www.microsoft.com
Open in
urlscan Pro
2600:141b:1c00:2489::356e
Public Scan
Effective URL: https://www.microsoft.com/en-us/p/gamepass-perks-500-minecoins/9n2wbn63x8vr?ranMID=24542&ranEAID=lw9MynSeamY&ranSiteID=lw9...
Submission: On May 19 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on September 14th 2023. Valid for: a year.
This is the only time www.microsoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 71.79.212.35.bc.googleusercontent.com
click.linksynergy.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-168-192.compute-1.amazonaws.com
microsoft.msafflnk.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net |
ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net |
ASN20940 (AKAMAI-ASN1, NL)
store-images.s-microsoft.com |
ASN20940 (AKAMAI-ASN1, NL)
store-images.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com | |
mem.gfx.ms | |
www.clarity.ms |
ASN16509 (AMAZON-02, US)
cdnssl.clicktale.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-29-196.compute-1.amazonaws.com
mscom.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-141-54.compute-1.amazonaws.com
c.clicktale.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-235-169.compute-1.amazonaws.com
mscom.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-121-222.eu-west-1.compute.amazonaws.com
l.clicktale.net |
ASN20940 (AKAMAI-ASN1, NL)
query.prod.cms.rt.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c1.microsoft.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com | |
bat.bing.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-176-175.compute-1.amazonaws.com
srm.bf.contentsquare.net |
ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-24.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
adservice.google.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-252-122.compute-1.amazonaws.com
ats.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net
www.google.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-125-9.compute-1.amazonaws.com
microsoft.msafflnk.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
microsoft.com
2 redirects
www.microsoft.com — Cisco Umbrella Rank: 374 store-images.microsoft.com — Cisco Umbrella Rank: 19753 browser.events.data.microsoft.com — Cisco Umbrella Rank: 107 query.prod.cms.rt.microsoft.com — Cisco Umbrella Rank: 3663 c1.microsoft.com — Cisco Umbrella Rank: 9988 |
1 MB |
10 |
clicktale.net
cdnssl.clicktale.net — Cisco Umbrella Rank: 6002 c.clicktale.net — Cisco Umbrella Rank: 6462 l.clicktale.net — Cisco Umbrella Rank: 70077 |
108 KB |
7 |
s-microsoft.com
store-images.s-microsoft.com — Cisco Umbrella Rank: 4564 c.s-microsoft.com — Cisco Umbrella Rank: 6118 |
234 KB |
6 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
496 B |
5 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419 |
3 KB |
5 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 712 |
150 KB |
5 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 231 bat.bing.com — Cisco Umbrella Rank: 345 |
16 KB |
4 |
doubleclick.net
4 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 |
97 B |
4 |
gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 3766 |
86 KB |
3 |
msafflnk.net
2 redirects
microsoft.msafflnk.net — Cisco Umbrella Rank: 142318 |
3 KB |
2 |
clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743 |
27 KB |
2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 165 www.google.com — Cisco Umbrella Rank: 2 |
127 B |
2 |
live.com
1 redirects
login.live.com — Cisco Umbrella Rank: 80 |
1 KB |
2 |
demdex.net
mscom.demdex.net — Cisco Umbrella Rank: 8162 |
632 B |
2 |
akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1863 |
8 KB |
2 |
ojrq.net
1 redirects
www.ojrq.net — Cisco Umbrella Rank: 5551 |
1 KB |
1 |
everesttech.net
ats.everesttech.net — Cisco Umbrella Rank: 16057 |
1 KB |
1 |
impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 4072 |
16 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
47 KB |
1 |
contentsquare.net
srm.bf.contentsquare.net — Cisco Umbrella Rank: 7906 |
95 B |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 644 |
42 KB |
1 |
onestore.ms
assets.onestore.ms — Cisco Umbrella Rank: 14399 Failed |
7 KB |
1 |
linksynergy.com
1 redirects
click.linksynergy.com — Cisco Umbrella Rank: 36629 |
1 KB |
82 | 23 |
Domain | Requested by | |
---|---|---|
17 | www.microsoft.com |
1 redirects
www.microsoft.com
cdnssl.clicktale.net |
7 | browser.events.data.microsoft.com |
www.microsoft.com
cdnssl.clicktale.net |
6 | www.facebook.com | |
5 | analytics.tiktok.com |
www.microsoft.com
analytics.tiktok.com |
5 | c.clicktale.net |
www.microsoft.com
|
5 | store-images.s-microsoft.com |
www.microsoft.com
|
4 | bat.bing.com |
www.microsoft.com
bat.bing.com |
4 | cdnssl.clicktale.net |
www.microsoft.com
cdnssl.clicktale.net |
4 | mem.gfx.ms |
www.microsoft.com
mem.gfx.ms |
3 | ad.doubleclick.net | 3 redirects |
3 | px.ads.linkedin.com | 3 redirects |
3 | microsoft.msafflnk.net |
2 redirects
cdnssl.clicktale.net
|
2 | www.clarity.ms |
bat.bing.com
www.clarity.ms |
2 | c1.microsoft.com | 1 redirects |
2 | login.live.com |
1 redirects
mem.gfx.ms
|
2 | mscom.demdex.net |
www.microsoft.com
|
2 | c.s-microsoft.com |
www.microsoft.com
|
2 | img-prod-cms-rt-microsoft-com.akamaized.net |
www.microsoft.com
|
2 | www.ojrq.net | 1 redirects |
1 | www.google.com | |
1 | googleads.g.doubleclick.net | 1 redirects |
1 | ats.everesttech.net | |
1 | adservice.google.com | |
1 | px4.ads.linkedin.com | |
1 | www.linkedin.com | 1 redirects |
1 | d.impactradius-event.com |
www.microsoft.com
|
1 | www.googletagmanager.com |
query.prod.cms.rt.microsoft.com
|
1 | srm.bf.contentsquare.net |
www.microsoft.com
|
1 | c.bing.com | 1 redirects |
1 | query.prod.cms.rt.microsoft.com |
www.microsoft.com
|
1 | l.clicktale.net | |
1 | js.monitor.azure.com |
mem.gfx.ms
|
1 | assets.onestore.ms |
www.microsoft.com
|
1 | store-images.microsoft.com |
www.microsoft.com
|
1 | click.linksynergy.com | 1 redirects |
82 | 35 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-14 - 2024-09-08 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-01-17 - 2025-01-11 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2024-04-18 - 2025-04-19 |
a year | crt.sh |
store-images.microsoft.com Microsoft Azure ECC TLS Issuing CA 03 |
2024-05-15 - 2025-05-10 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-17 - 2025-03-12 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-03-18 - 2025-03-13 |
a year | crt.sh |
ct-tag.clicktale.net Amazon RSA 2048 M02 |
2024-03-27 - 2025-04-26 |
a year | crt.sh |
wildcard.onestore.ms Microsoft Azure TLS Issuing CA 06 |
2023-09-06 - 2024-06-27 |
10 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
dep.bf.contentsquare.net Amazon RSA 2048 M03 |
2024-02-18 - 2025-03-19 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-08 - 2025-05-08 |
a year | crt.sh |
l.contentsquare.net Amazon RSA 2048 M03 |
2024-03-19 - 2025-04-18 |
a year | crt.sh |
*.prod.cms.rt.microsoft.com Microsoft Azure ECC TLS Issuing CA 02 |
2023-06-20 - 2024-06-14 |
a year | crt.sh |
srm.bf.contentsquare.net Amazon RSA 2048 M02 |
2023-11-07 - 2024-12-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA |
2023-12-08 - 2025-01-06 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 02 |
2024-05-01 - 2024-06-27 |
2 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-26 - 2024-05-26 |
3 months | crt.sh |
*.everesttech.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-03 - 2025-03-05 |
a year | crt.sh |
*.msafflnk.net Amazon RSA 2048 M02 |
2024-05-09 - 2025-06-06 |
a year | crt.sh |
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA |
2023-12-12 - 2025-01-07 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.microsoft.com/en-us/p/gamepass-perks-500-minecoins/9n2wbn63x8vr?ranMID=24542&ranEAID=lw9MynSeamY&ranSiteID=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&epi=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&irgwc=1&OCID=AIDcmm549zy227_aff_7593_1243925&tduid=%28ir__r2r2tkstrokfaw3ogigp6xrjzn2xdr9tpwrkkdum00%29%287593%29%281243925%29%28lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%29%28%29&irclickid=_r2r2tkstrokfaw3ogigp6xrjzn2xdr9tpwrkkdum00
Frame ID: CB4330246D5188CA2E8CC7920B49863F
Requests: 75 HTTP requests in this frame
Frame:
https://www.microsoft.com/en-us/p/onerf/MeSilentPassport?SilentAuth=1
Frame ID: C96C4E4E6CCD88FAD678EE1704F22F92
Requests: 1 HTTP requests in this frame
Frame:
https://mscom.demdex.net/dest5.html?d_nsid=0
Frame ID: 235CEA95975A7B09F3ABEFB0CBF868D6
Requests: 1 HTTP requests in this frame
Frame:
https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=240ff9de-98ee-44c3-96ad-9189cdfaa68b&partnerId=retailstore2
Frame ID: E069D1F64FD04CFD03C675DE25003354
Requests: 1 HTTP requests in this frame
Frame:
https://www.microsoft.com/store/buy/cartcount
Frame ID: 27E7BBB910BB4308376EF459C17B0719
Requests: 1 HTTP requests in this frame
Frame:
https://mem.gfx.ms/me/mecache?partner=retailstore2&wreply=https%3A%2F%2Fwww.microsoft.com
Frame ID: 50E57B845A421239179E0049E347845D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.linksynergy.com/deeplink?u1=8c8ecf4e159d11ef8419d6780b5c71120INT&id=lw9MynSeamY&mid=24542&mu...
HTTP 302
https://microsoft.msafflnk.net/c/1243925/433017/7593?sharedid=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&subid2=245... HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fmicrosoft.msafflnk.net%2Fc%2F1243925%2F433017%2F7593... HTTP 302
https://microsoft.msafflnk.net/c/1243925/433017/7593?sharedid=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&subid2=245... HTTP 301
https://www.microsoft.com/en-us/p/gamepass-perks-500-minecoins/9n2wbn63x8vr?ranMID=24542&ranEAID=lw9My... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.linksynergy.com/deeplink?u1=8c8ecf4e159d11ef8419d6780b5c71120INT&id=lw9MynSeamY&mid=24542&murl=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fp%2Fgamepass-perks-500-minecoins%2F9n2wbn63x8vr
HTTP 302
https://microsoft.msafflnk.net/c/1243925/433017/7593?sharedid=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&subid2=24542&subid3=208164&u=https%3A%2F%2Fwww.microsoft.com%2Fen%2Dus%2Fp%2Fgamepass%2Dperks%2D500%2Dminecoins%2F9n2wbn63x8vr%3FranMID=24542%26ranEAID=lw9MynSeamY%26ranSiteID=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%26epi=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fmicrosoft.msafflnk.net%2Fc%2F1243925%2F433017%2F7593%3Fsharedid%3Dlw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%26subid2%3D24542%26subid3%3D208164%26u%3Dhttps%253A%252F%252Fwww.microsoft.com%252Fen%252Dus%252Fp%252Fgamepass%252Dperks%252D500%252Dminecoins%252F9n2wbn63x8vr%253FranMID%3D24542%2526ranEAID%3Dlw9MynSeamY%2526ranSiteID%3Dlw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%2526epi%3Dlw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%26level%3D1&cid=7593&tpsync=yes&auth=5748fdc6aab168d4 HTTP 302
https://microsoft.msafflnk.net/c/1243925/433017/7593?sharedid=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&subid2=24542&subid3=208164&u=https%3A%2F%2Fwww.microsoft.com%2Fen%2Dus%2Fp%2Fgamepass%2Dperks%2D500%2Dminecoins%2F9n2wbn63x8vr%3FranMID=24542%26ranEAID=lw9MynSeamY%26ranSiteID=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%26epi=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&level=1&brwsr=98a62aa2-159d-11ef-90d4-63d91c866b1b&brwsrsig=Q6GR9s1aMV8fRNZW-I09PRLVQPoWDX HTTP 301
https://www.microsoft.com/en-us/p/gamepass-perks-500-minecoins/9n2wbn63x8vr?ranMID=24542&ranEAID=lw9MynSeamY&ranSiteID=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&epi=lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ&irgwc=1&OCID=AIDcmm549zy227_aff_7593_1243925&tduid=%28ir__r2r2tkstrokfaw3ogigp6xrjzn2xdr9tpwrkkdum00%29%287593%29%281243925%29%28lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ%29%28%29&irclickid=_r2r2tkstrokfaw3ogigp6xrjzn2xdr9tpwrkkdum00 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://www.microsoft.com/en-us/p/onerf/MeSilentPassport HTTP 302
- https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=152&checkda=1&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3a%2f%2fwww.microsoft.com%2fen-us%2fp%2fonerf%2fMeSilentPassport%3fSilentAuth%3d1&lc=1033&id=74335 HTTP 302
- https://www.microsoft.com/en-us/p/onerf/MeSilentPassport?SilentAuth=1
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
- https://c.bing.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=44129B0C67C140DA85029F2AA32CCA17&RedC=c1.microsoft.com&MXFR=33921C1FEDC169020BA6089BEC8E686C HTTP 302
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&ctsa=mr&CtsSyncId=44129B0C67C140DA85029F2AA32CCA17&MUID=33921C1FEDC169020BA6089BEC8E686C
- https://px.ads.linkedin.com/collect/?pid=7850&fmt=gif HTTP 302
- https://px.ads.linkedin.com/collect/?pid=7850&fmt=gif&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D7850%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect/?pid=7850&fmt=gif&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect/?pid=7850&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQJH1K8NQ7ERBgAAAY-PPun9eskyXIezv8l_n8DA2mUHLpMfBH4PodhJDqYBVKAwotnRVQ
- https://ad.doubleclick.net/ddm/activity/src=8406727;type=wsft;cat=pdv_dgtl;u1=US;u2=en-us;u20=9N2WBN63X8VR-0010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=843396453324.0923 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=8406727;dc_pre=CJbN_e34mIYDFcDEwgQd050GPw;type=wsft;cat=pdv_dgtl;u1=US;u2=en-us;u20=9N2WBN63X8VR-0010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=843396453324.0923 HTTP 302
- https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDg0MDY3MjcKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL21pY3Jvc29mdC5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogMTQ0ODM3MTY2NjE4OTE2NTY0OApjdGNfY29udmVyc2lvbl9idWNrZXQ6IDIKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3MDQ1NDEwCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTA1LTE5IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTM2ODcwOTEyCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDQ0NDM1MTA0MTg4MzU1MjkxODgKZ2FpYV9tb2RlOiBmYWxzZQplY2hvX3NlcnZlcl9hY3Rpb246IEVDSE9fU0VSVkVSX0FDVElPTl9GT1JDRV9ERUxFR0FURURfQVJBCnJlZGlyZWN0X3VybF9mcm9tX2VjaG9fc2VydmVyOiAiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbS9kZG0vZmxzL3ovc3JjPTg0MDY3Mjc7ZGNfcHJlPUNKYk5fZTM0bUlZREZjREV3Z1FkMDUwR1B3O3R5cGU9d3NmdDtjYXQ9cGR2X2RndGw7dTE9VVM7dTI9ZW4tdXM7dTIwPTlOMldCTjYzWDhWUi0wMDEwO2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD04NDMzOTY0NTMzMjQuMDkyMyIKYWdncmVnYXRpb25fY29vcmRpbmF0b3I6IEFHR1JFR0FUSU9OX0NPT1JESU5BVE9SX0FXUwo HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8406727;dc_pre=CJbN_e34mIYDFcDEwgQd050GPw;type=wsft;cat=pdv_dgtl;u1=US;u2=en-us;u20=9N2WBN63X8VR-0010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=843396453324.0923
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fp%2Fgamepass-perks-500-minecoins%2F9n2wbn63x8vr&data=ecomm_pagetype%3Dproduct%3Becomm_prodid%3D9N2WBN63X8VR-0010 HTTP 302
- https://www.google.com/pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fp%2Fgamepass-perks-500-minecoins%2F9n2wbn63x8vr&data=ecomm_pagetype%3Dproduct%3Becomm_prodid%3D9N2WBN63X8VR-0010&is_vtc=1&cid=CAQSGwDaQooLQcg4B7p4SnijPxE8LMfhyOW2vQ1wqA&random=208567114
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
9n2wbn63x8vr
www.microsoft.com/en-us/p/gamepass-perks-500-minecoins/ Redirect Chain
|
105 MB 688 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ |
22 KB 23 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skiptomain
www.microsoft.com/mwf/css/MWF_20200416_22921869/west-european/store-web-default/actionmenu/additionalinformation/agegate/alert/autosuggest/button/contenttoggle/dialog/divider/flyout/glyph/heading/i... |
425 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd-1e9392
www.microsoft.com/onerfstatics/sfweusprod/west-european/store/_scrf/css/themes=store-web-default.device=uplevel_web_pc_webkit_chrome/38-4efb3b/7a-90d739/d9-62674f/8d-afab78/ca-0799a7/e3-105581/2c-e... |
356 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
www.microsoft.com/onerfstatics/sfweusprod/_h/dfa0b592/coreui.statics/externalscripts/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a4-2aa9e7
www.microsoft.com/onerfstatics/sfweusprod/store/_scrf/js/themes=store-web-default/b0-d12d52/36-11bf01/c7-5543d7/4e-8e1a50/f4-a0ea0d/b3-579d9c/75-bebed0/c2-370434/6f-bf5d0f/ea-315ddf/2e-e273bf/17-02... |
610 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be-6bd2bc
www.microsoft.com/onerfstatics/sfweusprod/store/_scrf/js/themes=store-web-default/6e-4d78d9/ |
207 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skiptomain
www.microsoft.com/mwf/js/MWF_20200416_22921869/actionmenu/additionalinformation/agegate/alert/autosuggest/button/contenttoggle/dialog/divider/flyout/glyph/heading/image/list/metadatabadge/multislid... |
149 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meversion
mem.gfx.ms/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.12127.13948657971573684.36e06397-d8bc-4bbb-95ba-da78bf285191.4ed5dab7-6500-4c26-93f5-287978eb2579
store-images.s-microsoft.com/image/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.56093.image.e3da543f-ed61-47ce-bc12-683dab90c502.5e57d206-3b82-4a7b-9b98-d1548cd450a8
store-images.microsoft.com/image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blender.min.js
www.microsoft.com/uniblends/scripts/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1x1clear.gif
assets.onestore.ms/cdnfiles/sfw-service-web-onestore-onerf-2024-4-9-1/store/common/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.47750.13948657971573684.36e06397-d8bc-4bbb-95ba-da78bf285191.25ef9302-30d1-4b6e-b2b6-96b5fc9a56d1
store-images.s-microsoft.com/image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.63804.13948657971573684.36e06397-d8bc-4bbb-95ba-da78bf285191.bf3c65f7-3203-4d2e-9ac2-fc62ac6072fd
store-images.s-microsoft.com/image/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.30139.13948657971573684.36e06397-d8bc-4bbb-95ba-da78bf285191.eea26361-8736-4baa-b493-0e2ae2ca2947
store-images.s-microsoft.com/image/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.31052.13948657971573684.36e06397-d8bc-4bbb-95ba-da78bf285191.e9634714-edc9-4878-906b-3bc5ff87a357
store-images.s-microsoft.com/image/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 763 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.shared.analytics.mectrl-3.gbl.min.js
js.monitor.azure.com/scripts/c/ |
90 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05d32363-d534-4d93-9b65-cde674775e71.js
cdnssl.clicktale.net/www32/ptc/ |
360 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
audiencemanager.js
www.microsoft.com/onerfstatics/sfweusprod/_h/dc72b3a1/onerf.onestore/externalscripts/store/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.24086.4/en-US/ |
199 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.min.js
www.microsoft.com/onerfstatics/sfweusprod/_h/dffac2fc/coreui.statics/externalscripts/react/16.9.0/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-dom.min.js
www.microsoft.com/onerfstatics/sfweusprod/_h/38e1bbbb/coreui.statics/externalscripts/react/16.9.0/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
assets.onestore.ms/cdnfiles/external/ajax/jquery.validate/1.13.1/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
mscom.demdex.net/ |
2 B 632 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
358 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05d32363-d534-4d93-9b65-cde674775e71.js
cdnssl.clicktale.net/ptc/ |
31 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
81ffbbaa-7185-4a8c-95b2-d06ccd92b54b
https://www.microsoft.com/ |
7 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05d32363-d534-4d93-9b65-cde674775e71.js
cdnssl.clicktale.net/pcc/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bridge-WR110.js
cdnssl.clicktale.net/www/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageview
c.clicktale.net/ |
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageEvent
c.clicktale.net/ |
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageEvent
c.clicktale.net/ |
0 321 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dvar
c.clicktale.net/ |
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MeSilentPassport
www.microsoft.com/en-us/p/onerf/ Frame C96C Redirect Chain
|
13 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
mscom.demdex.net/ Frame 235C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
me.srf
login.live.com/ Frame E069 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.24086.4/en-US/ |
98 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dvar
c.clicktale.net/ |
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cartcount
www.microsoft.com/store/buy/ Frame 27E7 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RW1iGSh
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
l.clicktale.net/log/ |
0 208 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RWvdHS
query.prod.cms.rt.microsoft.com/cms/api/am/binary/ |
321 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 235 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c1.microsoft.com/ Redirect Chain
|
42 B 444 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
exist
srm.bf.contentsquare.net/ |
2 B 95 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
123 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A1133099-331c-4cdf-89b0-06dc20e168021.js
d.impactradius-event.com/ |
38 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 32 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 32 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 32 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 270 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr
www.facebook.com/ |
0 32 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
px4.ads.linkedin.com/collect/ Redirect Chain
|
43 B 575 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src=8406727;dc_pre=CJbN_e34mIYDFcDEwgQd050GPw;type=wsft;cat=pdv_dgtl;u1=US;u2=en-us;u20=9N2WBN63X8VR-0010;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=843396453324.0923
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ats
ats.everesttech.net/ats/ |
807 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/923371515/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GenerateAntiforgeryToken
www.microsoft.com/store/api/ |
0 764 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mecache
mem.gfx.ms/me/ Frame 50E5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4000034.js
bat.bing.com/p/action/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 359 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 241 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7593
microsoft.msafflnk.net/xur/ |
119 B 1010 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWNkMWZjOGNjMA.js
analytics.tiktok.com/i18n/pixel/static/ |
411 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.ojrq.net/p/ |
50 B 468 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4000034
www.clarity.ms/tag/uet/ |
702 B 960 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_93546.js
analytics.tiktok.com/i18n/pixel/static/ |
139 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 842 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.34/ |
61 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
24 B 96 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
25 B 96 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 844 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.microsoft.com/ |
4 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assets.onestore.ms
- URL
- https://assets.onestore.ms/cdnfiles/sfw-service-web-onestore-onerf-2024-4-9-1/store/common/images/1x1clear.gif
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
61 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.microsoft.com/en-us/p/gamepass-perks-500-minecoins | Name: ONERFSSO Value: 1 |
|
.linksynergy.com/ | Name: lsn_statp Value: *sqchBYAAABXv91zPPnvaQ%3D%3D |
|
.linksynergy.com/ | Name: rmuid Value: 2e984af7-d9be-4f33-a125-1143b182b876 |
|
.linksynergy.com/ | Name: lsclick_mid24542 Value: "2024-05-19 05:06:46.413|lw9MynSeamY-16nw.Eq0im_78Vkdy0dBFQ" |
|
.ojrq.net/ | Name: brwsr Value: 98a62aa2-159d-11ef-90d4-63d91c866b1b |
|
microsoft.msafflnk.net/ | Name: AWSALB Value: KXqvYJuyCZ+30XsD//2NTcRYgYFq4nVo0150qlJxUVqhPWjysPlaF82vsbNvohAeDn8atxYkm7GfU8cikGRbKjK8Q0oSXBmZMj2yopMozwG5whsT4j942HKf+TKc |
|
.msafflnk.net/ | Name: brwsr Value: 98a62aa2-159d-11ef-90d4-63d91c866b1b |
|
microsoft.msafflnk.net/ | Name: irld Value: LQMmT1rV%3AY2VbU7FRXRxmU3I4UZwRdEWGlQeHQSbWx0zsA14b |
|
www.microsoft.com/ | Name: isFirstSession Value: 1 |
|
.microsoft.com/ | Name: MUID Value: 33921C1FEDC169020BA6089BEC8E686C |
|
www.microsoft.com/ | Name: X-FD-FEATURES Value: ids=msnallexpusers%2cprg-sp-liveapi%2cprg-sh-bd-tprt%2cprg-bd-top-f2%2cprg-sh-bd-df2%2cads-sbww-si397-com-c%2cc-prg-1sw-cusir%2cprg-river-infod2%2cprg-river-infodl%2ccartemberpl%2cdisablenorefunds%2cdaconvertenabled%2cads-prec-fix-c%2cdatacollection%2cprg-sh-fashnds%2cshstrdealnd-c%2cenablescarlettmetadata%2cprg-1sw-saqnonpolc%2cprg-1sw-sa-golden-en-1t43%2cprg-1sw-sa-prel2filtert%2cprg-1sw-sarevcalicc%2cprg-pw-infopane-c%2cprg-cg-ntv-ad-shrlne%2cprg-1sw-hupsell-tr3%2cprg-1sw-hupsell-3%2cprg-1sw-hupsell-tip%2c1s-p1-cgtab-r1p-ctr%2c1s-eaop1%2cprg-1sw-bknpani%2cprg-1sw-fipthp7%2cprg-pr2-widget-tab%2cprg-pr2-fipthc6%2c1s-p2-cgtab-ctr%2cprg-ad-1s-va%2c1s-ads-ntpvertical%2csha-exp-inlyi9j7ql%2cenablesaturn%2c1s-shp-rc-t-rx0500%2c1s-shp-xp-cetp05%2c1s-shp-xp-cimp00%2c1s-shp-xp-doscsche%2c1s-shp-xp-encareco%2cprg-1sw-ccl0-swi1%2cdisableapprestore%2c1s-ntf2-rcdb%2c1s-wpo-pr2-dfcd5%2cprg-pr2-noreqcap%2cusewsasmodecheck%2cprg-cg-seclarity%2cprg-cg-cmga%2cprg-cg-cmgroupa%2ccjhii185%2cprg-pr2-edgeprotocol%2cwsaenabledforusonly%2cprg-1sw-tbr11cocapnt1%2c1s-ntf2-tbr11m1cap%2c1s-sports-recov2%2cprg-1sw-ofet%2cprg-spr-dcsp%2cdisableiapreactcf%2c1s-wpo-pr1-3col-t1%2cprg-2unified-cq-ts-c%2c1s-prg-p2-wxlargecddl%2c1s-wpo-pr2-largewea%2cprg-p2-dlmap%2cprg-p2-wxlargecd%2cdisablebinglinkrestoretf%2cprg-chnl-umf-follow%2cprg-1sw-wxmptreplace%2cprg-cg-notf-landing-t%2cprg-cg-notf-sub%2cprg-cg-notf-sub-btn%2csfa-exp-dk3vt5s1o4%2cenablenpdp%2cdisableblendallpdp%2cprg-pr2-sidebar-t%2cprg-pr2-pagecontext%2cprg-pr2-shoreline%2cprg-pr2-sidebar%2c23780mfrt1%2cprg-sh-bd-newchckot%2cprg-sh-bd-nwchk%2cmsph-tdinmsph%2cmsph-feedinternal%2crevprmres%2cprg-1sw-ucsem%2c1s-temp-wid-t%2cprg-1s-twid%2cmsph-onboardconfig%2chp-bot-seo%2cads-postsq-c%2c1i0c7573%2c1s-uasdisf-t%2cads-payloadred%2cads-usepme%2cprg-1sw-finvldc%2cprg-rpt2%2cprg-cg-dom-cleac%2cads-anjson-migc%2cprg-hp-vidad%2csh-bdvid%2cprg-sh-bd-video%2cfv-gaming-stage%2c1s-wpo-whpfl%2cmsph-contoverview%2cmsph-mergedfeedapi%2c1s-wpo-pr2-fl%2c1s-wpo-mobilfl%2cads-3lift-migr%2cads-sharvia-migr%2cmsph-aiacselect%2c1s-blis-followloc%2cmsph-mngcontrep%2cmsph-c2scontrep%2cmsph-newrsvideo%2cprg-1sw-iplsdp2%2cprg-1sw-iplsdp1%2cprg-1sw-iplsd-ntp%2cprg-1sw-iplsdc1p2%2cprg-1sw-iplsdc-ntp%2cmsph-rejectcontent%2cprg-fin-cpdp%2cprg-wx-ndata%2cprg-1sw-actiondata-t%2cprg-followdata-t%2cprg-reactdata-t%2cprg-wx-pwabold%2cads-nooutbrain%2cmsph-c2snobrand%2cbtotdsa1cf%2cprg-1sw-socc-p2%2cprg-1sw-socc-p1%2cprg-1sw-socc-ntp%2cprg-wx-clmap%2cprg-sp-nba24%2cprg-sp-nhl24%2cprg-whp-grticon%2cprg-ntp-grticon%2ccg-ad-active-ctr%2cmsph-rtpc2s%2cmsph-videoanalytic%2cprg-sh-bd-nogame%2cprg-fin-nacc%2cprg-1sw-nucomobiter3t4-c%2csh-tpspn-c%2cexp_natads_t%2cmsph-c2smanual%2cprg-cg-ad-pod%2cprg-sp-cffeed2%2cads-appendvideoast-c%2cprg-cg-ab-testing%2cprg-1sw-wxrvlocds%2cmsph-defaultux%2cprg-ntp-grtconsist%2cmktlangoverride%2cmsph-videoearning%2ccg-ad-pod-int-ctr%2cprg-ad-new-ctr%2cprg-1sw-100authclr%2cprg-1sw-authclr%2cprg-1sw-rcux2%2cprg-1sw-zhcnalt2%2cprg-rs36-t1%2cprg-1sw-wxtrgaprev&imp=b67ec7f4-665e-4188-b19f-72630a41adfd |
|
www.microsoft.com/ | Name: X-FD-Time Value: 1 |
|
www.microsoft.com/ | Name: cartMuid Value: 33921C1FEDC169020BA6089BEC8E686C |
|
.microsoft.com/ | Name: ak_bmsc Value: FC336AB0C3A42F8A76BCD58699D3C17D~000000000000000000000000000000~YAAQjabQFx0tNYuPAQAAkds+jxdEto/j9snO547mP1jOpE0weXKSGnle4d1ulESXuf9YBnLP7Rkz/Idbs8+cWgl7tN8iXe1+6aB+kcY/esq7gdksnOI0IabP1a4onqqc7/NmdffxvH51YEGFF6LcCB4I/bjKkB7/UQ9icKBxfpBRpXSHr3OjHfYWoveWWvarezSo30b3WOWRnpzMeYdvX9ZOZwU0LrbbmMnne2Ge3728RffTBaMZ6ObPV6e/hGHQxUG2egMONwJh5wiU7Y4wT5Yhq2WCfodk6pitVub+oErGFYzz2fyOnX503RmR7+QkEMlFVT59BKf0O7x+121XzS9o4xJss66+MFSPOGlqzJQRznU9+kGrJstRG8gsMhNv2ZvQ3ZYFMLsZcSZjHHdRDRqp |
|
www.microsoft.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 375e0b10-e1d5-48fe-915a-516e6f1f9e38 |
|
www.microsoft.com/ | Name: ai_session Value: gjKK2AI1b/NjFR8eDFAyhw|1716095212977|1716095214426 |
|
.demdex.net/ | Name: demdex Value: 21113296103130595370879761746254863704 |
|
.microsoft.com/ | Name: _cs_c Value: 0 |
|
.microsoft.com/ | Name: _cs_cvars Value: %7B%221%22%3A%5B%22signedInStatus%22%2C%22false%22%5D%7D |
|
.microsoft.com/ | Name: _cs_id Value: 65779e2e-7c01-a488-9e2b-6b9edbe290f9.1716095214.1.1716095214.1716095214.1613561419.1750259214903.1 |
|
.microsoft.com/ | Name: MC1 Value: GUID=dc133dac5c6a4b9db21dfb79f328c6f7&HASH=dc13&LV=202405&V=4&LU=1716095214777 |
|
.microsoft.com/ | Name: MS0 Value: d04c718e631b4d5ab99b424959977c79 |
|
www.microsoft.com/ | Name: MSFPC Value: GUID=dc133dac5c6a4b9db21dfb79f328c6f7&HASH=dc13&LV=202405&V=4&LU=1716095214777 |
|
.microsoft.com/ | Name: _cs_s Value: 1.5.0.1716097015134 |
|
www.microsoft.com/ | Name: akacd_OneRF Value: 1723871215~rv=32~id=58a8d6f6cec3397502a4f2e3085cbc86 |
|
.bing.com/ | Name: MUID Value: 33921C1FEDC169020BA6089BEC8E686C |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 33921C1FEDC169020BA6089BEC8E686C |
|
.c.bing.com/ | Name: SRM_I Value: 33921C1FEDC169020BA6089BEC8E686C |
|
.login.live.com/ | Name: uaid Value: 9d2e6bc0578a4a94b88575ab07ae61ef |
|
.login.live.com/ | Name: MSPRequ Value: id=74335<=1716095215&co=1 |
|
.login.live.com/ | Name: OParams Value: 11O.DudYfOn8Y7XQ3AJqYGIysqQZMkMt3kOFQnou!kFidKh7!aO7Vswc8Y2bxdKnehsMTjjZdcdR9yrD2heICDtF*nqfI0QABN2iZkQ1e55UXT!zQIDrS7chU47p1vOn35*NcBY6SjMrgGkzhHZwAuhJ*3XilJyDSk1n*tYzwcxDyPHeX9OqBh9yToXgLhi5JgVAD0yyCUNAn!62PzkyMdURzBHDM7TD6wtKjRjydViXwV5B6P5H926zyQmshl5Gi4nPh5*S*W*Sd27Z3acPESti1HxTWJZrbYeuUAr31oq3!pTh0xVd3rB943J!aaoANxtShBW!qaZyXBkWTxeiokqDNbs$ |
|
.c1.microsoft.com/ | Name: SM Value: C |
|
.c1.microsoft.com/ | Name: SRM_I Value: 33921C1FEDC169020BA6089BEC8E686C |
|
.c1.microsoft.com/ | Name: MR Value: 0 |
|
.c1.microsoft.com/ | Name: ANONCHK Value: 0 |
|
www.microsoft.com/ | Name: recentlyShownDialog Value: 1 |
|
www.microsoft.com/ | Name: emailNewsletterDialogShown Value: 1 |
|
.microsoft.com/ | Name: _uetsid Value: 9cdbdbf0159d11ef8de81dfab458ab19 |
|
.microsoft.com/ | Name: _uetvid Value: 9cdbfff0159d11efbf7ddfc45b9d5abc |
|
.microsoft.com/ | Name: IR_gbd Value: microsoft.com |
|
.microsoft.com/ | Name: IR_7593 Value: 1716095215769%7C0%7C1716095215769%7C_r2r2tkstrokfaw3ogigp6xrjzn2xdr9tpwrkkdum00%7C |
|
.linkedin.com/ | Name: li_sugr Value: e5201737-99b8-4588-a145-a1a2ebf52ad0 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&0b8d3d8c-cdd6-4c0e-8fdd-89499661b791" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2785:u=1:x=1:i=1716095215:t=1716181615:v=2:sig=AQGv7TJL56R-_T9C7jY7-_TaNP4E4ngR" |
|
.tiktok.com/ | Name: _ttp Value: 2gfipa5i2BtO5oMsJFnImUXbxuW |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.bing.com/ | Name: MSPTC Value: AbuhfQGiV5RITWiUmq7eHqpfu7FZ3mUmC7N9EeloZgM |
|
microsoft.msafflnk.net/ | Name: AWSALBCORS Value: d64rcukemLUVSE9yh9Ks9kjs2mnUMTMS1ZenoTHaiMSf690nmGxUjiJZJm4lTZeYs5/bsGkbKsdXwL/Ue67XpBnxtMIERU2Xca1284de6Br16hLdWKzhANkRG0Kk |
|
.msafflnk.net/ | Name: irtps Value: 1 |
|
.microsoft.com/ | Name: IR_PI Value: 98a62aa2-159d-11ef-90d4-63d91c866b1b%7C1716095215769 |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQISATX2EwgVtAAAAY-PPulNojJPLze51sQKASyBDgxsHbkhP727OXKGvZyZ0kD7SU4AYV9L_H2t9Q |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQKT7YslmyuC1AAAAY-PPulNYl5oLiiJSODbkOrS1zPg0iATFXE3qn3EvuxQ9-2zWLrlQOK6JSv4Gev-EeB3fQ |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20240519050656637fd60b-8920-42bf-8b1d-c912379b70dcAQHNaCzMll4w0vMx8TwIUTNOoUJSLRgR" |
|
www.microsoft.com/ | Name: __RequestVerificationToken Value: Unj2qDYCdrxKb2RGs9xUe7Xc0hvUAnaDnJXqPxQ_QbWom0BMPnziR_4tqQATxDcGJCrn4FAkeEdbb5oVIrE3J7kcL4c1 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.microsoft.com/ | Name: _tt_enable_cookie Value: 1 |
|
.microsoft.com/ | Name: _ttp Value: CF4ZZ-Vkry0ckB_Ieqg3O24H5T5 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZkmI8AAAP4@ok2sb |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUk9YxDDE9kvVkG-cLZbob_KWnmrIEZVDLvheHnQR4Gyi2ziCbsdxiPPbY18 |
76 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
assets.onestore.ms
ats.everesttech.net
bat.bing.com
browser.events.data.microsoft.com
c.bing.com
c.clicktale.net
c.s-microsoft.com
c1.microsoft.com
cdnssl.clicktale.net
click.linksynergy.com
d.impactradius-event.com
googleads.g.doubleclick.net
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
l.clicktale.net
login.live.com
mem.gfx.ms
microsoft.msafflnk.net
mscom.demdex.net
px.ads.linkedin.com
px4.ads.linkedin.com
query.prod.cms.rt.microsoft.com
srm.bf.contentsquare.net
store-images.microsoft.com
store-images.s-microsoft.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.microsoft.com
www.ojrq.net
assets.onestore.ms
13.107.42.14
142.250.176.194
142.250.72.98
142.250.80.100
142.251.40.134
20.110.205.119
20.189.173.26
20.190.151.7
23.49.248.24
2600:141b:1c00:2094::2957
2600:141b:1c00:2094::3114
2600:141b:1c00:20a0::356e
2600:141b:1c00:2489::356e
2600:141b:1c00:248c::2b3e
2600:141b:1c00:248c::3114
2600:141b:1c00:8::1728:b315
2600:9000:23ca:ee00:c:7c62:1240:93a1
2607:f8b0:4006:81c::2008
2620:1ec:21::14
2620:1ec:46::40
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f112:83:face:b00c:0:25de
3.215.252.122
34.202.125.9
34.207.29.196
34.95.127.121
35.186.249.72
35.212.79.71
52.204.235.169
52.206.176.175
52.4.141.54
52.71.168.192
54.194.121.222
082c0eeeadd6db497eddc771cf8e08d02f11d529179bc69019fa842818b97a20
0bb34021d9d19a8c05f0f86f2b4f8535159678320af12043a73b3fdb46a7db10
0bfd3a09847b5f2af08524f8f73a9fa26e028e69d3946d57fa71105e0eb2219e
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
12f9c183f066c3e4487d558f6425685281f2b3e03847e3c0f394929a209de6ba
320d8d9ec89b0fce1e3e367f4046909add2de413238037e715e92b13b5838271
3b7ad48d623de1c737fa08ef379d3ad403507f3b5e4839800933aeafb4e7d4d2
3ca356fe011cfcc765d47e3cea51cee5a3d4660d3273778e265b0dd0b98caf13
427a7c15e5211c1905a214dd02ff1d3f828a1a3424f64ce87a52183d5054ab10
434955a763b57088c65c34f23f27250be4f8d1cb3bf27882a181d240662b2b0f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456c328a19ec8fb556a76fb490bdc28b9137f5cfca8cf73655f8f5ae8ecdea57
4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
58ed418d7e2050442de343d20a6b42c5bb52a220eff15a6407b85d929d850068
596990abcd797b1d041a2ef9ce818dd140153db183c14d996f0a9f64cbe839b6
68d929a10c3cd609b936b50a541533994b044b38558a33530ff45d1b420cc07e
6bfd174274d9ace1c7e8b7b66f8ae0c33d263af788ed989561e9e43d46622482
74fb2c2c7e75b77001c173a017c67b11b61ef9071864b73e1fb5adfeba4ef38b
76564c7deb91ca1f80dca5c5027f6d573cafa611b083f6d1744d10fcad300994
79df53adeb6b8a6a9a3c200da4ac24b8db938c8575e23ff5b75786295e495324
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82dd395d55a1e5def9c8e5865ffa4ad69d35a263b35355ba9d113df0b46e83a5
886a5461cfd96b7fe65e692784ffbd25946a39d684a3712559f7c314c78b2e92
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b56355c9299776e30957957c27967ba19b488fd0192b0d2053f4e6800587446
91ff9fe81de8c2f8262c6a3c6bba15b92e97a70ba78873011a691d7d70d8fdf2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aef4ce0e1dcc88562b6f8de7c913f30c516af5a0f4f800e6738289888707d5f
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a91bf7a2b463a1d0e5bd1c98618a462dd4af214d6fa743ed840188599f724758
ae5d34f97fc475bd782b2af6219a7812449ef8f67a5410b5155fe4efd40d5d67
b0c7d9ba1f82b5306471a0db7e4702c5b92527ab7c0e0312ee213fc3122e249c
b797baa552116e4ba21ead29f41a4258e3b04db8da18e796ce571f05d54d59c5
bcabe44a7797883fd909b8d723ae3c02dde4b22c9389ec56177d8654fab574ad
cdceab5239da439315503b16ddd2b996e41d18dcd34aa7c5619f186586b423f2
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
d77064acabae1f8b615b9bc165437d16791ffc2acb2d4d1a81c7dd13692f5513
ddc72da5428425b553ded18cec30d4274cc8091e0fc5bfc16792bba3862df478
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e292eebe3d0c9dafcac6a34a69ebc11aaceef536a6edd19d32dbaee0453d28d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81ef7fdfadfb485fa974f784d2936ae18f8a696ca55e2b4cb98560d3c884a63
ea463fb36760a44958f9fb7e9c16cc265c384c698676e8a2a5ddf09c2a6ab0aa
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f3e5a460d1920319214f58f34cc32718c18ab4ffc5fa3706dc3388178710f510
f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988