gicrosoft.com Open in urlscan Pro
2606:4700:3035::6818:72ee Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gicrosoft.com/
Submission Tags: @phishunt_io
Submission: On November 23 via api (November 23rd 2020, 10:27:49 pm UTC) from ES

Summary HTTP 20 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::6818:72ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is gicrosoft.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 22nd 2020. Valid for: a year.

This is the only time gicrosoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	2606:4700:303... 2606:4700:3035::6818:72ee		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a		15169 (GOOGLE) (GOOGLE)
1 1	35.201.76.231 35.201.76.231		15169 (GOOGLE) (GOOGLE)
1	34.96.104.86 34.96.104.86		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003		15169 (GOOGLE) (GOOGLE)
20	5

15 2606:4700:3035::6818:72ee (United States)

ASN13335 (CLOUDFLARENET, US)

gicrosoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.76.231 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com

imp.pxf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.104.86 (United States)

ASN15169 (GOOGLE, US)
PTR: 86.104.96.34.bc.googleusercontent.com

goto.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gicrosoft.com gicrosoft.com	134 KB
3	gstatic.com fonts.gstatic.com	53 KB
1	walmart.com goto.walmart.com	417 B
1	pxf.io 1 redirects imp.pxf.io	310 B
1	googleapis.com fonts.googleapis.com	1 KB
20	5

	Domain	Requested by
15	gicrosoft.com	gicrosoft.com
3	fonts.gstatic.com	fonts.googleapis.com
1	goto.walmart.com	gicrosoft.com
1	imp.pxf.io	1 redirects
1	fonts.googleapis.com	gicrosoft.com
20	5

This site contains links to these domains. Also see Links.

Domain
goto.walmart.com
wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-22` - `2021-11-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
goto.walmart.com GlobalSign RSA OV SSL CA 2018	`2019-12-04` - `2021-02-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gicrosoft.com/
Frame ID: 93C8E3CDA66DB4AE81EC3A934C7AFD03
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

206 kB
Transfer

425 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://goto.walmart.com/c/1911899/621553/9383?sourceid=imp_000011112222333344&veh=aff

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://imp.pxf.io/i/1911899/621553/9383 HTTP 302
https://goto.walmart.com/i/1911899/621553/9383?level=1&srcref=https%3A%2F%2Fgicrosoft.com%2F

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gicrosoft.com/ 23 KB
4 KB 1136ms
1099ms Document
text/html 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.22 ASP.NET
Resource Hash: 75b2fdbe6ad2f8297e311126efda3f5b94fe96f2f3b1dd460ececf5c03f201c8

Request headers

:method: GET
:authority: gicrosoft.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d890ee58a0d98140c39bfd71e414307a11606170429; expires=Wed, 23-Dec-20 22:27:09 GMT; path=/; domain=.gicrosoft.com; HttpOnly; SameSite=Lax ARRAffinity=1b7cc5fa12095d89c16d59f17e164aef5d4b2cf0e5053ab4ca310af0bd9a1a2d;Path=/;HttpOnly;Secure;Domain=gicrosoft.com ARRAffinitySameSite=1b7cc5fa12095d89c16d59f17e164aef5d4b2cf0e5053ab4ca310af0bd9a1a2d;Path=/;HttpOnly;SameSite=None;Secure;Domain=gicrosoft.com
vary: Accept-Encoding
x-powered-by: PHP/7.3.22 ASP.NET
link: <https://gicrosoft.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
cf-request-id: 0698d0e0440000c2f4efa26000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NvyXhbgimD2Njdlyyu82Fo3ch6y4Cw1cxbUVpr7qa8wWh9Yq6DamA1ahgur9Ggz1oSMuU8UBRLdI2GXDOx7UM4oM1pBXbEV3EUxnMeutNLnDT6O4sIpOE0BY"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f6e50e06bcec2f4-FRA
content-encoding: br

GET
H2 200 style.min.css
gicrosoft.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 651ms
649ms Stylesheet
text/css 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.9
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 May 2019 16:05:00 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"66214049138d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=apgSVnn9NV02AwtPpgX9H6%2FgU1qteMXTPkq1Z5xfDZcqZkrnJ7UrkFRoEYRtK61iJoz7kL5emOSW47zjRGVp7gafogKiTpXKRCkRDRF0Pw9KWgGBsbnPkHBc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50e75de0c2f4-FRA
cf-request-id: 0698d0e4970000c2f43601d000000001

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: gicrosoft.com
URL: https://gicrosoft.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73a04f6c287a524053674afdf09102545c58f9fba3587fcbe5cc49491b12a0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 21:47:06 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Mon, 23 Nov 2020 22:27:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 23 Nov 2020 22:27:10 GMT

GET
H2 200 genericons.css
gicrosoft.com/wp-content/themes/twentythirteen/genericons/ 30 KB
19 KB 802ms
800ms Stylesheet
text/css 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-content/themes/twentythirteen/genericons/genericons.css?ver=3.03
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Sep 2018 05:01:16 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0763e206851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2Ff4qE1XIajJCUp%2B1wsL8CLZd6kEhk3mWraD4K2qPhxqPz2LBDNwWCr3oCPKLk%2Be0Xx1ghkH8gmPSYDQCD%2BZLWrT6FShFqdjkfCTrEg3TjX7XUusC3nbJ318"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50e75de2c2f4-FRA
cf-request-id: 0698d0e49a0000c2f43601e000000001

GET
H2 200 style.css
gicrosoft.com/wp-content/themes/twentythirteen/ 56 KB
11 KB 649ms
648ms Stylesheet
text/css 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-content/themes/twentythirteen/style.css?ver=2013-07-18
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 978de3a0879a47f021af2516eae8deee0e7f779ebeb702b8a744117cf19b53d2

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Sep 2018 05:01:16 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0763e206851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7cSkPYs747SwBkizvzQDhn7CkxjkkhlWDSVqkEX2T6kdC3hv50L%2FLZZUDmwd1huZzJm9BwGC2j2e2C30L8TJN7DITvFwvp7EbJh4K1jn%2FPMjHIyQugqxq5Jy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50e75de4c2f4-FRA
cf-request-id: 0698d0e4970000c2f45db3a000000001

GET
H2 200 jquery.js Show response
gicrosoft.com/wp-includes/js/jquery/ 95 KB
32 KB 899ms
898ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 04:49:51 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"d6d1d7ca5910d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vdd0AGSEOvxAjsqDLq0Xh%2FYdrt%2BnpjWsQ78TJepguPW%2B7pV8Uv%2FjGtM%2F2%2F5Z2EUIdI5qV6Pxw4YCpOGFRIC4ppfYLKodVhSaf23sibk7osDiVtRrI4XPySWq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50e75de5c2f4-FRA
cf-request-id: 0698d0e4970000c2f435a69000000001

GET
H2 200 jquery-migrate.min.js Show response
gicrosoft.com/wp-includes/js/jquery/ 10 KB
4 KB 660ms
659ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Apr 2019 03:13:32 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"05643682eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a3Tll%2FvqWfRH2KKimGHB0DVci9WbkSVq7fGj91OI7nvKP1evLkikYocuS9%2FqgHz9pk1Fg9eiajKX%2FnVRF9nSid%2FeqMR77heNty1NwjqhDvOFd3OWpqv6VgZB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50e75de7c2f4-FRA
cf-request-id: 0698d0e4980000c2f4de83b000000001

GET
H2 200 621553.jpg
gicrosoft.com/wp-content/uploads/2019/09/ 6 KB
6 KB 620ms
619ms Image
image/jpeg 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gicrosoft.com/wp-content/uploads/2019/09/621553.jpg
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f0d1f4e476c59489d1a81c86bd92f40bd26197f3f1ec4c3694e16c2213bd9068

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 6113
cf-request-id: 0698d0e8290000c2f40c175000000001
last-modified: Sun, 01 Sep 2019 15:58:53 GMT
server: cloudflare
etag: "a1e05e27de60d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YsUcWmCQPuXzVgfOaAU4dy4VicWuE7eU%2FmHX5NoXxqK7kNaJh%2BttmfoOXuCVG5If1PN6AmLK7LqfzhNS%2F07i4TsB2vhNzMlarAx%2BusHoGX1Yr%2BPhPJQlRYcq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f6e50ed0eacc2f4-FRA

GET
H2

200

9383
goto.walmart.com/i/1911899/621553/
Redirect Chain

https://imp.pxf.io/i/1911899/621553/9383
https://goto.walmart.com/i/1911899/621553/9383?level=1&srcref=https%3A%2F%2Fgicrosoft.com%2F

50 B
417 B

109ms
60ms

Image
image/gif

34.96.104.86
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goto.walmart.com/i/1911899/621553/9383?level=1&srcref=https%3A%2F%2Fgicrosoft.com%2F
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.104.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.104.96.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 22:27:11 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Mon, 23 Nov 2020 22:27:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Nov 2020 22:27:11 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://goto.walmart.com/i/1911899/621553/9383?level=1&srcref=https%3A%2F%2Fgicrosoft.com%2F
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 130
expires: Mon, 23 Nov 2020 22:27:11 GMT

GET
H2 200 imagesloaded.min.js Show response
gicrosoft.com/wp-includes/js/ 8 KB
3 KB 600ms
599ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Apr 2019 03:13:32 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"05643682eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y2Mm84rQa00xntbZf1TqxRpFKfg6ln2RdDCBZgdl2TG4EnuLZck8i3O7GILJ4rqy0VMi6dspwQheW6qU97zopmIgJT3EGh1J6tt7Xa5EUmHtvyUR26mAAwtc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ec5d91c2f4-FRA
cf-request-id: 0698d0e7b80000c2f4dd9c0000000001

GET
H2 200 masonry.min.js Show response
gicrosoft.com/wp-includes/js/ 28 KB
8 KB 661ms
660ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Apr 2019 03:13:36 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0b0663882eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tV4dWSBXWuDS9vgB49RDmx1v4cpJlGzwlRAk%2BZfKUjgWPBNxCWRbyPVNb3cZ4vFvIxwDE88kF9g6p4jdUQnn0ThBE3i8KlPI5p0OwIEMplbMxy77jBd4w4vb"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ecfe96c2f4-FRA
cf-request-id: 0698d0e81d0000c2f4f122f000000001

GET
H2 200 jquery.masonry.min.js Show response
gicrosoft.com/wp-includes/js/jquery/ 2 KB
944 B 651ms
649ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Apr 2019 03:13:34 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"083353782eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZaxBbzhGS23SbDXsIX1ypawyHKZQ1g19%2BX1AekAw6gjNfk2jANybPoY1aeQFw8xL%2BnVI%2FtBr8f9P3G7hoDO1RoJwAL%2ByeWnoA37jGOQ5iNDQsneLm3St7PBM"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ed0ea7c2f4-FRA
cf-request-id: 0698d0e8280000c2f4de874000000001

GET
H2 200 functions.js Show response
gicrosoft.com/wp-content/themes/twentythirteen/js/ 5 KB
2 KB 620ms
619ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-content/themes/twentythirteen/js/functions.js?ver=20160717
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2afc6a5c93b3985513745111c34cadb2369d8223bb652b79997bc0d931d8bb74

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Sep 2018 05:01:16 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0763e206851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qpPSfFTZsmERTAG8U1hM1L%2FOvJX9L5XP0Js%2Be0%2BdqVyJmUbvvotGiio2WOKPd4odJzQysfDe3WPW2RfU4TgHQksMxP1oFRLPDHDvyk8OaLoww6Xv7wE%2BAf8L"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ed0ea8c2f4-FRA
cf-request-id: 0698d0e8280000c2f44326e000000001

GET
H2 200 wp-embed.min.js Show response
gicrosoft.com/wp-includes/js/ 1 KB
980 B 636ms
635ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/wp-embed.min.js?ver=5.2.9
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Dec 2018 03:04:28 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0c66f8f9092d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HRqfwtlRI5qwBy1nZBfCssB7dlET1okyAR%2FRwPxTbwHxneyAOeXXsShXRmleiROHNUgd462X9hSjIb3tQpN%2FvAZGMHO7KbklSWsL76Af5V4XhFW0XK32ThMV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ed0ea9c2f4-FRA
cf-request-id: 0698d0e8290000c2f44711e000000001

GET
H2 200 wp-emoji-release.min.js Show response
gicrosoft.com/wp-includes/js/ 14 KB
4 KB 666ms
665ms Script
application/x-javascript 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gicrosoft.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.9
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 May 2019 16:05:11 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"6686d64f138d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YKKhn4vDqdbtXEzVC6goWm1zSyTTqjFUxmggMs13D0TAkqJBv0xFiD3caTWaBgTuHWpggRbF%2Bw7713Om7wjDr8PyT7J%2BJ0NrC0sm%2BgUlnriihL0ozIDn%2FS2T"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f6e50ed0eaec2f4-FRA
cf-request-id: 0698d0e8290000c2f4fdb9c000000001

GET
H2 200 circle.png
gicrosoft.com/wp-content/themes/twentythirteen/images/headers/ 33 KB
33 KB 715ms
715ms Image
image/png 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gicrosoft.com/wp-content/themes/twentythirteen/images/headers/circle.png
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8061aef5d8c226eea0f28353c365efdb7bbdd43db909d81f644b5e32557cd71

Request headers

Referer: https://gicrosoft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 33848
cf-request-id: 0698d0e82b0000c2f44b371000000001
last-modified: Fri, 21 Sep 2018 05:01:16 GMT
server: cloudflare
etag: "0763e206851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GymvJ6kPT4q5p7WN9MidKBQWtZSqie7vCN%2BEoRFr7KOsUDm%2B%2FAWCDWoxS5ZrnOZBCl677Is45df1XhvPUaQg1hi8RgPOQ9wopeaC1PTM3rokHyuQ4G6MCI0a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f6e50ed1eb4c2f4-FRA

GET
H2 200 search-icon.png
gicrosoft.com/wp-content/themes/twentythirteen/images/ 422 B
761 B 640ms
640ms Image
image/png 2606:4700:3035::6818:72ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gicrosoft.com/wp-content/themes/twentythirteen/images/search-icon.png
Requested by: Host: gicrosoft.com
URL: https://gicrosoft.com/wp-content/themes/twentythirteen/style.css?ver=2013-07-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:72ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 77cc2a262c38bdfeaf27050d2e54b5927c5744f4d80e2fa466c526d524e7c2ae

Request headers

Referer: https://gicrosoft.com/wp-content/themes/twentythirteen/style.css?ver=2013-07-18
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:27:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
content-length: 422
cf-request-id: 0698d0e82b0000c2f45020d000000001
last-modified: Fri, 21 Sep 2018 05:01:16 GMT
server: cloudflare
etag: "0763e206851d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mRXvpr2puUdHEDPAUO%2FKZLDbgnx16yshbcUPQCq5tivAFCcxxVg77pqIxYLA1R4I6caWKsHC1DxDViASRjkUUdMzbeX4a1VCcYlIGKxE5ZZWWKpIyu8AHSrt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f6e50ed1eb5c2f4-FRA

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gicrosoft.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:55:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 12691
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Tue, 23 Nov 2021 18:55:40 GMT

GET
H3-Q050 200 rax8HiqOu8IVPmn7f4xpLjpSmw.woff2
fonts.gstatic.com/s/bitter/v16/ 27 KB
27 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v16/rax8HiqOu8IVPmn7f4xpLjpSmw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2e115936049b0d585e01fdef9ad0ea2bef244bfb8a3f9dcb724452b323491bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gicrosoft.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 15:54:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jul 2020 02:04:28 GMT
server: sffe
age: 196375
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27996
x-xss-protection: 0
expires: Sun, 21 Nov 2021 15:54:16 GMT

GET
H3-Q050 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18S0xR41.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
13 KB 25ms
12ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18S0xR41.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8406721eb3e64acabe720bbed06e1b25ed1fea62400726d99ea3bb409f31db49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gicrosoft.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 03:39:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:02 GMT
server: sffe
age: 586089
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
expires: Wed, 17 Nov 2021 03:39:02 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0

Request headers

Origin: https://gicrosoft.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| jQuery112403943940134369657 object| wp object| twemoji

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gicrosoft.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gicrosoft.com
goto.walmart.com
imp.pxf.io
2606:4700:3035::6818:72ee
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
34.96.104.86
35.201.76.231
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0
2afc6a5c93b3985513745111c34cadb2369d8223bb652b79997bc0d931d8bb74
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
73a04f6c287a524053674afdf09102545c58f9fba3587fcbe5cc49491b12a0cb
75b2fdbe6ad2f8297e311126efda3f5b94fe96f2f3b1dd460ececf5c03f201c8
77cc2a262c38bdfeaf27050d2e54b5927c5744f4d80e2fa466c526d524e7c2ae
8406721eb3e64acabe720bbed06e1b25ed1fea62400726d99ea3bb409f31db49
978de3a0879a47f021af2516eae8deee0e7f779ebeb702b8a744117cf19b53d2
b2e115936049b0d585e01fdef9ad0ea2bef244bfb8a3f9dcb724452b323491bb
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c8061aef5d8c226eea0f28353c365efdb7bbdd43db909d81f644b5e32557cd71
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f0d1f4e476c59489d1a81c86bd92f40bd26197f3f1ec4c3694e16c2213bd9068
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe