/at-v2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.161.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-161-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mscom.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://service.onerf.microsoft.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=73269857536323916193908179334516605745
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 17 Sep 2021 09:03:38 GMT
DCS: dcs-prod-irl1-1-v016-0a32585df.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Sep 2021 14:56:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: TG3lzq/HQOY=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
msftenterprise.sc.omtrdc.net/ 2 B
325 B 65ms
16ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://msftenterprise.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=72807902574905038843934064651601537598&ts=1631869418347

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdcd75487-dgwrz
vary: Origin
x-c: main-1507.I8824ac.M0-513
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://service.onerf.microsoft.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YURZ6gAAAGeddgQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73269857536323916193908179334516605745
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YURZ6gAAAGeddgQE

42 B
945 B

34ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YURZ6gAAAGeddgQE

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-08e2cf008.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: og895ixySvk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YURZ6gAAAGeddgQE
Date: Fri, 17 Sep 2021 09:03:38 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
target.microsoft.com/rest/v1/ 290 B
521 B 138ms
41ms XHR
application/json 34.247.157.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://target.microsoft.com/rest/v1/delivery?client=microsoftmscompoc&sessionId=a2a75fb2ffe94d3ab4617001cd2470a1&version=2.4.0
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.157.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-157-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 90161cac0f88f1ff21edf5b0bb68981019265b64770987d274db025c53c7baee

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://service.onerf.microsoft.com
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 161b5afe999d51206f43b46cec818cc3
content-type: application/json;charset=UTF-8

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 155 KB
28 KB 109ms
36ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.253.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 23:27:58 GMT
etag: "1d75f5415e787b6"
x-azure-ref: 06llEYQAAAACUxtDcgldkRalFcOL2ShrwTE9OMjFFREdFMDIyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:37 GMT
x-ua-compatible: IE=edge

GET
H2 200 RWK3ad
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 162 KB
163 KB 108ms
108ms Image
image/jpeg 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWK3ad?ver=b9ad&q=0&m=8&h=600&w=1600&b=%23FFFFFFFF&l=f&x=0&y=0&s=1898&d=712&aim=true
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4386fe79f3f15aba90a1c2f695e753ed33787650be8ca0b92afac4b118bc7e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Wed, 15 Sep 2021 15:57:39 GMT
server: Akamai Image Manager
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=284073
content-length: 165884
expires: Mon, 20 Sep 2021 15:58:11 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=3e916144-59ea-4200-af6c-eee2199805c9&ddsuuid=73269857536323916193908179334516605745
dpm.demdex.net/ Frame D391
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=73269857536323916193908179334516605745&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d73269857536323...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3e916144-59ea-4200-af6c-eee2199805c9&ddsuuid=73269857536323916193908179334516605745

42 B
945 B

38ms
38ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=3e916144-59ea-4200-af6c-eee2199805c9&ddsuuid=73269857536323916193908179334516605745

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-06a7974db.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1rfcGaNkRj8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 17 Sep 2021 09:03:38 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=3e916144-59ea-4200-af6c-eee2199805c9&ddsuuid=73269857536323916193908179334516605745
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Sep 2021 09:03:37 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=603108474039718461
dpm.demdex.net/ Frame D391
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=603108474039718461

42 B
945 B

34ms
33ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=603108474039718461

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0e1833bdb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Wf/VnplaRR4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:38 GMT
X-Proxy-Origin: 216.131.114.84; 216.131.114.84; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f4512f31-83a1-43a3-8417-740f4abf53fa
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=603108474039718461
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

200

MeSilentPassport Show response
service.onerf.microsoft.com/en-us/mscomhp/onerf/ Frame 9B84
Redirect Chain

https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3a%2f%2fservice.onerf.microsoft.com%2fen-us%2fmscomhp%2fonerf%2fMeSilentPassport%3fSilentAu...
https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1

13 B
249 B

53ms
53ms

Document
text/html

40.127.240.222
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.240.222 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e292eebe3d0c9dafcac6a34a69ebc11aaceef536a6edd19d32dbaee0453d28d0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: service.onerf.microsoft.com
:scheme: https
:path: /en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.onerf.microsoft.com/
accept-encoding: gzip, deflate, br
cookie: ONERFSSO=1; isFirstSession=1; MUID=3C90B62659596C40371EA69358146DF3; X-FD-FEATURES=ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922; X-FD-Time=1; at_check=true; MicrosoftApplicationsTelemetryDeviceId=1c9f9c7d-c029-4262-9353-3519f6622617; ai_session=DV6Z3x4KJmADbJ2obQDyP9|1631869418325|1631869418325; AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg=1; AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=1585540135%7CMCIDTS%7C18888%7CMCMID%7C72807902574905038843934064651601537598%7CMCAAMLH-1632474218%7C6%7CMCAAMB-1632474218%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1631876618s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18895%7CvVersion%7C4.4.0; mbox=session#a2a75fb2ffe94d3ab4617001cd2470a1#1631871279|PC#a2a75fb2ffe94d3ab4617001cd2470a1.37_0#1666056117; _cs_c=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: User-Agent
server: Microsoft-IIS/10.0
x-activity-id: eee71b66-ea4a-4e94-9be7-32ca9affd9b2
ms-cv: CaLkzEBJdUCSpCRb.0
x-appversion: 1.0.7914.42211
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-09-02T07:27:02.0000000Z}
ms-operation-id: e6b3e80c3a0296458695d0af48b2e9e1
p3p: CP="CAO CONi OTR OUR DEM ONL"
set-cookie: X-FD-FEATURES=ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922; expires=Sat, 17-Sep-2022 09:03:38 GMT; path=/; secure; HttpOnly X-FD-Time=1; expires=Fri, 17-Sep-2021 09:08:38 GMT; path=/;SameSite=None; secure; HttpOnly
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
date: Fri, 17 Sep 2021 09:03:38 GMT
content-length: 131

Redirect headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Fri, 17 Sep 2021 09:02:38 GMT
Location: https://service.onerf.microsoft.com/en-us/mscomhp/onerf/MeSilentPassport?SilentAuth=1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: uaid=fa009869605d4a6b908baa420e979780; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=74335&lt=1631869418&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 6a53e98a-ae73-4756-85fd-1d9e444bd4b0
PPServer: PPV: 30 H: BL6PPF9D2EF1B89 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Fri, 17 Sep 2021 09:03:38 GMT

GET
H/1.1 200
OK Cookie set me.srf Show response
login.live.com/ Frame 9F3F 10 KB
5 KB 257ms
123ms Document
text/html 40.126.31.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fservice.onerf.microsoft.com&uaid=4b96ca09-6a95-4526-a608-b918430e3bc3&partnerId=mshomepage

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.31.6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cbe8b29defd685d7616c18628f34aafacd32af3045b20a5b9efb7d8027a25339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: login.live.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://service.onerf.microsoft.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Expires: Fri, 17 Sep 2021 09:02:38 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: uaid=4b96ca096a954526a608b918430e3bc3; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=N&lt=1631869418&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 6bbf85bc-9f7a-489c-9bef-ac676dd2d976
PPServer: PPV: 30 H: BL02PF5D34D45DC V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Fri, 17 Sep 2021 09:03:38 GMT
Content-Length: 4368

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 100 KB
16 KB 34ms
34ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.253.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 23:28:02 GMT
etag: "1d75f541849cb40"
x-azure-ref: 06llEYQAAAABOrwdQsAX6SphJXXzqFi2lTE9OMjFFREdFMDIyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:38 GMT
x-ua-compatible: IE=edge

GET
H2

200

c.gif
c1.microsoft.com/
Redirect Chain

https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&RedC=c1.microsoft.com&MXFR=3C90B62659596C40371EA69358146DF3
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&MUID=3C90B62659596C40371EA69358146DF3

42 B
263 B

39ms
38ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&MUID=3C90B62659596C40371EA69358146DF3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Wed, 15 Sep 2021 17:29:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "367bb54357aad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:38 GMT
x-msedge-ref: Ref A: 95CA8FDDDC044F379140A33965E4EC54 Ref B: PRG01EDGE1011 Ref C: 2021-09-17T09:03:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=AF85CFAA7CF040ABA3040C2D2B09634F&MUID=3C90B62659596C40371EA69358146DF3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cartcount Show response
www.microsoft.com/store/buy/ Frame D8F3 1 KB
1 KB 21ms
21ms Document
text/html 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/store/buy/cartcount

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/2f-63ce8f/45-f9a0d4/aa-dc1460/2d-7a9063/dc-7e9864/4f-5115f8/7d-266f10/4a-abd94b/6d-c07ea1/b0-ec9dd0/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/f8-73a5f2/79-499886/7e-cda2d3/69-13871c/6a-234a32/de-884374/1f-100dea/33-abe4df/17-f90ef1/e3-082b89?ver=2.0&_cf=20210618

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

68d929a10c3cd609b936b50a541533994b044b38558a33530ff45d1b420cc07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.microsoft.com
:scheme: https
:path: /store/buy/cartcount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.onerf.microsoft.com/
accept-encoding: gzip, deflate, br
cookie: MUID=3C90B62659596C40371EA69358146DF3; at_check=true; AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg=1; AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=1585540135%7CMCIDTS%7C18888%7CMCMID%7C72807902574905038843934064651601537598%7CMCAAMLH-1632474218%7C6%7CMCAAMB-1632474218%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1631876618s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18895%7CvVersion%7C4.4.0; mbox=session#a2a75fb2ffe94d3ab4617001cd2470a1#1631871279|PC#a2a75fb2ffe94d3ab4617001cd2470a1.37_0#1666056117
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/

Response headers

pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
x-activity-id: dc237979-2429-42d9-879d-ea3a5c935a65
ms-cv: bsXDa+8mEEG4Pyh/.0
x-appversion: 1.0.7905.41085
x-az: {did:9a8cd53207774949b337f7edab013e9f, rid: 35, sn: storeexp-neu-prod, dt: 2021-09-10T07:18:17.4739981Z, bt: 2021-08-23T22:49:30.0000000Z}
ms-operation-id: 5451c248e621d84baa0ad1fefe4b6476
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 489
cache-control: max-age=63595
expires: Sat, 18 Sep 2021 02:43:33 GMT
date: Fri, 17 Sep 2021 09:03:38 GMT
vary: Accept-Encoding
tls_version: tls1.3
strict-transport-security: max-age=31536000
x-rtag: Str

GET
H2 200 RE4xdax
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 3 KB
3 KB 8ms
8ms Image
image/png 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 09:03:38 GMT
last-modified: Wed, 15 Sep 2021 18:31:18 GMT
x-datacenter: NorthEU
x-source-length: 3094
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=293208
x-activityid: bb8e63a0-7a0a-4f12-bdd8-f71192c73954
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax
content-length: 3094
expires: Mon, 20 Sep 2021 18:30:26 GMT

GET
H2 200 broker.js Show response
www.microsoft.com/library/svy/ 17 KB
5 KB 32ms
32ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/library/svy/broker.js

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

c8bd93fe9370530899e0456e64f553f47eba4cc7c87f0b06d936b77ff7eb76fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 20:53:50 GMT
content-md5: u03iTQmJV4i6fUMa4x8hRQ==
x-rtag: RT
etag: "0x8D9730AC2CC4D2B"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: d08b3142-f01e-0084-102d-a7be54000000
tls_version: tls1.3
cache-control: max-age=114481
x-ms-version: 2018-03-28
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5260

GET
H2 200 755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js Show response
cdnssl.clicktale.net/www32/ptc/ 305 KB
51 KB 150ms
7ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www32/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Requested by: Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 01eae66478dfb9877f66c50378863b7eeb213a72b478274d389be1da921e2636

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: .JYfeVv.2N0444UyYEtOvPVOfA4lE5At
content-encoding: br
last-modified: Tue, 14 Sep 2021 09:32:32 GMT
server: AmazonS3
x-amz-request-id: R66HG3DMYVTDAGVS
etag: "b3f93afceb6b6651372252449e3a6f0f"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Fri, 17 Sep 2021 09:03:38 GMT
accept-ranges: bytes
content-length: 51524
x-amz-id-2: B+lXhcbJY990SCDovabJpTj7yQkpYigiAQo1LA3qsCEuxyrdbFSN4QzSkYr/Z/ONtFhOhq2UbA8=
expires: Fri, 17 Sep 2021 09:13:38 GMT

GET
H2 200 audiencemanager.js Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/30ab1743/mscom.statics/externalscripts/mscomhp/ 53 KB
16 KB 83ms
82ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/30ab1743/mscom.statics/externalscripts/mscomhp/audiencemanager.js

Requested by

Host: service.onerf.microsoft.com
URL: https://service.onerf.microsoft.com/en-us/?rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

ffc4fe1e7daa518c41407bdf5abcfa11a9aedd2aa0c6cbe1c5bd6c74ac16c0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ms-operation-id: b4b7026514673c4e99a3942829c3e296
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 59bf5b18-37cd-4fe3-94cd-41a2752ed23a
tls_version: tls1.3
ms-cv: Hww7pjU/506BcmD8.0
vary: Accept-Encoding
content-length: 15755
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 23:20:28 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
x-edgeconnect-origin-mex-latency: 107
cache-control: public, max-age=20960310
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 23:22:08 GMT

GET
H2 200 broker-config.js Show response
www.microsoft.com/library/svy/ 12 KB
3 KB 254ms
254ms Script
application/javascript 2.18.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/library/svy/broker-config.js?1631869418694

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/library/svy/broker.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

f78abefb134c55a755d912078da2351d4193b7904d41c3a426fa440c68ea06a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 21:23:23 GMT
content-md5: jLFcpJ9k4nI0furjY20yOA==
x-rtag: RT
etag: "0x8D9795836D70467"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: d7e9f9d6-e01e-001e-6ea2-ab208d000000
tls_version: tls1.3
cache-control: max-age=604771
x-ms-version: 2018-03-28
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3014

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=e0a3d264c1d08151a0d3c1b03f11563630944638ce9830b7e6ea3a43ba63fbb5b0da87c991749652
dpm.demdex.net/ Frame D391
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=73269857536323916193908179334516605745
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDUQABoNCOqzkYoGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=e0a3d264c1d08151a0d3c1b03f11563630944638ce9830b7e6ea3a43ba63fbb5b0da87c991749652

42 B
945 B

34ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=e0a3d264c1d08151a0d3c1b03f11563630944638ce9830b7e6ea3a43ba63fbb5b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0779202be.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: S43DPwnWTlA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 17 Sep 2021 09:03:38 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=e0a3d264c1d08151a0d3c1b03f11563630944638ce9830b7e6ea3a43ba63fbb5b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

POST
H/1.1 200
OK event Show response
mscom.demdex.net/ 7 KB
3 KB 36ms
35ms XHR
application/json 52.213.161.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mscom.demdex.net/event?_ts=1631869418749

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.161.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-161-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c97278b647b81e651a76d05740d7e13a3a6b7e7dc5f4b7c67330a734882aa683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v016-00fb84adb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: UaPGY3F+RAs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://service.onerf.microsoft.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1896
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESENcJMcVKnQ3xpNAXgZeuK8c&google_cver=1
dpm.demdex.net/ Frame D391
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzMyNjk4NTc1MzYzMjM5MTYxOTM5MDgxNzkzMzQ1MTY2MDU3NDU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENcJMcVKnQ3xpNAXgZeuK8c&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

36ms
36ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENcJMcVKnQ3xpNAXgZeuK8c&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-043803aa7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EK1/IExnS3g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENcJMcVKnQ3xpNAXgZeuK8c&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls_CS.js Show response
cdnssl.clicktale.net/www/tc/ 10 KB
4 KB 8ms
8ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/tc/ls_CS.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www32/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5f27d796d9ff0f1366b38a4062752e54891be3ca98f59a79721fc9524e086534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FdCNlsD3mrOKwPvKKE8mTV85XDEqsANh
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 11:50:25 GMT
server: AmazonS3
x-amz-request-id: 4327MD0T0MAQR87F
etag: "215e3b643098607771df8d7ec4918577"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Fri, 17 Sep 2021 09:03:38 GMT
accept-ranges: bytes
content-length: 3547
x-amz-id-2: Y/Wi37Hz1kekceTDO+K4b2vHlG+SfBmS+Y8Ttdv+RP2c1IhyuNTkw7WbaXMcCqiMeZMMEpZkHUc=
expires: Fri, 17 Sep 2021 09:13:38 GMT

GET
H2 200 xdframe-single-domain-1.1.0.html Show response
cdnssl.clicktale.net/uxa/ Frame 5B18 2 KB
1 KB 9ms
9ms Document
text/html 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/uxa/xdframe-single-domain-1.1.0.html?pid=2422&cookieNames=_cs_id,_cs_s,_cs_cvars,_cs_ex
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www32/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf7635163c0991525863f3b5eb809ab7770fcdd92de0e916c162b8f1fbb71b1a

Request headers

:method: GET
:authority: cdnssl.clicktale.net
:scheme: https
:path: /uxa/xdframe-single-domain-1.1.0.html?pid=2422&cookieNames=_cs_id,_cs_s,_cs_cvars,_cs_ex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.onerf.microsoft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/

Response headers

x-amz-id-2: GxrU1iiXx+LGYBBG4/MuhdBSZYIKUwILOUQp/P+LY2c09HG1NtvpbHin4nJf3YZc8FpLuI00gbw=
x-amz-request-id: YQYGVZDSVX4A2SG4
last-modified: Thu, 30 Apr 2020 06:54:56 GMT
etag: "895e1defcb016da8da1092f66778b99a"
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 17 Sep 2021 09:03:38 GMT
content-length: 892
access-control-allow-origin: *

GET
BLOB 200
OK 87bbea5f-f863-411d-b2ae-27f340140b9d
https://service.onerf.microsoft.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://service.onerf.microsoft.com/87bbea5f-f863-411d-b2ae-27f340140b9d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 449446966fc86f9b41fb0a26c27f12253c97e2f57f99804289868c252937fc3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H2 200 MeControl_cezBYvvC2ypw8OLooil_Sw2.js Show response
logincdn.msauth.net/16.000/content/js/ Frame 9F3F 17 KB
6 KB 28ms
7ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/16.000/content/js/MeControl_cezBYvvC2ypw8OLooil_Sw2.js
Requested by: Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fservice.onerf.microsoft.com&uaid=4b96ca09-6a95-4526-a608-b918430e3bc3&partnerId=mshomepage
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F31) /
Resource Hash: eff04bd731cd18a4934ee4dd510d0b066b6ae4acb215a93e79800e26f5ea8786

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Sep 2021 09:03:38 GMT
content-encoding: gzip
content-md5: r7ONHQI6edxoHjhje+DJ7A==
age: 2604894
x-cache: HIT
content-length: 6036
x-ms-lease-status: unlocked
last-modified: Fri, 13 Aug 2021 08:54:43 GMT
server: ECAcc (frc/8F31)
etag: 0x8D95E37FE4F79C0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cbe55686-f01e-0070-6df1-93e35e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js Show response
cdnssl.clicktale.net/ptc/ 34 KB
9 KB 28ms
15ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www32/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 71a58e1688b8bb773386c78323c30f10015fda377c8016dbc21607672edaa519

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: aKNHyPRB4DJybR4I4gsy_pYjpdaw4ksn
content-encoding: br
last-modified: Wed, 23 Jun 2021 11:46:57 GMT
server: AmazonS3
x-amz-request-id: FC925DA7CAEYDC6G
etag: "892921820850b09deba861090cf75803"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
date: Fri, 17 Sep 2021 09:03:38 GMT
accept-ranges: bytes
content-length: 8655
x-amz-id-2: IPNui+On3Q9h1EevoIiKS6zDP7vybxUCQMHv7Kh09q69Y5IgWlbzLisF0QZtHH12+LKzt/mohW0=
expires: Fri, 17 Sep 2021 09:13:38 GMT

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE
dpm.demdex.net/ Frame D391
Redirect Chain

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

42 B
945 B

35ms
35ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-024b175af.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ICXoqwUASgo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1631869419.037807,VS0,VE93
x-served-by: cache-hhn4075-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js Show response
cdnssl.clicktale.net/pcc/ 100 KB
23 KB 7ms
7ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/pcc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js?DeploymentConfigName=Release_20210623&Version=1
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 22e7b24da4a2fd2f3856ca79be79ca40c9a6977f17ea0763ec2914c20d874039

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: crhNyBIFdmbaiNyHjx6IP9gINogCyqwk
content-encoding: br
last-modified: Wed, 23 Jun 2021 11:46:57 GMT
server: AmazonS3
x-amz-request-id: 7ZPVG11YBJ4752SV
etag: "15a1f0138ee1289713f6c59bc3bfe774"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 17 Sep 2021 09:03:38 GMT
accept-ranges: bytes
content-length: 22898
x-amz-id-2: /boZ1zfcojh4d6TnWUPGu9nyfsL9mMOQbij5IvpnGF8+vm9llpQNKfzN32XVI4st62xocyuaovM=
expires: Sat, 17 Sep 2022 09:03:38 GMT

GET
H2 200 latest-WR110.js Show response
cdnssl.clicktale.net/www/ 55 KB
17 KB 9ms
9ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/ptc/755cc4ab-c4bf-46d8-a608-d3c5d66fabac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a3273c0cf5ab9ecbe74d65761caf773674ef7afff8b4b1d3c8b8c84ef9e67039

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tvyDhRPfKZ7oWOe2yeHXlpZKc1yJYzmM
content-encoding: br
last-modified: Wed, 09 Jun 2021 11:30:01 GMT
server: AmazonS3
x-amz-request-id: 7VDYTFGKMMZ4F8ND
etag: "75ae7a3969bafa41cc67157e6508786d"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
date: Fri, 17 Sep 2021 09:03:38 GMT
accept-ranges: bytes
content-length: 16680
x-amz-id-2: adpUy7OV9boo9JHtgmxQgV+E2S4E2KDQLFoec0DApivRSQCGuLB3VkQRDocMBa2qKKA3DDBk4Ak=
expires: Sat, 18 Sep 2021 09:03:38 GMT

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/auth/ 239 B
397 B 324ms
99ms XHR
application/json 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/auth/?pid=1001&as=1&707978924&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 0f4a201b5870949ad1aadedc7739c6134e2c3bf17cb87acf67affc98a00dd493

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://service.onerf.microsoft.com
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-credentials: true
content-length: 239
content-type: application/json; charset=UTF-8

GET
H2 204 pageview
c.clicktale.net/ 0
319 B 121ms
29ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageview?pid=2422&uu=f015ac2e-6679-a2d6-b8a6-8f9d54654cdd&sn=1&lv=1631869418&lhd=1631869418&hd=1631869418&pn=1&re=1&dw=1600&dh=3539&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fservice.onerf.microsoft.com%2Fen-us%2F%3Frtc%3D1&uc=0&la=en-US&cvars=%7B%221%22%3A%5B%22signedInStatus%22%2C%22false%22%5D%7D&cvarp=%7B%221%22%3A%5B%22signedInStatus%22%2C%22false%22%5D%7D&v=11.0.0&r=364000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.clicktale.net/ 0
320 B 107ms
29ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=MIewdgZglg5gXAAgEoFMA2KCGBnFB9AJgAYCBGIgNgIGYgAA&isETR=false&isCustomHashId=false&v=11.0.0&pid=2422&uu=f015ac2e-6679-a2d6-b8a6-8f9d54654cdd&sn=1&pn=1&r=176228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.clicktale.net/ 0
319 B 97ms
30ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=PIOwNg9ghgJgBAHzgQTGOAFKBzApgZwC45gBlOAXjgHUBLEGCAd3zgEYAGIAAA%3D%3D&isETR=false&isCustomHashId=false&v=11.0.0&pid=2422&uu=f015ac2e-6679-a2d6-b8a6-8f9d54654cdd&sn=1&pn=1&r=086883
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 pageEvent
c.clicktale.net/ 0
319 B 96ms
30ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/pageEvent?value=PIOwNg9ghgJgBAHzgCQgWwKYAUoHMNAA&isETR=false&isCustomHashId=false&v=11.0.0&pid=2422&uu=f015ac2e-6679-a2d6-b8a6-8f9d54654cdd&sn=1&pn=1&r=859913
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 dvar
c.clicktale.net/ 0
319 B 88ms
30ms Image
text/plain 34.241.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clicktale.net/dvar?v=11.0.0&pid=2422&uu=f015ac2e-6679-a2d6-b8a6-8f9d54654cdd&sn=1&pn=1&dv=N4IgogGgCgBAhgFwA4FMBOAzAbADgAwIBMIAXCAmgK4ogA040MAjHgOxM4JOnlU32RYTAMxMALGK48K1OgyGiArEwBG0vnMEwEcAM4BbAJYBzNIkMB7AHZ4W62QMYBjOGgQp9K9EgA29%2FvLMhACcElJkMgFaACaGunAqPihWFmgoGJRW0br%2BmozRcE7WAG7o7lYJSdG5jrDJlSi6LmhJCAj6KDoFOjWBabFpTm0Wxq5ocda5AL5AAA%3D%3D&r=478945
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-235-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame D391 43 B
278 B 238ms
131ms Image
image/gif 104.18.11.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=73269857536323916193908179334516605745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.11.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 08 Sep 2017 18:54:25 GMT
server: cloudflare
etag: "59b2e761-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
accept-ranges: bytes
cf-ray: 6901299d9e4f412c-PRG
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame D391 43 B
582 B 138ms
122ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=73269857536323916193908179334516605745&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 17 Sep 2021 09:03:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6e9babeae01328449f89ce945d81e17d36812e80dd15470d9778372b2e9e2fcd
x-transaction: fcf0ee918c87eb47
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1121&dpuuid=1870471598152314518
dpm.demdex.net/ Frame D391
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=7085
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471598152314518

42 B
945 B

35ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471598152314518

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-02492c362.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OYDis2U+SiY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471598152314518
Date: Fri, 17 Sep 2021 09:03:39 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 WR1113b.js Show response
cdnssl.clicktale.net/www/ 114 KB
32 KB 8ms
7ms Script
application/javascript 104.111.243.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www/WR1113b.js
Requested by: Host: cdnssl.clicktale.net
URL: https://cdnssl.clicktale.net/www/latest-WR110.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-12.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 16a4b9b119f8ec2d98e854591786a83966b01b4583f255536b63449b992598d3

Request headers

Referer: https://service.onerf.microsoft.com/
Origin: https://service.onerf.microsoft.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: kpvJ_cWVC2kB0.A5Yvxma4LmqJE_1pfA
content-encoding: br
last-modified: Wed, 09 Jun 2021 11:30:01 GMT
server: AmazonS3
x-amz-request-id: 7VDS7J4ATCJWG606
etag: "345b014159f097e79876cdd654d26be9"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 17 Sep 2021 09:03:39 GMT
accept-ranges: bytes
content-length: 32191
x-amz-id-2: cHhQ+ExULoW6QwgvvftjmC4JoT0mqJ+eUts547tWjBv97N9VTb+63jT6jeCtNr/FUX9P+ifRXfc=
expires: Sat, 17 Sep 2022 09:03:39 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=05b4c399-45a7-468f-8cce-9c53ad81d3a5
dpm.demdex.net/ Frame D391
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=05b4c399-45a7-468f-8cce-9c53ad81d3a5

42 B
945 B

34ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=05b4c399-45a7-468f-8cce-9c53ad81d3a5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0d417d33d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Zx5FRgjEQTs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=05b4c399-45a7-468f-8cce-9c53ad81d3a5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
101 B 317ms
105ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&0&0&0&264&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:39 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK e3c88c78-697f-4d89-b121-e39000a6413b
https://service.onerf.microsoft.com/ 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://service.onerf.microsoft.com/e3c88c78-697f-4d89-b121-e39000a6413b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
971 B 1858ms
608ms XHR
application/json 13.78.111.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.0.2&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1631869419336&time-delta-to-apply-millis=use-collector-delta&w=1
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.78.111.199 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c2e2686625d5b0b8bac360e3bad3d95c67cf204e22e82fa7ec239b12c8b2d1af

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 17 Sep 2021 09:03:40 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 1535
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://service.onerf.microsoft.com
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=Z2g0oWRgZfd8bjSlYGAt8GRtM_F8P2WiaT3c-1PC
dpm.demdex.net/ Frame D391
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Z2g0oWRgZfd8bjSlYGAt8GRtM_F8P2WiaT3c-1PC

42 B
945 B

45ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Z2g0oWRgZfd8bjSlYGAt8GRtM_F8P2WiaT3c-1PC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-07800fea7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ECjEI1qzT4w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=Z2g0oWRgZfd8bjSlYGAt8GRtM_F8P2WiaT3c-1PC
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=3C90B62659596C40371EA69358146DF3
dpm.demdex.net/ Frame D391
Redirect Chain

https://c.bing.com/c.gif?uid=73269857536323916193908179334516605745&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3C90B62659596C40371EA69358146DF3

42 B
945 B

35ms
35ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3C90B62659596C40371EA69358146DF3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0aa317769.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: S85SSAFiRhs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:39 GMT
x-msedge-ref: Ref A: 651F4A14C3DD49598205333E7CE302A6 Ref B: PRG01EDGE1011 Ref C: 2021-09-17T09:03:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3C90B62659596C40371EA69358146DF3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=50083D2EA9AE22&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame D391
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50083D2EA9AE22&gdpr=0&gdpr_consent=

42 B
945 B

35ms
35ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50083D2EA9AE22&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0cb3b8942.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mGbRW4rkRZ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:39 GMT
Server: prod-xre-app18.frk11
X-HW: 1631869419.dop222.fr8.t,1631869419.cds267.fr8.shn,1631869419.dop222.fr8.t,1631869419.cds149.fr8.sc,1631869419.cds149.fr8.p
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50083D2EA9AE22&gdpr=0&gdpr_consent=
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

GET 1x1clear.gif
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/ 0
0

GET
H2 200 RWJUmY
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 75ms
75ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWJUmY?ver=3d88&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 39306cc63d33658c1c65b99e03571210736af613fa44a067c370dd32bc754bf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
last-modified: Thu, 16 Sep 2021 16:01:43 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=370618
content-length: 3896
expires: Tue, 21 Sep 2021 16:00:37 GMT

GET
H2 200 RE4CFyx
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 9 KB
9 KB 28ms
27ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4CFyx?ver=25c5&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&x=839&y=615&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 69659727defec72885b6b563d627ab760c13d72dc7b104cc72e6fc5aadc0b049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
x-check-cacheable: YES
x-serial: 1808
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=102387
last-modified: Mon, 13 Sep 2021 13:28:32 GMT
content-length: 9410
server: Akamai Image Manager
expires: Sat, 18 Sep 2021 13:30:06 GMT

GET
H2 200 RWEze0
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 6 KB
6 KB 28ms
28ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWEze0?ver=ab91&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 44884d0990a482dd5eebedb8ef5043dbf5460ef472c9ea5eb7c0ae53f05566f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
x-check-cacheable: YES
x-serial: 1976
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=102406
last-modified: Mon, 13 Sep 2021 13:33:14 GMT
content-length: 5750
server: Akamai Image Manager
expires: Sat, 18 Sep 2021 13:30:25 GMT

GET
H2 200 RE4E4rT
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 8 KB
9 KB 33ms
33ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4E4rT?ver=2072&q=90&m=6&h=201&w=358&b=%23FFFFFFFF&l=f&o=t&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: eb2b7845117b529445b00bf807dc366d6fc6fdc50ac528a50cde1126ae9d3313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
x-check-cacheable: YES
x-serial: 249
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=102034
last-modified: Mon, 13 Sep 2021 13:25:38 GMT
content-length: 8550
server: Akamai Image Manager
expires: Sat, 18 Sep 2021 13:24:13 GMT

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame D391
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=73269857536323916193908179334516605745&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=73269857536323916193908179334516605745&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
959 B

33ms
33ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-0a32585df.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: 4S0SCbL+QSc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 946
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 690129a2d840f9ce-PRG
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 RE3NR20
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 26 KB
26 KB 24ms
22ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE3NR20?ver=7bd2&q=0&m=8&h=600&w=1600&b=%23FFFFFFFF&l=f&x=0&y=213&s=2103&d=789&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 00a9b88dcacae943bcaa1528280c7bbc6445eacaed1d6d52d3babb03ed08a82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
x-check-cacheable: YES
x-serial: 248
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=159876
last-modified: Thu, 09 Sep 2021 17:23:21 GMT
content-length: 26506
server: Akamai Image Manager
expires: Sun, 19 Sep 2021 05:28:15 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame D391
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=73269857536323916193908179334516605745&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-od0wxHxE2pFQSJfwCTEC_UbXbPVgYkMVfNk-~A

42 B
945 B

35ms
34ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-od0wxHxE2pFQSJfwCTEC_UbXbPVgYkMVfNk-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-06a7974db.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oTxNQ7S9Ss8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 17 Sep 2021 09:03:40 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-od0wxHxE2pFQSJfwCTEC_UbXbPVgYkMVfNk-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 RWK4Xl
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 129 KB
129 KB 60ms
60ms Image
image/jpeg 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWK4Xl?ver=934d&q=0&m=8&h=600&w=1600&b=%23FFFFFFFF&l=f&x=0&y=0&s=1898&d=712&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bbec7e1a3bb6435104ee7db9c97e72e61babdd6e26716ba1dd9227cced5938cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:39 GMT
last-modified: Wed, 15 Sep 2021 15:57:39 GMT
server: Akamai Image Manager
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=284038
content-length: 131876
expires: Mon, 20 Sep 2021 15:57:37 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame D391
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ6851558201126812155&uid=Q6851558201126812155&ref=%2Feucm%2Fp%2Fadpq
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

7ms
7ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 09:03:40 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Fri, 17 Sep 2021 09:03:40 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 106ms
105ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&1&0&1&264&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:40 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H2 200 7
jadserve.postrelease.com/dmp/ Frame D391 43 B
427 B 426ms
111ms Image
image/gif 3.217.216.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/7?vk=73269857536323916193908179334516605745&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-216-1.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 RWKozn
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 145 KB
145 KB 55ms
54ms Image
image/jpeg 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWKozn?ver=35df&q=0&m=8&h=600&w=1600&b=%23FFFFFFFF&l=f&x=0&y=0&s=1898&d=712&aim=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 05a444ef0a666a01f98a8e0557ac2b08aa5a767ad122e80ceee6fdba3e14aa65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:40 GMT
x-check-cacheable: YES
x-serial: 631
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=283955
last-modified: Wed, 15 Sep 2021 15:57:42 GMT
content-length: 148114
server: Akamai Image Manager
expires: Mon, 20 Sep 2021 15:56:15 GMT

GET
H2 204 adb-ext.gif
ds.reson8.com/ Frame D391 0
169 B 244ms
29ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/adb-ext.gif?puid=73269857536323916193908179334516605745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 690129a54cfdf9e2-PRG
date: Fri, 17 Sep 2021 09:03:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK user
bttrack.com/dmp/adobe/ Frame D391 35 B
380 B 393ms
96ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=73269857536323916193908179334516605745
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 17 Sep 2021 09:02:44 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

ibs:dpid=72352&dpuuid=15289153132202586867&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame D391
Redirect Chain

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15289153132202586867&gdpr=0&gdpr_consent=

42 B
945 B

33ms
33ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15289153132202586867&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v016-0133e6514.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iHwcJxi3QCo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15289153132202586867&gdpr=0&gdpr_consent=
date: Fri, 17 Sep 2021 09:03:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
BLOB 200
OK 103e4f6f-8abc-4ff8-b853-5ee01feed56e
https://service.onerf.microsoft.com/ 35 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://service.onerf.microsoft.com/103e4f6f-8abc-4ff8-b853-5ee01feed56e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 36316

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 211ms
210ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&2&1&0&104&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:40 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK CookieSyncAdobe
rtb.adentifi.com/ Frame D391 0
88 B 452ms
109ms Image
text/plain 52.45.16.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.16.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-16-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 287ms
286ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&3&1&1&104&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:40 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 284ms
283ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&4&1&2&105&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.onerf.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:40 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=e59c4553db39384f00d1b77fd222c780
dpm.demdex.net/ Frame D391
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=73269857536323916193908179334516605745?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=73269857536323916193908179334516605745?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e59c4553db39384f00d1b77fd222c780

42 B
945 B

36ms
36ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e59c4553db39384f00d1b77fd222c780

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-0a6af27ba.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XrUbCV6aScE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e59c4553db39384f00d1b77fd222c780
cache-control: no-cache
x-server: 10.45.25.9
content-length: 0
expires: 0

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE
dpm.demdex.net/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

42 B
945 B

32ms
32ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-00fb84adb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7dEy3Qf1Q50=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.676807,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=YURZ6gAAAGeddgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

/
rtd-tm.everesttech.net/migrate_et3/ Frame D391
Redirect Chain

https://rtd.tubemogul.com/migrate_et3/
https://rtd-tm.everesttech.net/migrate_et3/

0
58 B

97ms
97ms

Image
text/plain

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtd-tm.everesttech.net/migrate_et3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1631869421.756555,VS0,VE89
x-served-by: cache-hhn4075-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.749981,VS0,VE0
x-served-by: cache-hhn4036-HHN
x-cache: HIT
location: https://rtd-tm.everesttech.net/migrate_et3/
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVSWjZnQUFBR2VkZGdRRQ==

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVSWjZnQUFBR2VkZGdRRQ==

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.850760,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVVSWjZnQUFBR2VkZGdRRQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YURZ6gAAAGeddgQE&expires=90

0
239 B

35ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YURZ6gAAAGeddgQE&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.952081,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YURZ6gAAAGeddgQE&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE&C=1

43 B
1003 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 17 Sep 2021 09:03:41 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YURZ6gAAAGeddgQE&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Fri, 17 Sep 2021 09:03:41 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YURZ6gAAAGeddgQE

43 B
1015 B

7ms
6ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YURZ6gAAAGeddgQE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:41 GMT
X-Proxy-Origin: 216.131.114.84; 216.131.114.84; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0d782cd0-7a25-457a-bd90-0b0e77eddd8b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.154211,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YURZ6gAAAGeddgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 154 B
509 B 1039ms
1038ms XHR
application/json 13.78.111.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.0.2&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1631869421199&w=1
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.78.111.199 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 7e54882455dfa0a18210c6e7bbe072cad9b74a71a562bd3602e861d9053c377f

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 17 Sep 2021 09:03:41 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 514
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://service.onerf.microsoft.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 154

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YURZ6gAAAGeddgQE
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YURZ6gAAAGeddgQE

43 B
180 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YURZ6gAAAGeddgQE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YURZ6gAAAGeddgQE
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 google
server: OXGW/16.216.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YURZ6gAAAGeddgQE

1 B
548 B

55ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YURZ6gAAAGeddgQE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:03:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:1117
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869421.357299,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YURZ6gAAAGeddgQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1&__user_check__=1&sync_id=2764d101-1796-11ec-a8ae-1ef5e1e50306

43 B
548 B

17ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1&__user_check__=1&sync_id=2764d101-1796-11ec-a8ae-1ef5e1e50306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 09:03:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 17 Sep 2021 09:03:41 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YURZ6gAAAGeddgQE&img=1&__user_check__=1&sync_id=2764d101-1796-11ec-a8ae-1ef5e1e50306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 1
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame D391
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YURZ6gAAAGeddgQE&t=2592000&o=0

43 B
1 KB

130ms
113ms

Image
image/gif

31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YURZ6gAAAGeddgQE&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 02:03:41 PDT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ncg+bX2HeCMIfkXpRRP6PbK0R+2/drfQ0bBJ4O0xkY600yZv640w0/mws0D+kts0cvtL9J6jUYIrUbbyZ0RFgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Fri, 17 Sep 2021 02:03:41 PDT

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631869422.558851,VS0,VE0
x-served-by: cache-hhn4075-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YURZ6gAAAGeddgQE&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame D391 43 B
238 B 48ms
14ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 17 Sep 2021 09:03:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631869422.692256,VS0,VE9
x-served-by: cache-hhn4057-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D391
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PEdSSFh-QT-ky-byCwKk6A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=73269857536323916193908179334516605745

43 B
556 B

113ms
112ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=73269857536323916193908179334516605745

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 09:03:42 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0HQ4VW4DYE1BMNSYRXXC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v016-06fdcd081.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vojuFLLaSss=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=73269857536323916193908179334516605745
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=390122&dpuuid=bTEH5c8jQVtgVggE4tnH2NiDclQ
dpm.demdex.net/ Frame D391
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adobe
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=bTEH5c8jQVtgVggE4tnH2NiDclQ

42 B
945 B

36ms
36ms

Image
image/gif

18.200.208.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=390122&dpuuid=bTEH5c8jQVtgVggE4tnH2NiDclQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.208.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-208-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v016-024b175af.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FJ4Xwmd4Tz8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=390122&dpuuid=bTEH5c8jQVtgVggE4tnH2NiDclQ
Date: Fri, 17 Sep 2021 09:03:42 GMT
Connection: keep-alive
Content-Length: 100
Content-Type: text/html; charset=utf-8

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 24 B
378 B 247ms
246ms XHR
application/json 13.78.111.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.0.2&apikey=aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865&upload-time=1631869424456&ext.intweb.msfpc=GUID%3D10c6fe9cb0c740afbfa43a8611042d78%26HASH%3D10c6%26LV%3D202109%26V%3D4%26LU%3D1631869420871&w=1
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.78.111.199 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 17 Sep 2021 09:03:43 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 117
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://service.onerf.microsoft.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H2 200 / Show response
ing-district.clicktale.net/ctn_v2/wr/ 1 B
100 B 106ms
106ms XHR
text/plain 34.192.66.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ing-district.clicktale.net/ctn_v2/wr/?3470115131491153&1001&11&5&0&2&264&subsid=233396&msgsize=20
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/mscomhp/_scrf/js/themes=default/cf-5e220a/cb-1abbc4?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.66.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-66-233.compute-1.amazonaws.com
Software: /
Resource Hash: 684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1

Request headers

Referer: https://service.onerf.microsoft.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 09:03:45 GMT
content-length: 1
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/1x1clear.gif

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service.onerf.microsoft.com/en-us	1969-12-31 23:59:59	Name: ONERFSSO Value: 1
service.onerf.microsoft.com/	1969-12-31 23:59:59	Name: isFirstSession Value: 1
.microsoft.com/	1970-01-20 06:46:37	Name: MUID Value: 3C90B62659596C40371EA69358146DF3
service.onerf.microsoft.com/	1970-01-20 06:03:25	Name: X-FD-FEATURES Value: ids=atperf680t2%2c10718t1%2c13144t1%2c13151b%2ctasmigration010%2ccartemberpl%2c12944t1%2cdisablenorefunds%2cdaconvertenabled%2cenablescarlettmetadata%2credirecttogarrison&imp=76c36e3d-7c16-4e6e-ab0a-1e0260f3e922
service.onerf.microsoft.com/	1970-01-19 21:17:49	Name: X-FD-Time Value: 1
.microsoft.com/	1969-12-31 23:59:59	Name: at_check Value: true
service.onerf.microsoft.com/	1970-01-20 06:03:25	Name: MicrosoftApplicationsTelemetryDeviceId Value: 1c9f9c7d-c029-4262-9353-3519f6622617
service.onerf.microsoft.com/	1970-01-19 21:17:51	Name: ai_session Value: DV6Z3x4KJmADbJ2obQDyP9\|1631869418325\|1631869418325
.demdex.net/	1970-01-20 01:37:01	Name: demdex Value: 73269857536323916193908179334516605745
.microsoft.com/	1969-12-31 23:59:59	Name: AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 06:03:25	Name: everest_g_v2 Value: g_surferid~YURZ6gAAAGeddgQE
.dpm.demdex.net/	1970-01-20 01:37:01	Name: dpm Value: 73269857536323916193908179334516605745
.microsoft.com/	1970-01-20 06:47:39	Name: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18888%7CMCMID%7C72807902574905038843934064651601537598%7CMCAAMLH-1632474218%7C6%7CMCAAMB-1632474218%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1631876618s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18895%7CvVersion%7C4.4.0
.mathtag.com/	1970-01-20 06:43:44	Name: uuid Value: 3e916144-59ea-4200-af6c-eee2199805c9
.microsoft.com/	1970-01-20 06:47:36	Name: mbox Value: session#a2a75fb2ffe94d3ab4617001cd2470a1#1631871279\|PC#a2a75fb2ffe94d3ab4617001cd2470a1.37_0#1666056117
.adnxs.com/	1970-01-19 23:27:25	Name: uuid2 Value: 603108474039718461
.rlcdn.com/	1970-01-20 06:03:25	Name: rlas3 Value: Q/AOEdzyXWlm5a3oq9rY/v5Hu0TvAPrD9X/iAMguRZM=
.rlcdn.com/	1970-01-19 22:44:13	Name: pxrc Value: COqzkYoGEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-20 06:39:25	Name: IDE Value: AHWqTUk-6u9vAxnyS-4MumslUZyDJSQRCxzUwRzTbp7fr4MyIk_d07t_Y8BBvCwk0GY
.microsoft.com/	1970-01-20 06:47:13	Name: _cs_c Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: fa009869605d4a6b908baa420e979780
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=74335&lt=1631869418&co=1
.bing.com/	1970-01-20 06:39:25	Name: MUID Value: 3C90B62659596C40371EA69358146DF3
.c.bing.com/	1970-01-20 06:39:25	Name: SRM_B Value: 3C90B62659596C40371EA69358146DF3
.c.bing.com/	1970-01-20 06:39:25	Name: SRM_I Value: 3C90B62659596C40371EA69358146DF3
.c1.microsoft.com/	1969-12-31 23:59:59	Name: SM Value: C
.c1.microsoft.com/	1970-01-19 21:17:50	Name: ANONCHK Value: 0
.microsoft.com/	1969-12-31 23:59:59	Name: _cs_cvars Value: %7B%221%22%3A%5B%22signedInStatus%22%2C%22false%22%5D%7D
.microsoft.com/	1970-01-20 06:47:13	Name: _cs_id Value: f015ac2e-6679-a2d6-b8a6-8f9d54654cdd.1631869418.1.1631869418.1631869418.1613561419.1666033418974
.microsoft.com/	1970-01-19 21:17:51	Name: _cs_s Value: 1.1.0.1631871218975
.cdnssl.clicktale.net/	1969-12-31 23:59:59	Name: _cs_cvars___2422 Value: %7B%221%22%3A%5B%22signedInStatus%22%2C%22false%22%5D%7D
.cdnssl.clicktale.net/	1970-01-20 06:47:13	Name: _cs_id___2422 Value: f015ac2e-6679-a2d6-b8a6-8f9d54654cdd.1631869418.1.1631869418.1631869418.1613561419.1666033418974
.cdnssl.clicktale.net/	1970-01-19 21:17:51	Name: _cs_s___2422 Value: 1.1.0.1631871218975
.twitter.com/	1970-01-20 14:49:01	Name: personalization_id Value: "v1_ymR+iL4KHQNZatAz7EPuWg=="
.rfihub.com/	1970-01-20 06:39:25	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDA0NTI2NDE1tBDiM9StKvUKcwu3sPSIyIyU4jU0Mza0MLM0MbQ0MjcGAN8Rc1k0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDA0NTI2NDE1tBDiM9StKvUKcwu3sPSIyIwEAC95ItMlAAAA
.rfihub.com/	1970-01-20 06:39:25	Name: eud Value: H4sIAAAAAAAAAFvFxGtoZmxoYWZpYmhpZG4CAAcbkagQAAAA
.microsoft.com/	1970-01-19 22:01:01	Name: _CT_RS_ Value: Recording
.microsoft.com/	1970-01-20 06:03:25	Name: WRUIDCD29072020 Value: 3470115131491153
.microsoft.com/	1970-01-20 06:03:25	Name: __CT_Data Value: gpv=1&ckp=tld&dm=microsoft.com&apv_1001_www32=1&cpv_1001_www32=1&rpv_1001_www32=1
.adsrvr.org/	1970-01-20 06:03:25	Name: TDID Value: 05b4c399-45a7-468f-8cce-9c53ad81d3a5
.adsrvr.org/	1970-01-20 06:03:25	Name: TDCPM Value: CAESEgoDYWFtEgsIpM26qoLx_DkQBRgFIAEoAjILCMTin9eY8fw5EAU4AQ..
.quantserve.com/	1970-01-19 23:27:25	Name: d Value: EOwBDAGiJLmvYA
.quantserve.com/	1970-01-20 06:48:03	Name: mc Value: 614459eb-74019-e543d-fe78d
.flashtalking.com/	1970-01-20 14:49:01	Name: flashtalkingad1 Value: "GUID=50083D2EA9AE22"
.tribalfusion.com/	1970-01-19 23:27:25	Name: ANON_ID Value: axntmIsKBRgFmDqU7pevOb3yJt54DHjZdpZdyFX3eUGRPXEU2xefTZaJ8jiO2TRxu6mLMBGT30HZbN5b7b4t2CtKoQyG
.owneriq.net/	1970-01-20 14:49:01	Name: si Value: Q6851558201126812155
.owneriq.net/	1970-01-19 21:32:13	Name: p2 Value: adpq
.3lift.com/	1970-01-19 23:27:25	Name: tluid Value: 15289153132202586867
.yahoo.com/	1970-01-20 06:03:47	Name: A3 Value: d=AQABBOxZRGECEJ87L5AwjTCQx68E-HvnTZ8&S=AQAAAmthqbwTh0R-QCaIsZXDCrE
.postrelease.com/	1970-01-20 06:03:25	Name: opt_out Value: 1
.crwdcntrl.net/	1970-01-20 03:46:37	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:46:37	Name: _cc_id Value: e59c4553db39384f00d1b77fd222c780
.crwdcntrl.net/	1970-01-20 03:46:37	Name: _cc_cc Value: "ACZ4XmNQSDW1TDYxNTVOSTK2NLYwSTMwSDFMMjdPSzEyMko2tzBgAIJEl8g3IBoKAEuNCnA%3D"
.crwdcntrl.net/	1970-01-20 03:46:37	Name: _cc_aud Value: "ABR4XmNgYGBIdIl8A6SgAAAXJAHr"
.casalemedia.com/	1970-01-20 06:03:25	Name: CMID Value: YURZ7ZJnUPGQiuGwnOER6gAA
.casalemedia.com/	1970-01-19 23:27:25	Name: CMPS Value: 5231
.casalemedia.com/	1970-01-19 23:27:25	Name: CMPRO Value: 1125
.casalemedia.com/	1970-01-20 06:03:25	Name: CMRUM3 Value: 58614459ed2760YURZ6gAAAGeddgQE
.casalemedia.com/	1970-01-19 21:19:15	Name: CMST Value: YURZ7WFEWe0A
.adnxs.com/	1970-01-19 23:27:25	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?hv7b@$!]tbPl1MwL(!R7qUY$u>rB.tYWJX5G1d-IX[BqdgsMdE/X%W#.wL5oa9/sZwfzrVv>KM4?QuX(Q67Oe!@H0H^2Ui
.microsoft.com/	1970-01-20 06:03:25	Name: MC1 Value: GUID=10c6fe9cb0c740afbfa43a8611042d78&HASH=10c6&LV=202109&V=4&LU=1631869420871
.microsoft.com/	1970-01-19 21:17:51	Name: MS0 Value: 7d40ad7dbf26449385fda06e9bf8550d
service.onerf.microsoft.com/	1970-01-20 06:03:25	Name: MSFPC Value: GUID=10c6fe9cb0c740afbfa43a8611042d78&HASH=10c6&LV=202109&V=4&LU=1631869420871
.openx.net/	1970-01-20 06:03:25	Name: i Value: cd48697d-6f03-471a-b622-ae64a4048c81\|1631869421
.pubmatic.com/	1970-01-19 23:27:25	Name: KRTBCOOKIE_218 Value: 22978-YURZ6gAAAGeddgQE&KRTB&23194-YURZ6gAAAGeddgQE&KRTB&23209-YURZ6gAAAGeddgQE&KRTB&23244-YURZ6gAAAGeddgQE
.pubmatic.com/	1970-01-19 22:01:01	Name: PugT Value: 1631869421
.pubmatic.com/	1970-01-19 23:27:25	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 06:03:29	Name: audience Value: 2764d0b8-1796-11ec-a8ae-1ef5e1e50306
.demdex.net/	1970-01-20 01:37:01	Name: dextp Value: 269-1-1631869418490\|358-1-1631869418592\|477-1-1631869418696\|771-1-1631869418797\|782-1-1631869418910\|992-1-1631869419018\|1123-1-1631869419119\|1121-1-1631869419220\|903-1-1631869419321\|1175-1-1631869419422\|1957-1-1631869419523\|3047-1-1631869419623\|22054-1-1631869419724\|30646-1-1631869419833\|53196-1-1631869419936\|38117-1-1631869420037\|57282-1-1631869420138\|49276-1-1631869420239\|72352-1-1631869420339\|81309-1-1631869420441\|121998-1-1631869420542\|144228-1-1631869420642\|144229-1-1631869420745\|144230-1-1631869420846\|144231-1-1631869420947\|144232-1-1631869421048\|144233-1-1631869421149\|144234-1-1631869421250\|144235-1-1631869421351\|144236-1-1631869421452\|144237-1-1631869421553\|147592-1-1631869421654\|139200-1-1631869421755\|390122-1-1631869421856
.amazon-adsystem.com/	1970-01-20 02:00:03	Name: ad-id Value: A6psXE-iF0GUhJ-Uad7dnv4
.amazon-adsystem.com/	1970-01-21 17:27:25	Name: ad-privacy Value: 0
sync.srv.stackadapt.com/	1970-01-20 06:03:25	Name: sa-user-id Value: s%3A0-6d3107e5-cf23-415b-6056-0804e2d9c7d8.UkuL%2FO0YoQENpaR5VN1MUHG1kzI45p5DZAWFCRsrzU4
.srv.stackadapt.com/	1970-01-20 06:03:25	Name: sa-user-id-v2 Value: s%3A0-6d3107e5-cf23-415b-6056-0804e2d9c7d8%24ip%24216.131.114.84.htPFK3cVeiobnqTg%2F45XathtJm8z62VHh6RR1rmbRSI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
analytics.twitter.com
browser.events.data.microsoft.com
bttrack.com
c.bing.com
c.clicktale.net
c.s-microsoft.com
c1.microsoft.com
cdnssl.clicktale.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dmpsync.3lift.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
img-prod-cms-rt-microsoft-com.akamaized.net
ing-district.clicktale.net
jadserve.postrelease.com
login.live.com
logincdn.msauth.net
match.adsrvr.org
mem.gfx.ms
mscom.demdex.net
msftenterprise.sc.omtrdc.net
p.rfihub.com
pixel.quantserve.com
pixel.rubiconproject.com
px.owneriq.net
rtb.adentifi.com
rtd-tm.everesttech.net
rtd.tubemogul.com
s.amazon-adsystem.com
s.tribalfusion.com
servedby.flashtalking.com
service.onerf.microsoft.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
target.microsoft.com
trc.taboola.com
us-u.openx.net
www.facebook.com
www.microsoft.com
www.microsoft.com
104.111.242.53
104.111.243.12
104.18.11.79
104.18.13.5
104.18.8.110
104.244.42.3
13.107.253.45
13.78.111.199
142.250.185.226
15.236.176.210
151.101.129.44
151.101.2.49
151.101.66.49
18.200.208.216
185.29.134.248
185.64.190.80
185.94.180.126
192.132.33.46
192.229.221.185
193.0.160.128
2.16.186.24
2.18.233.62
2.18.234.21
204.79.197.200
209.197.3.19
212.82.100.182
3.217.216.1
3.228.133.61
31.13.92.36
34.192.66.233
34.241.235.219
34.247.157.93
34.248.191.66
34.98.64.218
35.244.174.68
37.252.172.249
40.126.31.6
40.127.240.222
52.142.114.2
52.209.129.133
52.213.161.66
52.45.16.192
52.46.130.91
69.173.144.165
76.223.111.131
76.223.111.18
91.228.74.133
00a9b88dcacae943bcaa1528280c7bbc6445eacaed1d6d52d3babb03ed08a82b
01eae66478dfb9877f66c50378863b7eeb213a72b478274d389be1da921e2636
05a444ef0a666a01f98a8e0557ac2b08aa5a767ad122e80ceee6fdba3e14aa65
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f92b88cbe427640bb0865a83931b7b1e2eb3681acf030dbc19f8925defa97
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f4a201b5870949ad1aadedc7739c6134e2c3bf17cb87acf67affc98a00dd493
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
16a4b9b119f8ec2d98e854591786a83966b01b4583f255536b63449b992598d3
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
22e7b24da4a2fd2f3856ca79be79ca40c9a6977f17ea0763ec2914c20d874039
29624624a24993591996490ebb7501d24ca7085e12184e3e43d10051a3687ceb
2a8ca9c84724af1818d763ecca8d8d7103611a0b77534461a471223ecab11a00
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
36ba7f8e7880e7a1bd44fe46980ae20b4c3a0159ffcafc4b60245adf85457ee1
39306cc63d33658c1c65b99e03571210736af613fa44a067c370dd32bc754bf9
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
406339f282d02f58281d9492af211480251ad1937f56e89be92cc771e2c5d00d
4386fe79f3f15aba90a1c2f695e753ed33787650be8ca0b92afac4b118bc7e25
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44884d0990a482dd5eebedb8ef5043dbf5460ef472c9ea5eb7c0ae53f05566f8
449446966fc86f9b41fb0a26c27f12253c97e2f57f99804289868c252937fc3a
4a917a67b9b0ef8251500390e94ba937602730e042757dc2a060b64085eedd67
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5ff83c4168dccb1a1dcec97a9c5f826ba01038eda3d5fa3905c559bda488fb
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b2bf14701eb62c3607be197642e0bfbe7aefe0f2fa32c766169e7039e082d0
5c25a68d09403c4046d3530e357dd8dac128ca8e9032aaf9ecc0d3ec2fef8ca5
5f27d796d9ff0f1366b38a4062752e54891be3ca98f59a79721fc9524e086534
674ab08b0861f79fbe6273d213ba4ee5575635344b52a666d23b42331f3fca9e
684888c0ebb17f374298b65ee2807526c066094c701bcc7ebbe1c1095f494fc1
68d929a10c3cd609b936b50a541533994b044b38558a33530ff45d1b420cc07e
69659727defec72885b6b563d627ab760c13d72dc7b104cc72e6fc5aadc0b049
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
71a58e1688b8bb773386c78323c30f10015fda377c8016dbc21607672edaa519
77c8a6f544909c8b61189a5310a8ecfb13fdd0ebd3f9ace526398f4ad8fdaff0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e54882455dfa0a18210c6e7bbe072cad9b74a71a562bd3602e861d9053c377f
83ab695ebe8f0a9bec07a9fdeff455aac41a90b548cded974c42204a8d30a73d
890346a4b280fb25b5315c9294fd076bab64ed0d0d63e9cd8f2a9bf4cb7fedd5
8a51fc9883bae76c510d2f4480c9911c4b03a3ed451dff1064e6e7cf9694fb90
90161cac0f88f1ff21edf5b0bb68981019265b64770987d274db025c53c7baee
91584b1a5233c46807a0d3ecc03a77c12e638c4aa74f4c7c08c708b58c3bd7a3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a34899e80ff8632eeb7bb04959e961a8e94f226a96effc2fc9324979e79ef4
a3273c0cf5ab9ecbe74d65761caf773674ef7afff8b4b1d3c8b8c84ef9e67039
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbec7e1a3bb6435104ee7db9c97e72e61babdd6e26716ba1dd9227cced5938cc
bf7635163c0991525863f3b5eb809ab7770fcdd92de0e916c162b8f1fbb71b1a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e2686625d5b0b8bac360e3bad3d95c67cf204e22e82fa7ec239b12c8b2d1af
c74029cbf99dfacf7ed78388fd5a2bf1466b71ac7e5bfd140eed4f98cf488864
c8a68d34f86aa62fdbee244638da3a510ccfce0f2c06b15176b4ed7c056d63cb
c8b2571af80bd5d5fe0bf4fbcf33d633c8e38540209d2305f2e5726cdc07362a
c8bd93fe9370530899e0456e64f553f47eba4cc7c87f0b06d936b77ff7eb76fb
c97278b647b81e651a76d05740d7e13a3a6b7e7dc5f4b7c67330a734882aa683
cbe8b29defd685d7616c18628f34aafacd32af3045b20a5b9efb7d8027a25339
de579f30bd6a5519796c9000ee1408fa440dd4fecb3d7ad64a5a816eea3b9a30
de9d34e28176fced89c5b0f2454b1b51db8b192520f75082e0d92004593a1b6e
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e292eebe3d0c9dafcac6a34a69ebc11aaceef536a6edd19d32dbaee0453d28d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb2b7845117b529445b00bf807dc366d6fc6fdc50ac528a50cde1126ae9d3313
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef947c2450728f1ac8a89a4db8124d5a801f271d685774f2a570561f764ff230
eff04bd731cd18a4934ee4dd510d0b066b6ae4acb215a93e79800e26f5ea8786
f1612c3696a257a1381e208e67ff67c762c6b0838a0c6a57fff0b4a3a679aff3
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f78abefb134c55a755d912078da2351d4193b7904d41c3a426fa440c68ea06a3
f90cd4a62a8507adf31fcbd98021d21ada7f155b27a5df2875eb166f76fd16ce
fd1d4dec1f814e1ea8638db1ae3cf427c43aa487615fcb6e8dce629609079838
ffc4fe1e7daa518c41407bdf5abcfa11a9aedd2aa0c6cbe1c5bd6c74ac16c0e3

service.onerf.microsoft.com Open in urlscan Pro 40.127.240.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

96 %HTTPS

0 %IPv6

40 Domains

50 Subdomains

34 IPs

8 Countries

1241 kBTransfer

3157 kBSize

74 Cookies

128 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

service.onerf.microsoft.com Open in urlscan Pro
40.127.240.222 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

96 %
HTTPS

0 %
IPv6

40
Domains

50
Subdomains

34
IPs

8
Countries

1241 kB
Transfer

3157 kB
Size

74
Cookies

114 HTTP transactions
1 data transactions