www.onmsft.com Open in urlscan Pro
104.27.155.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onmsft.com/
Effective URL:
https://www.onmsft.com/
Submission: On March 20 via automatic, source alexatop100k (March 20th 2019, 12:04:26 pm UTC)

Summary HTTP 269 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 35 domains to perform 269 HTTP transactions. The main IP is 104.27.155.67, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.onmsft.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 23rd 2018. Valid for: a year.

This is the only time www.onmsft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	104.27.155.67 104.27.155.67	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
26	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
5	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
19	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.109.71.139 104.109.71.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	35.186.219.42 35.186.219.42	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19f::13b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 5	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	104.109.65.90 104.109.65.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	52.215.232.115 52.215.232.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.222.167.54 52.222.167.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.230.202.51 54.230.202.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
31	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE - Google LLC)
7	199.166.0.26 199.166.0.26	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
10	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.210.77.107 52.210.77.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.120.134 151.101.120.134	54113 (FASTLY) (FASTLY - Fastly)
1	23.62.118.129 23.62.118.129	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	151.101.0.175 151.101.0.175	54113 (FASTLY) (FASTLY - Fastly)
1	35.190.40.172 35.190.40.172	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.201.117.115 35.201.117.115	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.101.194.150 95.101.194.150	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	54.171.6.140 54.171.6.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.228.202.240 54.228.202.240	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200d:a400:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.167.27 52.222.167.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 10	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1 1	54.171.7.149 54.171.7.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	37.252.172.39 37.252.172.39	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	23.211.2.27 23.211.2.27	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
22	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	199.166.0.32 199.166.0.32	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1 7	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
20	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1	2404:6800:400... 2404:6800:4005:80f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	23.211.0.4 23.211.0.4	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.48.132.12 52.48.132.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
269	53

30 104.27.155.67 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

onmsft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.onmsft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.71.139 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-71-139.deploy.static.akamaitechnologies.com

cdn.nsstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ns.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
walker.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.219.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 42.219.186.35.bc.googleusercontent.com

chickensstation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19f::13b2 (European Union)

ASN20940 (AKAMAI-ASN1, US)

g.pcmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.43.115.95 (Amsterdam, Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.65.90 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-65-90.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.232.115 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-232-115.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.167.54 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-167-54.fra54.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.202.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-51.fra50.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 64.233.167.157 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wl-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.98.64 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 64.98.201.35.bc.googleusercontent.com

dapperfloor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.166.0.26 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.77.107 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-77-107.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

winbeta.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.118.129 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.175 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.40.190.35.bc.googleusercontent.com

api.skimlinks.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.117.115 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 115.117.201.35.bc.googleusercontent.com

admiral.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.194.150 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-194-150.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.166 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.6.140 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-6-140.eu-west-1.compute.amazonaws.com

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Switzerland) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.202.240 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-202-240.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:a400:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.167.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-167-27.fra54.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 173.241.240.220 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

us-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ziffdavis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.7.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-7-149.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.39 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.2.27 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-2-27.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.166.0.32 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.static.adsafeprotected.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.244.36.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4005:80f::2003 (Australia)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.211.0.4 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-0-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.132.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-132-12.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	274 KB
32	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	788 KB
32	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	235 KB
30	onmsft.com 1 redirects onmsft.com www.onmsft.com	437 KB
29	wp.com i2.wp.com i1.wp.com i0.wp.com stats.wp.com s0.wp.com pixel.wp.com	359 KB
17	openx.net 2 redirects us-ads.openx.net ziffdavis-d.openx.net eu-u.openx.net	27 KB
14	googletagservices.com www.googletagservices.com	149 KB
12	skimresources.com 4 redirects s.skimresources.com r.skimresources.com p.skimresources.com x.skimresources.com t.skimresources.com	24 KB
9	imrworldwide.com 2 redirects secure-us.imrworldwide.com cdn-gl.imrworldwide.com	58 KB
9	zdbb.net 1 redirects cdn.static.zdbb.net ns.zdbb.net gurgle.zdbb.net zdbb.net walker.zdbb.net	24 KB
7	google.de adservice.google.de	1 KB
6	chickensstation.com chickensstation.com	34 KB
5	teads.tv a.teads.tv sync.teads.tv t.teads.tv	185 KB
5	google.com adservice.google.com	855 B
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	83 KB
3	rubiconproject.com fastlane.rubiconproject.com	4 KB
3	consensu.org api.skimlinks.mgr.consensu.org admiral.mgr.consensu.org vendorlist.consensu.org	15 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	27 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	exelator.com 2 redirects loadeu.exelator.com	1 KB
1	adsrvr.org match.adsrvr.org	264 B
1	casalemedia.com as-sec.casalemedia.com	904 B
1	pubmatic.com hbopenbid.pubmatic.com	115 B
1	adnxs.com ib.adnxs.com	1 KB
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net	332 B
1	bluekai.com stags.bluekai.com
1	bkrtx.com tags.bkrtx.com	10 KB
1	disqus.com winbeta.disqus.com	1 KB
1	dapperfloor.com dapperfloor.com	35 KB
1	sharethrough.com native.sharethrough.com	107 KB
1	pcmag.com g.pcmag.com	323 B
1	nsstatic.com cdn.nsstatic.com	80 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
269	35

	Domain	Requested by
31	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.onmsft.com
29	www.onmsft.com	www.onmsft.com ajax.cloudflare.com dapperfloor.com
22	pagead2.googlesyndication.com	us-ads.openx.net pagead2.googlesyndication.com securepubads.g.doubleclick.net
20	dt.adsafeprotected.com
14	www.googletagservices.com	ajax.cloudflare.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
14	i2.wp.com	www.onmsft.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net chickensstation.com www.onmsft.com
9	us-ads.openx.net	1 redirects www.onmsft.com us-ads.openx.net
7	eu-u.openx.net	1 redirects us-ads.openx.net
7	pixel.adsafeprotected.com	cdn.nsstatic.com www.onmsft.com
7	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
7	i1.wp.com	www.onmsft.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	chickensstation.com	www.onmsft.com chickensstation.com
5	static.adsafeprotected.com	pixel.adsafeprotected.com www.onmsft.com
5	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
5	cdn-gl.imrworldwide.com	cdn-gl.imrworldwide.com
5	sb.scorecardresearch.com	2 redirects cdn.nsstatic.com
5	i0.wp.com	www.onmsft.com
4	p.skimresources.com
4	secure-us.imrworldwide.com	2 redirects
4	cdn.static.zdbb.net	1 redirects cdn.static.zdbb.net
3	fastlane.rubiconproject.com	cdn.nsstatic.com
3	x.skimresources.com	3 redirects
3	www.google-analytics.com	1 redirects cdn.nsstatic.com
2	t.teads.tv
2	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
2	t.skimresources.com	s.skimresources.com
2	loadeu.exelator.com	2 redirects
2	cdn.krxd.net	cdn.static.zdbb.net cdn.krxd.net
2	r.skimresources.com	1 redirects
2	gurgle.zdbb.net	cdn.static.zdbb.net
2	fonts.gstatic.com	www.onmsft.com www.googletagservices.com
2	fonts.googleapis.com	www.onmsft.com dapperfloor.com
1	match.adsrvr.org
1	sync.teads.tv	a.teads.tv
1	csi.gstatic.com	tpc.googlesyndication.com
1	as-sec.casalemedia.com	cdn.nsstatic.com
1	hbopenbid.pubmatic.com	cdn.nsstatic.com
1	ib.adnxs.com	cdn.nsstatic.com
1	ziffdavis-d.openx.net	cdn.nsstatic.com
1	sync.crwdcntrl.net	1 redirects
1	vendorlist.consensu.org	dapperfloor.com
1	beacon.krxd.net	cdn.krxd.net
1	consumer.krxd.net	cdn.krxd.net
1	ad.doubleclick.net	chickensstation.com
1	stags.bluekai.com	tags.bkrtx.com
1	admiral.mgr.consensu.org	dapperfloor.com
1	api.skimlinks.mgr.consensu.org	s.skimresources.com
1	pixel.wp.com
1	tags.bkrtx.com	cdn.static.zdbb.net
1	walker.zdbb.net	cdn.static.zdbb.net
1	winbeta.disqus.com	www.onmsft.com
1	zdbb.net
1	dapperfloor.com	chickensstation.com
1	stats.g.doubleclick.net
1	native.sharethrough.com	cdn.nsstatic.com
1	ns.zdbb.net	cdn.nsstatic.com
1	g.pcmag.com	cdn.nsstatic.com
1	cdn.nsstatic.com	ajax.cloudflare.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	s.skimresources.com	ajax.cloudflare.com
1	s0.wp.com	ajax.cloudflare.com
1	stats.wp.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.onmsft.com
1	onmsft.com	1 redirects
269	66

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.pinterest.com
azure.microsoft.com
products.office.com
wordpress.org
michael.gillett.online

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-23` - `2019-10-23`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
ziffdavis.com DigiCert SHA2 Secure Server CA	`2019-03-19` - `2020-06-17`	a year	crt.sh
chickensstation.com Let's Encrypt Authority X3	`2019-03-06` - `2019-06-04`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
www.ziffdavis.com DigiCert SHA2 Extended Validation Server CA	`2018-05-18` - `2020-05-17`	2 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2018-02-15` - `2019-07-11`	a year	crt.sh
*.sharethrough.com Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-11-17`	a year	crt.sh
dapperfloor.com Let's Encrypt Authority X3	`2019-02-07` - `2019-05-08`	3 months	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.zdbb.net COMODO RSA Domain Validation Secure Server CA	`2018-02-23` - `2021-02-22`	3 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-10-09` - `2019-09-27`	a year	crt.sh
api.skimlinks.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-10-23`	a year	crt.sh
admiral.mgr.consensu.org COMODO RSA Domain Validation Secure Server CA	`2018-05-11` - `2020-05-10`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-01-09` - `2020-03-09`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2019-03-11` - `2019-06-09`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2017-02-15` - `2019-04-19`	2 years	crt.sh

This page contains 40 frames:

Primary Page: https://www.onmsft.com/
Frame ID: 565080A70AC484682F954DB1490EF78A
Requests: 162 HTTP requests in this frame

Frame: https://admiral.mgr.consensu.org/portal.html
Frame ID: 41C8EFEF9AC4137375C7E24F7FD2B50F
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Donmsft.com&phint=referer%3Dhttps%3A%2F%2Fwww.onmsft.com%2F&phint=__bk_t%3DOnMSFT.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.onmsft.com%2F&limit=10&r=10329049
Frame ID: ACA4254BB5E90EE5F10D4525CBFB4DFC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 1A884E23F8107B80228077514F7BA09E
Requests: 22 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=81b42aecd02a2a85b619ddcc147878c4&skim_mapping=true
Frame ID: CE83FC3778D68452F2D3A20297C41C5B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: EA3B534ECE09726EA7541EA1C836D50A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A282429B5F96D2A66D62BE25D1CBEADB
Requests: 18 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 531B8257975DBA56487AA628F97BCDE1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js
Frame ID: BB56F56CF487CF0A19967115CAC87FA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190313/r20190131/zrt_lookup.html
Frame ID: D3A4BD8AFA91962748A5BE896E2399CD
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194640332&placementId=104135612&pubCreative=56493657212&pubOrder=169870292&cb=99980053&adsafe_par&impId=45a47d13-4b08-11e9-ac4a-00259086cc16
Frame ID: DB4259D04E2E9F3A6E921461BA530094
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A7F3B9CB55B8987BDDB83177C88D099E
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135972&pubCreative=56493629132&pubOrder=169870292&cb=1530908613&adsafe_par&impId=45a47d14-4b08-11e9-ac4a-00259086cc16
Frame ID: 0C0ECDFE213008D560E5E4A334904463
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: E134973EED7BA2C6262C848F2E28D84E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js
Frame ID: 201526329223785EC1DC9B4EB31FFCBC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js
Frame ID: 29E320448D694435D041FDB7546042ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js
Frame ID: 4D217B11E678EE48FBCF52535EAB932E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 58E3AD09448089394706B019993215D6
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135852&pubCreative=56493629852&pubOrder=169870292&cb=97435896&adsafe_par&impId=45a47d15-4b08-11e9-ac4a-00259086cc16
Frame ID: 8098C1F8C32979D0EDD9A75ADAF1C64F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 5AC662D174B64DF7CD797EE2832D5D53
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW
Frame ID: 8AA289D92F782A39648E53C6D72C0451
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2923964143&adf=2092899799&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452522&bpp=27&bdt=976&fdt=266&idt=264&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=4&pv=2&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=1181580628&ga_fc=0&iag=3&icsg=2862962090&nhd=1&dssz=33&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2511&biw=1585&bih=1200&isw=730&ish=90&ifk=1199908482&scr_x=0&scr_y=0&eid=21060853%2C21063246&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.z7z4ad39tr56&fsb=1&dtd=332
Frame ID: 65C57F38A71807CCF1EAB96845117A47
Requests: 1 HTTP requests in this frame

Frame: https://a.teads.tv/page/43599/tag
Frame ID: 7D157E90A17159DFFFBDCFC47F78658F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js
Frame ID: 13F4B6C8F6C4D551EB409942148A9571
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW
Frame ID: EC4E2EE41DB66651A3ED534704E81F41
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW
Frame ID: 42AF978F675D0C3867C4F0BB350E6779
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW
Frame ID: 393C37D1CE3F7562587DDF0F901C2B03
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417941&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452664&bpp=16&bdt=83&fdt=479&idt=478&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=599482970.1553083453&ga_sid=1553083453&ga_hid=1665191674&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=727&biw=1585&bih=1200&isw=300&ish=250&ifk=1441198204&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.wn556bgb7vrh&fsb=1&dtd=490
Frame ID: 94EBD83138EFF200A744EDA000C2FD0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=1224415319&adf=3279755404&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452603&bpp=12&bdt=49&fdt=586&idt=585&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=285441266.1553083453&ga_sid=1553083453&ga_hid=813440184&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=10&biw=1585&bih=1200&isw=980&ish=90&ifk=2510551254&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=1&uci=1.uk9f9j5jeuuc&fsb=1&dtd=599
Frame ID: 870C350D1D08E64FD1BDA42B4DDCEF4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=60&slotname=6607148033&adk=718502040&adf=2462778810&w=303&fwrn=3&fwrnh=100&lmt=1553083453&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=303x60&url=https%3A%2F%2Fwww.onmsft.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553083452693&bpp=19&bdt=1310&fdt=542&idt=541&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=21&ife=4&pv=1&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=806096007&ga_fc=0&iag=3&icsg=45812635050&nhd=1&dssz=37&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1334&biw=1585&bih=1200&isw=303&ish=250&ifk=650745855&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=148&bc=15&osw_key=2408649076&ifi=2&uci=2.r3fqift7037z&fsb=1&xpc=bXETxvwOKd&p=https%3A//www.onmsft.com&dtd=552
Frame ID: 1B13497BCA722DD62B94FF381D36F36B
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 98E37178F0ECAC1AF2ADFF62C0AA4D38
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 87056F0DFAE48EC252D0CC2ACB0C45D0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 74DAAEEB701E169DD88FA9209CCE9599
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 5332290E66D2632395087D0C357A0627
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417943&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452915&bpp=24&bdt=183&fdt=814&idt=813&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=780071776.1553083454&ga_sid=1553083454&ga_hid=1942206968&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1951&biw=1585&bih=1200&isw=300&ish=250&ifk=3111486697&scr_x=0&scr_y=0&eid=21060853%2C21061796%2C370204057&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.kfzqd5kpn8bl&fsb=1&dtd=841
Frame ID: EBBFE8095B65F0E8E0B1CD7CB66255FF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 8D68B42CCA1F560521E07384C58B34DB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 84311D432E53D8888479AE19C44BE922
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: AC645EB6C841B60A12D3376F3E0ECA94
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 6B083CD9613FBA1BC8D6BC02DD289AFC
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 7E4BE1994CE14BE6B42A131B3F5FE77C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://onmsft.com/ HTTP 301
https://www.onmsft.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
html /<link[^>]+s\d+\.wp\.com/i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
html /<link[^>]+s\d+\.wp\.com/i
meta generator /WordPress( [\d.]+)?/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

269
Requests

100 %
HTTPS

25 %
IPv6

35
Domains

66
Subdomains

53
IPs

7
Countries

3015 kB
Transfer

8540 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/onmsft
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winbetadotorg?_rdr=p

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/onmsft/
Title:

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/
Title: Azure

Search URL Search Domain Scan URL

URL: https://products.office.com/
Title: Office 365

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://michael.gillett.online/
Title: Social Media icons by Michael Gillett

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onmsft.com/ HTTP 301
https://www.onmsft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 67

https://secure-us.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 75

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=479446684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2F&ul=en-us&de=UTF-8&dt=OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAEAB~&jid=1144642888&gjid=1743678283&cid=81060519.1553083451&tid=UA-71939551-1&_gid=1449737839.1553083451&_r=1&z=1190657047 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=81060519.1553083451&jid=1144642888&_gid=1449737839.1553083451&gjid=1743678283&_v=j73&z=1190657047

Request Chain 76

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9=

Request Chain 85

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domains%22%3A%5B%22twitter.com%22%2C%22facebook.com%22%2C%22pinterest.com%22%2C%22azure.microsoft.com%22%2C%22products.office.com%22%2C%22wordpress.org%22%2C%22michael.gillett.online%22%5D%7D HTTP 302
https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D6DFSHVBH8F9FFMFJWB476NP&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domains%22%3A%5B%22twitter.com%22%2C%22facebook.com%22%2C%22pinterest.com%22%2C%22azure.microsoft.com%22%2C%22products.office.com%22%2C%22wordpress.org%22%2C%22michael.gillett.online%22%5D%7D&checksum=f6710e87c4660e64e36dbdd19b893b4a93b1908685b7a5f8b37b2a389ae597c5

Request Chain 105

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=81b42aecd02a2a85b619ddcc147878c4 HTTP 302
https://p.skimresources.com/?provider_id=81b42aecd02a2a85b619ddcc147878c4&skim_mapping=true

Request Chain 126

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=1600x1200 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=1600x1200&ja=1

Request Chain 131

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=${profile_id} HTTP 302
https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true

Request Chain 132

https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://us-ads.openx.net/w/1.0/acj?cc=1&ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1

Request Chain 258

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=09779080&cs_ucfr=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=09779080&cs_ucfr=1

Request Chain 273

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/openx?oxid=5189a278-c753-7680-e8d0-e08c22a57ff9&gdpr=1

269 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.onmsft.com/
Redirect Chain

https://onmsft.com/
https://www.onmsft.com/

43 KB
8 KB

1050ms
1028ms

Document
text/html

104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5fffdff8f523f420a139a15f24eeecd6aa8c59c112673e0799f0c8dd8977ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.onmsft.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 20 Mar 2019 12:04:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
set-cookie: more_page=1; expires=Thu, 21-Mar-2019 12:04:09 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 21-Mar-2019 12:04:09 GMT; Max-Age=86400
link: <https://www.onmsft.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ba78c066c02bf75-AMS
content-encoding: br

Redirect headers

status: 301
date: Wed, 20 Mar 2019 12:04:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; expires=Thu, 19-Mar-20 12:04:08 GMT; path=/; domain=.onmsft.com; HttpOnly more_page=1; expires=Thu, 21-Mar-2019 12:04:09 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 21-Mar-2019 12:04:09 GMT; Max-Age=86400
vary: Accept-Encoding, Cookie
x-redirect-by: WordPress
location: https://www.onmsft.com/
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ba78c010e36bf75-AMS

GET
H2 200 css
fonts.googleapis.com/ 5 KB
696 B 21ms
11ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Oswald:400,700

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

faf8c6a9d4b450cfccf29d2506affae4c76e397773edbbf6a3fdac0222ca00f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 20 Mar 2019 12:04:10 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 20 Mar 2019 12:04:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:10 GMT

GET
H2 200 bootstrap.min.css
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/ 117 KB
18 KB 47ms
36ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9291fdc44bccd9b470eddfb7e2326370687526185eeea097a02541d08b60ef53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c0af426-1d4f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0ceacdbf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 style.css
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/ 15 KB
4 KB 38ms
27ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf12f9f003f05dc1c97f3d3c3003cbe152c1d6df5b358b7c6dedc69daa47979

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=18674
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Mar 2019 23:22:24 GMT
server: cloudflare
etag: W/"5c8c33b0-48f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0ceacfbf75-AMS
cf-bgj: minify

GET
H2 200 style.min.css
www.onmsft.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 38ms
28ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Feb 2019 02:21:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6f5ca6-629a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0cead0bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 front-end-gutenberg.css
www.onmsft.com/wp-content/plugins/metronet-profile-picture/css/ 27 KB
3 KB 38ms
28ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/metronet-profile-picture/css/front-end-gutenberg.css?ver=2.1.3

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/metronet-profile-picture/css/front-end-gutenberg.css?ver=2.1.3
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=31043
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Feb 2019 02:24:03 GMT
server: cloudflare
etag: W/"5c6f5d43-7943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0cead1bf75-AMS
cf-bgj: minify

GET
H2 200 wpp.css
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/css/ 345 B
276 B 39ms
29ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55d784de8d3753e83c9051a7d2f6f6e2ad20127441d7da00bcc96e93c165f19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/css/wpp.css?ver=4.2.2
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=1217
status: 200
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Jan 2019 04:26:03 GMT
server: cloudflare
etag: W/"5c31835b-4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0cead2bf75-AMS
cf-bgj: minify

GET
H2 200 jetpack.css
www.onmsft.com/wp-content/plugins/jetpack/css/ 72 KB
12 KB 38ms
29ms Stylesheet
text/css 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.1.1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/jetpack/css/jetpack.css?ver=7.1.1
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=73791
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2019 14:07:21 GMT
server: cloudflare
etag: W/"5c827719-1203f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0cead3bf75-AMS
cf-bgj: minify

GET
H2 200 twitter-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 53 KB
54 KB 31ms
30ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9d5d7f0c649b8afca5ec420809ba9a6067a5dddd25be954f27c2ae034a1121

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/twitter-medium.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 54700
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d3b2dbf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 facebook-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 54 KB
54 KB 23ms
21ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07fa03f1e5fef6c5ee89c033aa08a86d1e791714aa6437142823c8e5adea8a93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/facebook-medium.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 55239
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d7c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d5b47bf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 logo.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 10 KB
10 KB 35ms
33ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/logo.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5abf0c3555cff7b63e38f6e7b8e7f56896937c0c2cc97cfaee7997c443e3e254

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/logo.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 10402
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-28a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d5b48bf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 pinterest-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 56 KB
56 KB 26ms
24ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd0425550d0738c39c0f6ffe17880245425dccd356d77a5e0e30f9845fc90ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/pinterest-medium.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 56968
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-de88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d5b4abf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 rss-medium.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/ 53 KB
53 KB 39ms
38ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/sm-icons/rss-medium.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc8413bc09ee8ffe0688a01b0059677c9cc298e6098aa01b7afdcc7f6d31bcc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/sm-icons/rss-medium.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 54109
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Dec 2018 18:14:55 GMT
server: cloudflare
etag: "5c1fd09f-d35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d5b4bbf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 apexlegendsseason1.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 2 KB
3 KB 15ms
7ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/apexlegendsseason1.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a3a74ac3d7c243608663e37e07e918353611896ab817c9f501f12021169bbe12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 4458
last-modified: Wed, 20 Mar 2019 09:06:54 GMT
server: nginx
etag: "396bdc5bd4d5bb50"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/apexlegendsseason1.jpg>; rel="canonical"
content-length: 2488
expires: Fri, 19 Mar 2021 21:06:54 GMT

GET
H2 200 disneymagickingdoms.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 3 KB
3 KB 16ms
7ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/disneymagickingdoms.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4d139abbd8400ecf686f76d746762208fafb9cbd4e17dbb09df70a54e299615d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 4714
last-modified: Wed, 20 Mar 2019 08:36:28 GMT
server: nginx
etag: "0ae1c0e583b9967f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/disneymagickingdoms.jpg>; rel="canonical"
content-length: 2758
expires: Fri, 19 Mar 2021 20:36:28 GMT

GET
H2 200 firefox.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/01/ 784 B
956 B 22ms
14ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/01/firefox.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d65e024114942f5caecd6171527aec27b414339447373bc6476365812c0fd8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 3976
last-modified: Wed, 20 Mar 2019 08:02:12 GMT
server: nginx
etag: "2f6d72301fd499d4"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/01/firefox.jpg>; rel="canonical"
content-length: 784
expires: Fri, 19 Mar 2021 20:02:12 GMT

GET
H2 200 windows-10-new-hero-mar-2017.jpg
i1.wp.com/www.onmsft.com/wp-content/uploads/2017/03/ 780 B
1 KB 22ms
15ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2017/03/windows-10-new-hero-mar-2017.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

608d9987a9068e62c51dc21ec5e0ac3c44d3c4732ebde4f0f9c5f9b042bf05e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 1029
last-modified: Tue, 19 Mar 2019 20:44:33 GMT
server: nginx
etag: "d2006da7866ddfe8"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2017/03/windows-10-new-hero-mar-2017.jpg>; rel="canonical"
content-length: 780
expires: Fri, 19 Mar 2021 08:44:33 GMT

GET
H2 200 Screenshot-2019-03-19-at-20.28.08.png
i1.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 1 KB
2 KB 22ms
15ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2019/03/Screenshot-2019-03-19-at-20.28.08.png?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

364676f96f6882f8d130bcf8f0f6a6577695a5e24a67ea5908178f3cb2301206

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 14638
last-modified: Tue, 19 Mar 2019 19:54:23 GMT
server: nginx
etag: "45a24767d49b9dbb"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/Screenshot-2019-03-19-at-20.28.08.png>; rel="canonical"
content-length: 1510
expires: Fri, 19 Mar 2021 07:54:23 GMT

GET
H2 200 press-tour-2014-halo-2-anniversary-cairo-station-sword-to-a-gunfight-940x528.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 3 KB
3 KB 22ms
16ms Image
image/jpeg 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/press-tour-2014-halo-2-anniversary-cairo-station-sword-to-a-gunfight-940x528.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ef7f6d2d51a42f9766103f06006acdc8351bd1956b3be303e9f0bb3da4d7429b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:25:49 GMT
server: nginx
etag: "3d5e3853eee84f36"
content-type: image/jpeg
status: 200
cache-control: public, max-age=63115200
x-optim-disabled: true
link: <https://www.onmsft.com/wp-content/uploads/2019/03/press-tour-2014-halo-2-anniversary-cairo-station-sword-to-a-gunfight-940x528.jpg>; rel="canonical"
content-length: 3244
expires: Fri, 19 Mar 2021 07:25:49 GMT

GET
H2 200 AP_amazon_kab_150917_4x3_992.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 2 KB
2 KB 21ms
15ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/AP_amazon_kab_150917_4x3_992.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

011f946d11bf46c69eb4706bb16280ed1dbb6256a2ea01886dbd8d879196f313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 411
last-modified: Tue, 19 Mar 2019 18:03:31 GMT
server: nginx
etag: "11ca08f279b827d5"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/AP_amazon_kab_150917_4x3_992.jpg>; rel="canonical"
content-length: 1946
expires: Fri, 19 Mar 2021 06:03:31 GMT

GET
H2 200 dd2b8a94b9559143c6c97d239f6daa0f-1024x683.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2018/11/ 1 KB
1 KB 21ms
16ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2018/11/dd2b8a94b9559143c6c97d239f6daa0f-1024x683.png?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

efdb746dd0d43920c77417dbdd11ae99d49d171694590915ae48d06cfd2e4818

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 6885
last-modified: Tue, 19 Feb 2019 18:04:38 GMT
server: nginx
etag: "58dc37da2db8006b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/11/dd2b8a94b9559143c6c97d239f6daa0f-1024x683.png>; rel="canonical"
content-length: 1110
expires: Fri, 19 Feb 2021 06:04:38 GMT

GET
H2 200 HP-Reverb-VR-Headset.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 1 KB
1 KB 38ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/HP-Reverb-VR-Headset.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2a6edfd42fc27f6166648eeb100e104fe048ff81da4b7fa62f0adfa36ee7b2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 64474
last-modified: Tue, 19 Mar 2019 17:10:06 GMT
server: nginx
etag: "61383dbe71663ed9"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/HP-Reverb-VR-Headset.jpg>; rel="canonical"
content-length: 1272
expires: Fri, 19 Mar 2021 05:10:06 GMT

GET
H2 200 microsoft-teams.png
i0.wp.com/www.onmsft.com/wp-content/uploads/2018/09/ 3 KB
3 KB 21ms
16ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/uploads/2018/09/microsoft-teams.png?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8e8f72b3f1e8e484f697b01ec3a63f087748fb200712c0415ad6f76ee6834205

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 15002
last-modified: Tue, 19 Mar 2019 15:46:07 GMT
server: nginx
etag: "5d5861ba5004082f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/09/microsoft-teams.png>; rel="canonical"
content-length: 3024
expires: Fri, 19 Mar 2021 03:46:07 GMT

GET
H2 200 Health_Teams_Collab.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/02/ 1 KB
1 KB 30ms
7ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/02/Health_Teams_Collab.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6876f9894bb74e3aaf598e1a6afdc2cc375c0acdad2634c9fb0384080fcd9f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 1259
last-modified: Tue, 19 Mar 2019 15:45:51 GMT
server: nginx
etag: "fc995d1609d22d01"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/02/Health_Teams_Collab.jpg>; rel="canonical"
content-length: 1248
expires: Fri, 19 Mar 2021 03:45:51 GMT

GET
H2 200 Screen-Shot-2018-03-20-at-15.40.32.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2018/03/ 624 B
818 B 30ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2018/03/Screen-Shot-2018-03-20-at-15.40.32.png?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

03a9cf53cc261adb4bb72f973e84a4e4932ec7594e19898a36cf9c3a5a2a86ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 6623
last-modified: Tue, 19 Mar 2019 14:55:10 GMT
server: nginx
etag: "142834666e2816d4"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/03/Screen-Shot-2018-03-20-at-15.40.32.png>; rel="canonical"
content-length: 624
expires: Fri, 19 Mar 2021 02:55:10 GMT

GET
H2 200 Quantum-Computing-Companies-Teaser.jpg
i0.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 3 KB
3 KB 21ms
16ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/uploads/2019/03/Quantum-Computing-Companies-Teaser.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6e24dc1e42f169dedfe6d27cd15fc6f1171802de3f29d5bd3987d7895e6b5c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 13267
last-modified: Tue, 19 Mar 2019 14:38:19 GMT
server: nginx
etag: "2fb855cad27799f2"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/Quantum-Computing-Companies-Teaser.jpg>; rel="canonical"
content-length: 3252
expires: Fri, 19 Mar 2021 02:38:19 GMT

GET
H2 200 WIN_20190122_09_12_09_Pro-2.jpg
i1.wp.com/www.onmsft.com/wp-content/uploads/2019/01/ 1 KB
1 KB 31ms
9ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2019/01/WIN_20190122_09_12_09_Pro-2.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

24dbf46f68946120c1776e0438ae1f68f02cae5049f371df626036c8a41b3338

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 12846
last-modified: Thu, 07 Mar 2019 14:50:38 GMT
server: nginx
etag: "67e8e8a96f492818"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/01/WIN_20190122_09_12_09_Pro-2.jpg>; rel="canonical"
content-length: 1274
expires: Sun, 07 Mar 2021 02:50:38 GMT

GET
H2 200 4a3a183e-3bc3-45ac-8fce-bce696e1405e.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 2 KB
2 KB 30ms
9ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/4a3a183e-3bc3-45ac-8fce-bce696e1405e.png?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

245b32205fec22452bf18058bb09a362fef7360323af82387c31e7632af6a4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 5491
last-modified: Tue, 19 Mar 2019 13:50:35 GMT
server: nginx
etag: "e39ef48e3098b6eb"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/4a3a183e-3bc3-45ac-8fce-bce696e1405e.png>; rel="canonical"
content-length: 1554
expires: Fri, 19 Mar 2021 01:50:35 GMT

GET
H2 200 xboxgamepass.jpg
i0.wp.com/www.onmsft.com/wp-content/uploads/2018/08/ 2 KB
2 KB 30ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/uploads/2018/08/xboxgamepass.jpg?resize=100%2C66&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

40291bf824e9cd4bc021abfe668862f701c9632134017a90d9e5133a473e5167

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 4367
last-modified: Tue, 19 Mar 2019 08:51:57 GMT
server: nginx
etag: "b0b685750e8cd11b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/08/xboxgamepass.jpg>; rel="canonical"
content-length: 1922
expires: Thu, 18 Mar 2021 20:51:57 GMT

GET
H2 200 microsoftedgebuild2015_r1_c1.jpg
i1.wp.com/www.onmsft.com/wp-content/uploads/2016/01/ 27 KB
27 KB 26ms
10ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2016/01/microsoftedgebuild2015_r1_c1.jpg?fit=868%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

34b14a16854df3a63dadd057047cf8bfa16baa33755750db5bef477d29aad61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 38939
last-modified: Mon, 11 Mar 2019 08:00:07 GMT
server: nginx
etag: "76ebcad4ffc63151"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2016/01/microsoftedgebuild2015_r1_c1.jpg>; rel="canonical"
content-length: 27414
expires: Wed, 10 Mar 2021 20:00:07 GMT

GET
H2 200 AP_amazon_kab_150917_4x3_992.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/ 32 KB
33 KB 40ms
33ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/03/AP_amazon_kab_150917_4x3_992.jpg?fit=773%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0b792944db962b2607af2999911c685d31d55c0274f7502fa4432b04e289c791

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 19223
last-modified: Tue, 19 Mar 2019 18:06:19 GMT
server: nginx
etag: "beb404b2cb92759c"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/03/AP_amazon_kab_150917_4x3_992.jpg>; rel="canonical"
content-length: 33128
expires: Fri, 19 Mar 2021 06:06:19 GMT

GET
H2 200 windows-10-new-hero-mar-2017.jpg
i1.wp.com/www.onmsft.com/wp-content/uploads/2017/03/ 12 KB
13 KB 23ms
16ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2017/03/windows-10-new-hero-mar-2017.jpg?fit=1031%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5aefe484ce181c451c93085ebd4d666c98558b989464e870fc4042094ff87ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 25237
last-modified: Fri, 15 Mar 2019 06:58:05 GMT
server: nginx
etag: "70e97b0eccb80151"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2017/03/windows-10-new-hero-mar-2017.jpg>; rel="canonical"
content-length: 12680
expires: Sun, 14 Mar 2021 18:58:05 GMT

GET
H2 200 xboxlive.jpg
i2.wp.com/www.onmsft.com/wp-content/uploads/2017/11/ 17 KB
17 KB 39ms
32ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2017/11/xboxlive.jpg?fit=1031%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1ccc05654ab74c632b5e47c7ece188cda4b48715c826e59a8643c66089983e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 25434
last-modified: Sat, 16 Mar 2019 12:49:23 GMT
server: nginx
etag: "c766abe46abe1dc2"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2017/11/xboxlive.jpg>; rel="canonical"
content-length: 16982
expires: Tue, 16 Mar 2021 00:49:23 GMT

GET
H2 200 Windows-10-Hero-Wallpaper.jpg
i1.wp.com/www.onmsft.com/wp-content/uploads/2019/02/ 11 KB
11 KB 21ms
19ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2019/02/Windows-10-Hero-Wallpaper.jpg?fit=928%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

850c087fcbaf8f98d1361b12b81b9ab5d4832f051f9a4caeb67532953041fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 25936
last-modified: Thu, 14 Mar 2019 14:23:50 GMT
server: nginx
etag: "dfe1a52340ad9c5a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/02/Windows-10-Hero-Wallpaper.jpg>; rel="canonical"
content-length: 11294
expires: Sun, 14 Mar 2021 02:23:50 GMT

GET
H2 200 IMG_4731.jpg
i0.wp.com/www.onmsft.com/wp-content/uploads/2019/02/ 25 KB
25 KB 21ms
20ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/uploads/2019/02/IMG_4731.jpg?fit=773%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

163b5c85c0aa922f4fde09a30501fb7c61514140acf94cdf12cc79b99c83b768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 37029
last-modified: Fri, 08 Mar 2019 17:42:50 GMT
server: nginx
etag: "d260c51d851b72e5"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/02/IMG_4731.jpg>; rel="canonical"
content-length: 25194
expires: Mon, 08 Mar 2021 05:42:50 GMT

GET
H2 200 microsoft-2.jpg
i0.wp.com/www.onmsft.com/wp-content/uploads/2019/01/ 89 KB
89 KB 15ms
4ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.onmsft.com/wp-content/uploads/2019/01/microsoft-2.jpg?fit=1031%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c4c6a3047d39795467df19c1f997be5b774c103859b991cf57f921251d2d0512

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 98055
last-modified: Sun, 24 Feb 2019 02:08:56 GMT
server: nginx
etag: "435d66b9936ec8ae"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/01/microsoft-2.jpg>; rel="canonical"
content-length: 91018
expires: Tue, 23 Feb 2021 14:08:56 GMT

GET
H2 200 Thumbnail-Website.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2019/02/ 32 KB
33 KB 16ms
12ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2019/02/Thumbnail-Website.png?fit=704%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c96a79a5d8b083483072af21ec12fd4a953156551fae6acf4605bf0882020f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 389386
last-modified: Tue, 19 Feb 2019 17:44:26 GMT
server: nginx
etag: "2d0383c12c9f2d9e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2019/02/Thumbnail-Website.png>; rel="canonical"
content-length: 33102
expires: Fri, 19 Feb 2021 05:44:26 GMT

GET
H2 200 Thumbnail-Website.png
i1.wp.com/www.onmsft.com/wp-content/uploads/2018/12/ 46 KB
47 KB 16ms
12ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.onmsft.com/wp-content/uploads/2018/12/Thumbnail-Website.png?fit=704%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

31a51ae4e98591463bb69e0e79ca761f22f8be1477974c549772beec4c41dd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 321920
last-modified: Tue, 19 Feb 2019 17:44:27 GMT
server: nginx
etag: "f05c38ceb21e8570"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/12/Thumbnail-Website.png>; rel="canonical"
content-length: 47526
expires: Fri, 19 Feb 2021 05:44:27 GMT

GET
H2 200 Thumbnail-Website.png
i2.wp.com/www.onmsft.com/wp-content/uploads/2018/11/ 28 KB
28 KB 21ms
18ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.onmsft.com/wp-content/uploads/2018/11/Thumbnail-Website.png?fit=704%2C580&ssl=1

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e79ed1633ead48ef7a84b855cd3401af41885e4226c7674264de703720ca9d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
x-bytes-saved: 295362
last-modified: Tue, 19 Feb 2019 17:44:27 GMT
server: nginx
etag: "a3834e5f8bd4b799"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://www.onmsft.com/wp-content/uploads/2018/11/Thumbnail-Website.png>; rel="canonical"
content-length: 28394
expires: Fri, 19 Feb 2021 05:44:27 GMT

GET
H2 200 logo_transparent.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 18 KB
18 KB 19ms
17ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/logo_transparent.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ae559502a1a0ec542557b315daf48cee77071f5cba0975c7336d42cb97fd54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/logo_transparent.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 18362
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-47ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d7b61bf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 12 KB
4 KB 9ms
7ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 11:30:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c90d2e9-2ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4ba78c0d78a9bf25-FRA
expires: Fri, 22 Mar 2019 12:04:10 GMT

GET
H2 200 social-links.png
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/ 66 KB
66 KB 36ms
36ms Image
image/png 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/img/social-links.png

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

33adf855a03023a767d54515b2613df379f9f656427ecdf28b57036a57715f0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/img/social-links.png
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41
:scheme: https
:method: GET
Referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 67734
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-10896"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4ba78c0d8b72bf75-AMS
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat|Oswald:400,700
Origin: https://www.onmsft.com

Response headers

date: Sat, 09 Mar 2019 23:35:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:24:13 GMT
server: sffe
age: 908918
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13248
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 23:35:32 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/ 18 KB
18 KB 34ms
33ms Font
application/octet-stream 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
origin: https://www.onmsft.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/css/bootstrap.min.css
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 18028
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 4ba78c0dab9cbf75-AMS
expires: Wed, 20 Mar 2019 15:04:10 GMT

GET
H2 200 icomoon.ttf
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/ 3 KB
3 KB 29ms
28ms Font
application/octet-stream 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/fonts/icomoon.ttf?7r6yez

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1033dc43930887f32e9dccec31d834c60c6ffb9ff15e30a829931148328e8d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/fonts/icomoon.ttf?7r6yez
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
origin: https://www.onmsft.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/style.css?ver=2019.41
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 2660
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: "5c0af426-a64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 4ba78c0dab9dbf75-AMS
expires: Wed, 20 Mar 2019 15:04:10 GMT

GET
H2 200 e-201912.js Show response
stats.wp.com/ 9 KB
3 KB 8ms
8ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201912.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 16 Mar 2020 07:34:15 GMT

GET
H2 200 wp-embed.min.js Show response
www.onmsft.com/wp-includes/js/ 1 KB
878 B 17ms
16ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-includes/js/wp-embed.min.js?ver=5.1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.1.1
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Oct 2018 04:00:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bbecad7-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e0c6ebf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 74ms
14ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201912
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT ams 32
date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
server: nginx
etag: W/"58674312-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 2.ams _dfw
expires: Mon, 16 Mar 2020 06:58:54 GMT

GET
H2 200 jquery.fitvids.js Show response
www.onmsft.com/wp-content/plugins/fitvids-for-wordpress/ 2 KB
1 KB 39ms
26ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eed854d2588f3afad208a8b8e5d6bd957d7489b876157239ea35ead4fff3efae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=3803
status: 200
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 15:57:52 GMT
server: cloudflare
etag: W/"5c24f680-edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c7dbf75-AMS
cf-bgj: minify

GET
H2 200 comment_count.js Show response
www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
418 B 31ms
19ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=889
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2019 14:07:09 GMT
server: cloudflare
etag: W/"5c82770d-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c7fbf75-AMS
cf-bgj: minify

GET
H2 200 mpp-frontend.min.js Show response
www.onmsft.com/wp-content/plugins/metronet-profile-picture/js/ 326 B
260 B 30ms
18ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.min.js?ver=2.1.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/metronet-profile-picture/js/mpp-frontend.min.js?ver=2.1.3
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Feb 2019 02:24:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6f5d43-146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c80bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 photon.min.js Show response
www.onmsft.com/wp-content/plugins/jetpack/_inc/build/photon/ 580 B
395 B 30ms
18ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2019 14:07:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c827719-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c82bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 88572X1541654.skimlinks.js Show response
s.skimresources.com/js/ 54 KB
20 KB 573ms
496ms Script
application/octet-stream 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecfe5e36e828580c140af128acfb40a16d748b1b8b08c3a6c4ea52dabced06b5

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 15:14:46 GMT
server: AmazonS3
x-amz-request-id: 98787AEE4D0DA707
etag: "fbe4d4c09b88c6ff55fb9c22f4ee0ae7"
x-hw: 1553083450.cds002.pa1.hn,1553083451.cds005.pa1.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20418
x-amz-id-2: /ZrhHGqZwabtLXy3HK/lUvkmkHcthDbl5VN45Rb7penAEtnxXelenuuHsfNDkV2MwY+S2UsTpoo=

GET
H2 200 msft.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 2 KB
725 B 29ms
17ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/msft.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27fc9a45b9993bc868b14bb28533cf5def1b13051b0839b032685ef731b07fbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/msft.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=2722
status: 200
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Dec 2018 22:28:54 GMT
server: cloudflare
etag: W/"5c0af426-aa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Sat, 17 Mar 2029 12:04:10 GMT
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c83bf75-AMS
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 32 KB
11 KB 50ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "112 / 856 of 1000 / last-modified: 1553036242"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10782
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:10 GMT

GET
H2 200 wpp-4.2.0.min.js Show response
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/js/ 1 KB
622 B 28ms
17ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wordpress-popular-posts/public/js/wpp-4.2.0.min.js?ver=4.2.2
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Jan 2019 04:26:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c31835b-47b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c84bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 16ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 979477
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33951
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:59:33 GMT

GET
H2 200 onmsft.com.js Show response
cdn.nsstatic.com/ns/ 257 KB
80 KB 95ms
23ms Script
application/javascript 104.109.71.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.71.139 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-71-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 75989d5f8e4b30cc547941d2ae66081e411f1c7bf590cacf3d16c9e27c6294b4

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: mw7ovsIXReFSh3kqO10lLT6YQ60vL55q
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 15:59:54 GMT
x-amz-request-id: 2B0E1C6FBD64B443
date: Wed, 20 Mar 2019 12:04:10 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1643
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-amz-id-2: sDls8d/h6adyHP6frNgbUzQmFYEGY91e6lHdjCpXu+EWcdWoslCUMbmxPSx0tL00mnhAmaaTy08=
expires: Wed, 20 Mar 2019 12:31:33 GMT

GET
H2 404 socialite.min.js
www.onmsft.com/wp-content/themes/s10/js/ 0
0 31ms
24ms Script
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/wp-content/themes/s10/js/socialite.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /wp-content/themes/s10/js/socialite.min.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: public, max-age=10800
cf-ray: 4ba78c0e2c85bf75-AMS
expires: Wed, 20 Mar 2019 15:04:10 GMT

GET
H2 200 lazysizes.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 6 KB
3 KB 25ms
18ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/lazysizes.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14815d3ad86f0839b16208a0d832d3695822c6d9bb9fc242b946cecad46799a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/lazysizes.min.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:41:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b981c-1934"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c86bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 bootstrap.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 36 KB
9 KB 44ms
37ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed60479e079b9e6d5280c6fdd11636fd55a11ebf935bd8dc09c6c66eb77bb3da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:40:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b981b-91d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c87bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 jquery.min.js Show response
www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/ 94 KB
32 KB 51ms
44ms Script
application/javascript 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onmsft.com/wp-content/themes/onmsft-jan19-pro/js/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/onmsft-jan19-pro/js/jquery.min.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 2019 16:41:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2b9823-176d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4ba78c0e2c88bf75-AMS
x-xss-protection: 1; mode=block
expires: Sat, 17 Mar 2029 12:04:10 GMT

GET
H2 200 jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4 Show response
chickensstation.com/v2/0/ 67 KB
21 KB 78ms
31ms Script
application/javascript 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ae7ce3f41afff05ff27f15fdeb4c73f46faffdcb74ecbe0da5dd5cab841c2f8

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
etag: 8b31bc75c9765baf19383dccd9fe9772444d951e9f6085fcfbc1f5120c362ac2
vary: Accept-Encoding
x-hostname: lisa
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *

GET
H2 404 socialite.min.js
www.onmsft.com/wp-content/themes/s10/js/ 0
0 17ms
16ms Script
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/wp-content/themes/s10/js/socialite.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /wp-content/themes/s10/js/socialite.min.js
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: public, max-age=10800
cf-ray: 4ba78c0f3e16bf75-AMS
expires: Wed, 20 Mar 2019 15:04:10 GMT

GET
H/1.1 200
OK geocc.js Show response
g.pcmag.com/ 184 B
323 B 54ms
7ms Script
application/javascript 2a02:26f0:6c00:19f::13b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://g.pcmag.com/geocc.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19f::13b2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:10 GMT
Connection: keep-alive
Content-Length: 184
Content-Type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1034
date: Wed, 20 Mar 2019 11:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 20 Mar 2019 13:46:56 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 15ms
14ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Thu, 21 Mar 2019 12:04:10 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

68 KB
21 KB

69ms
68ms

Script
application/javascript

104.109.65.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.65.90 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-65-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73117fd3b2f81cc12d5cd266a007eb843b5f6ebea23e298231b54a0595314f77

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: fmFhuBCA9C6CUWzRbAZe9nQGMqlTBPPj
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 20:09:53 GMT
x-amz-request-id: FCDCB4295EB9EB4B
date: Wed, 20 Mar 2019 12:04:11 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20713
x-amz-id-2: KK02X+kVxGJhALrDWsvRyjbIaED0vr/hofdamWjw1K0d4zij2j/j+JIswBptDvlrupFvJHtvYHc=
expires: Wed, 20 Mar 2019 13:04:11 GMT

Redirect headers

status: 303
date: Wed, 20 Mar 2019 12:04:10 GMT
cache-control: max-age=3600
core-eu: Yes
content-length: 0
location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
expires: Wed, 20 Mar 2019 13:04:10 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

58ms
10ms

Script
text/javascript

52.222.167.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-54.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: SX0eWJxy46EOzTqjmnorXStharrTmwKh
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 20:05:07 GMT
server: AmazonS3
age: 77332
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
date: Tue, 19 Mar 2019 14:36:23 GMT
x-amz-cf-id: MEith7GcOLiF7pK7EcA7raO6d--gCcnirJVRBpE9Nh9Of_IJ_MVWqw==
via: 1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)

Redirect headers

status: 301
date: Wed, 20 Mar 2019 12:04:10 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2 200 nsgpt.jsonp Show response
ns.zdbb.net/ 386 B
519 B 133ms
98ms Script
application/javascript 104.109.71.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.zdbb.net/nsgpt.jsonp?u=https%3A%2F%2Fwww.onmsft.com%2F
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.71.139 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-71-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 411a1f0e583abdd08cfe9645bd140c9f3eb8ec8ab864e79ca85527ec42d98d3d

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
access-control-allow-origin: https://www.onmsft.com
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
status: 200
cache-control: max-age=54
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 258
expires: Wed, 20 Mar 2019 12:05:04 GMT

GET
H2 200 tag.js Show response
native.sharethrough.com/assets/ 371 KB
107 KB 75ms
8ms Script
application/javascript 54.230.202.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/tag.js
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.202.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-202-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5998ea0ddeb88858fb1d3cac734662086a999298da0eadb3da62e19fd8907f83

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:00:13 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 21:58:48 GMT
server: AmazonS3
age: 314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: 2tMok9kDNlPG8UfU0KSIV45wwBBtPdgqgPwYxpOEI4RTdBNENwVdsg==
via: 1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
expires: Tue, 19 Mar 2019 22:58:47 GMT

GET
H2 200 /
gurgle.zdbb.net/ 43 B
238 B 175ms
112ms Image
image/gif 104.109.65.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gurgle.zdbb.net/?domain=netshelter.net
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.65.90 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-65-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
access-control-allow-origin: https://www.onmsft.com
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
status: 200
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 43

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 18ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 18ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ 160 KB
57 KB 22ms
20ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:10 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=479446684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2F&ul=en-us&de=UTF-8&dt=OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1704568642&gjid=98545402&cid=81060519.1553083451&tid=UA-46557023-13&_gid=1449737839.1553083451&_r=1&z=1366073307

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=479446684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2F&ul=en-us&de=UTF-8&dt=OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDA...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=81060519.1553083451&jid=1144642888&_gid=1449737839.1553083451&gjid=1743678283&_v=j73&z=1190657047

35 B
113 B

16ms
14ms

Image
image/gif

2a00:1450:400c:c08::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=81060519.1553083451&jid=1144642888&_gid=1449737839.1553083451&gjid=1743678283&_v=j73&z=1190657047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 20 Mar 2019 12:04:10 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:10 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71939551-1&cid=81060519.1553083451&jid=1144642888&_gid=1449737839.1553083451&gjid=1743678283&_v=j73&z=1190657047
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9=

0
248 B

10ms
8ms

Image
text/plain

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1553083450937&ns_c=UTF-8&cv=3.1&c8=OnMSFT.com&c7=https%3A%2F%2Fwww.onmsft.com%2F&c9=
Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:10 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8 Show response
dapperfloor.com/v2/0/ 113 KB
35 KB 353ms
225ms Script
application/javascript 35.201.98.64
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://dapperfloor.com/v2/0/kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.98.64 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 64.98.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 1bd4ea7c7c88379238504970d1017b549ec5f131a3e0961a35a4640b8309cdb7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
etag: b438c189a0582484d81c32b4acd7ecfc0a6d0c7bf87f548f97a7e40599386388
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
x-hostname: lisa
timing-allow-origin: *
access-control-allow-origin: *

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 125ms
75ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:nsgpt-billboard-1,ss:%5B728.90,997.123,970.250,970.180,970.90%5D,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-rectangle-1,s:300.250,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-rectangle-2,s:300.250,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-footer,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-stitials,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-inpage,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-skin,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-inline,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&slot=%7Bid:nsgpt-oop-masthead,s:1.1,p:/4585/ns.onmsft/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a0b1c827-f14c-0830-ebc5-84febbd1ee78
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: c9fa85a3fd3b712fbf329fd5b11c4143810bb0e775fd77f88d6d510b1fdd53a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

Date: Wed, 20 Mar 2019 12:04:11 GMT
X-Server-Name: app01ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.onmsft.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 249ms
248ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

0be6b5124255ff322b8ae46c78581b881c8bac4085262b88459a38bb2ed4d3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1838
x-xss-protection: 1; mode=block
google-lineitem-id: 28792080
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234147561
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_319.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 24ms
24ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25393
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 385ms
384ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

779d875613caa8f40bb7c5d047ae22de2b3ebe3344f93175d8081d3b6ce6d433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1830
x-xss-protection: 1; mode=block
google-lineitem-id: 28456320
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252005687
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 info Show response
gurgle.zdbb.net/ 238 B
438 B 446ms
446ms XHR
application/json 104.109.65.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.onmsft.com%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.65.90 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-65-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0e3abbfcc2a247b2a7219c83108d2929b48474644993688d19c7eacfc980e422

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 238

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
262 B 132ms
34ms Image
image/gif 52.210.77.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pagview_id=11a226ef-6505-480d-88a6-d7adf8034573&zd_location=https%3A%2F%2Fwww.onmsft.com%2F&evidon_consent=undefined&third_party_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.77.107 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-77-107.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
server: Ziff Davis BuyerBase
access-control-allow-origin: *
p3p: CP="ALL DSP COR NID"
status: 200
cache-control: No-Cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
expires: 0

GET
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domains%22%3A%5B%22twitter.co...
https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D6DFSHVBH8F9FFMFJWB476NP&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onms...

203 B
498 B

30ms
17ms

Script
application/javascript

35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D6DFSHVBH8F9FFMFJWB476NP&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domains%22%3A%5B%22twitter.com%22%2C%22facebook.com%22%2C%22pinterest.com%22%2C%22azure.microsoft.com%22%2C%22products.office.com%22%2C%22wordpress.org%22%2C%22michael.gillett.online%22%5D%7D&checksum=f6710e87c4660e64e36dbdd19b893b4a93b1908685b7a5f8b37b2a389ae597c5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

ace3fc4fc5a27c9b60aba92cb023b922c5c2e11c3bfa3da57e83845914333d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: openresty/1.11.2.5
access-control-allow-origin: https://www.onmsft.com
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear

Redirect headers

date: Wed, 20 Mar 2019 12:04:11 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://www.onmsft.com
location: //r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D6DFSHVBH8F9FFMFJWB476NP&data=%7B%22pubcode%22%3A%2288572X1541654%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domains%22%3A%5B%22twitter.com%22%2C%22facebook.com%22%2C%22pinterest.com%22%2C%22azure.microsoft.com%22%2C%22products.office.com%22%2C%22wordpress.org%22%2C%22michael.gillett.online%22%5D%7D&checksum=f6710e87c4660e64e36dbdd19b893b4a93b1908685b7a5f8b37b2a389ae597c5
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 167

GET
H2 200 px.gif
p.skimresources.com/ 43 B
108 B 36ms
20ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=10.48934686903271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
age: 0
status: 200
x-guploader-uploadid: AEnB2UpzYmj_FK6TqdOQ8a0UQwQBYT63XxANwppcuyNWZWhwAVd4zPLA9Ph-PEGDwO-V0vn2ZX8LIThXgIU8PKYNvd6bZnuWItIxCPlYsyMpebSFjYvGCOI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1553083451.cds002.pa1.hn,1553083451.cds025.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
494 B 35ms
20ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=10.48934686903271
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
age: 0
status: 200
x-guploader-uploadid: AEnB2UpzYmj_FK6TqdOQ8a0UQwQBYT63XxANwppcuyNWZWhwAVd4zPLA9Ph-PEGDwO-V0vn2ZX8LIThXgIU8PKYNvd6bZnuWItIxCPlYsyMpebSFjYvGCOI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1553083451.cds002.pa1.hn,1553083451.cds025.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK count.js Show response
winbeta.disqus.com/ 1 KB
1 KB 861ms
762ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://winbeta.disqus.com/count.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 675374
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 11 Mar 2019 17:49:30 GMT
Server: nginx
ETag: "5c869faa-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK check Show response
walker.zdbb.net/ 5 B
335 B 69ms
9ms XHR
text/html 104.109.71.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://walker.zdbb.net/check?href=https%3A%2F%2Fwww.onmsft.com%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.71.139 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-71-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

Date: Wed, 20 Mar 2019 12:04:11 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: max-age=52192
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
1 KB 12ms
9ms Script
application/javascript 104.109.65.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.65.90 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-65-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: tZh_O0heK9AW1IqXepRx0aLYSAyRBb4U
last-modified: Thu, 28 Feb 2019 20:09:53 GMT
x-amz-request-id: FDDA0E03D0975FDD
date: Wed, 20 Mar 2019 12:04:11 GMT
content-type: application/javascript
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 844
x-amz-id-2: FV6IunsnORf56dv1F4OV9XCC65V4g2lvCZO+epLbrrUntAetwW0wJTlDA3ZesIQQ8f7AMsJJi0E=
expires: Wed, 27 Mar 2019 12:04:11 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 31 KB
10 KB 74ms
18ms Script
text/javascript 23.62.118.129
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.118.129 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-62-118-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jul 2018 20:07:28 GMT
Server: Apache
ETag: "3160052-7a94-571b031e6f476"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10358
Expires: Wed, 27 Mar 2019 12:04:11 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
625 B 21ms
20ms Script
application/javascript 104.109.65.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.65.90 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-65-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 71_dkI0TovrOGG59JBPm.Tztc5MD.K.B
last-modified: Thu, 28 Feb 2019 20:09:53 GMT
x-amz-request-id: 687EF3F5A68E1795
date: Wed, 20 Mar 2019 12:04:11 GMT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 335
x-amz-id-2: Y2ws9r9cb7xtMgZ3LmrVAq3zY2pdIHzDVJFAYmjSbcy0ayJEd2f07q6JNrX2sMV1NMnr7Ev7OaY=
expires: Wed, 20 Mar 2019 13:04:11 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
97 B 18ms
8ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.1.1&blog=144796107&post=0&tz=-7&srv=www.onmsft.com&host=www.onmsft.com&ref=&fcp=2138&rand=0.15129485239398988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 20 Mar 2019 12:04:11 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 5 KB
3 KB 63ms
19ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 589baefd191a29fc58bdbf7f7ed9a03291b218d1549c1ced35b5f197a81d4ec3

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date: Wed, 20 Mar 2019 12:04:11 GMT
Content-Encoding: gzip
Age: 868
X-Cache: MISS, HIT, HIT
X-Request-Backend: krux_scala_config_webservice
X-App-Cache: HIT
Connection: keep-alive
Content-Length: 1888
X-Served-By: config-service-a005.krxd.net, cache-iad2133-IAD, cache-hhn1548-HHN
X-Response-Time: 0
Accept-Ranges: bytes
X-Do-Esi: esi
X-Timer: S1553083451.340728,VS0,VE0
ETag: "f078f52771c290b4c5a80b03c8fb040f3d6ef11d"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=1200
X-Age: 0
X-Cache-Hits: 0, 439, 106

GET
H2 200 iab Show response
api.skimlinks.mgr.consensu.org/ 772 B
636 B 75ms
18ms XHR
application/json 35.190.40.172
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.skimlinks.mgr.consensu.org/iab

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

172.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.14.0
access-control-allow-headers: *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.onmsft.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

GET
H2 200 portal.html
admiral.mgr.consensu.org/ Frame 41C8 0
0 57ms
16ms Document
text/html 35.201.117.115
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://admiral.mgr.consensu.org/portal.html
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.117.115 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 115.117.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: admiral.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
server: nginx
date: Wed, 20 Mar 2019 12:04:11 GMT
content-type: text/html
last-modified: Wed, 16 May 2018 16:27:21 GMT
vary: Accept-Encoding
x-hostname: jeremy
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK 30629
stags.bluekai.com/site/ Frame ACA4 0
0 367ms
312ms Document
text/html 95.101.194.150
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Donmsft.com&phint=referer%3Dhttps%3A%2F%2Fwww.onmsft.com%2F&phint=__bk_t%3DOnMSFT.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.onmsft.com%2F&limit=10&r=10329049
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.194.150 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-194-150.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.onmsft.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: dd0e
Date: Wed, 20 Mar 2019 12:04:11 GMT
Connection: keep-alive
X-N: S

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1A88 32 KB
0 50ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "112 / 856 of 1000 / last-modified: 1553036242"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10782
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:10 GMT

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1A88 160 KB
57 KB 65ms
14ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 1A88 113 B
178 B 67ms
8ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A88 77 KB
28 KB 105ms
45ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
27 KB 94ms
46ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A88 0
262 B 77ms
20ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6b9KcRmaFMWvggatwlekMumpw0zD8unxQRVKZcP4foawm7pLtr8YIVXGXZa26R05y63F6hNg1c0Q7l52RDQSNLbAdWxMbnHx3a2cG8_6iWoY404di3WP5dFnYjNY2J7j0li3AzEUN8R3GIlaP5mr959oPsa1CNT8oMuFe0cH3Bn8nSLh4KM4_lJnHQm_HSMgRloRkfrj4mrEKOIVNxQPBe6JZvy1YiBUvGeKVJseBTFQvhKtq1wgn_TDGiN8DRZmeptx7eQzRoXpfoDIe&sai=AMfl-YRcoQtUhfX0rZzE6NuKfcFFx5udD-06Vvlo75GqBlu3gSlVTQVAki-5dn4A28IMlws1-EJ2IBrW5w2kdJLUheHZd35Y-8GIKzJqv8RvQg&sig=Cg0ArKJSzNdDzmjsK4CiEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 Bfhi Show response
ad.doubleclick.net/ddm/adj/Bqgl/ 11 B
281 B 67ms
0ms Script
text/javascript 172.217.16.166
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bqgl/Bfhi

Requested by

Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 14
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
p.skimresources.com/ Frame CE83
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=81b42aecd02a2a85b619ddcc147878c4
https://p.skimresources.com/?provider_id=81b42aecd02a2a85b619ddcc147878c4&skim_mapping=true

43 B
246 B

20ms
19ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=81b42aecd02a2a85b619ddcc147878c4&skim_mapping=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
status: 200
x-guploader-uploadid: AEnB2UrcGkJGlNNED_FQXZ7rARjJ8Slt6qoSLA8-l-rr-TtkHoC0jIQ_5KCmcOp31cX32WNe2MK2p-rrjQrBvQ6ne9aYJw_eFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1553083452.cds002.pa1.hn,1553083452.cds034.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=81b42aecd02a2a85b619ddcc147878c4&skim_mapping=true
Date: Wed, 20 Mar 2019 12:04:11 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK controltag.js.09ebc571a022d419934530eaf14c8a78 Show response
cdn.krxd.net/ctjs/ 247 KB
79 KB 23ms
18ms Script
application/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Wed, 20 Mar 2019 12:04:11 GMT
Content-Encoding: gzip
Age: 7836203
X-Cache: HIT
Connection: keep-alive
Content-Length: 80533
X-Served-By: cache-hhn1548-HHN
Last-Modified: Wed, 19 Dec 2018 18:55:08 GMT
X-Timer: S1553083452.519356,VS0,VE0
ETag: "09ebc571a022d419934530eaf14c8a78"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sat, 16 Dec 2028 18:55:07 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 2162326

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame EA3B 0
0 47ms
5ms Document
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Sat, 09 Mar 2019 04:09:21 GMT
expires: Sun, 08 Mar 2020 04:09:21 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 978890
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A282 32 KB
0 50ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "112 / 856 of 1000 / last-modified: 1553036242"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10782
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:10 GMT

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A282 160 KB
57 KB 57ms
29ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame A282 113 B
175 B 38ms
11ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.onmsft.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A282 77 KB
28 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A282 0
56 B 57ms
30ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssppF6v5XRZfNisiKwS2Fo7RLVw_sD6-Tx8G-A0P_sbNOIAdqiaduN7afaQxZsZMXm_jXrt05bUEsut2o9-3NqJisqlc_wFLCywym4i8laSB7aVwm18OpV8kYGJ6IezdN-77xKhvbfjJ97ULeQKslyRb8gP4J0c2JuCHYtBEekzh0mMdqYzLSPFjemBxmsM5_NneT11LurNKr0bXFPmvD_Z_RLZTxONvpb6qGyb7uzm7f_0SiEAZfdovqh6ivxOHn9QIXUKHzWbEad-OV1z&sai=AMfl-YQXbXw-6X-NZeASlQ6wb_d37jljoFSkE8C8gLdFiXPOPUNRIESW0uxP4YXZQHiaWJiQjMrX7tB70pwW8DwSHvUE9eFwJOMkJMqQ1OCxsQ&sig=Cg0ArKJSzGHgGHjySuFNEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1A88 5 KB
2 KB 247ms
246ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2371883830647558&correlator=4388038901758674&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062456%2C21062977%2C21063334%2C21063348&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F8095840%2F.2_7550.4_onmsft.com_tier2&sz=300x250&eri=2&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cdm=www.onmsft.com&bc=15&lmt=1553083451&dt=1553083451608&dlt=1553083451383&idt=210&ea=0&frm=23&biw=1585&bih=1200&isw=303&ish=250&oid=3&adk=3596206029&uci=xfi8bvrsg2om&ifi=1&ifk=650745855&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2F&top=https%3A%2F%2Fwww.onmsft.com%2F&dssz=5&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=806096007&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

d50a0117455ffa8079ce1825ce28244c774a22d894459cb661c1d9e100f5c85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2425
x-xss-protection: 1; mode=block
google-lineitem-id: 28792680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234705754
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_319.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1A88 67 KB
25 KB 23ms
22ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25393
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame 1A88 0
0 19ms
18ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK 03fdde25-725e-48c5-a12f-7573d4d3eb24 Show response
consumer.krxd.net/consent/get/ 237 B
665 B 46ms
7ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/03fdde25-725e-48c5-a12f-7573d4d3eb24?idt=device&dt=kxcookie&callback=Krux.ns.ziffdavis.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 830ce433f7ca55cc4225cf953b38d53f1912e4b8a28b88cd37a77dede506c993

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:11 GMT
Content-Encoding: gzip
Age: 1409
X-Cache: MISS, HIT
X-Request-Backend: krux_scala_consumer_webservice
Connection: keep-alive
Content-Length: 193
X-Served-By: consumer-a005-dub.krxd.net, cache-hhn1538-HHN
Accept-Ranges: bytes
X-Timer: S1553083452.749549,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 varnish
Cache-Control: max-age=1800
X-Age: 0
X-Cache-Hits: 0, 1

POST
H2 200 track.php Show response
t.skimresources.com/api/ 22 B
92 B 126ms
31ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/track.php

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.onmsft.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/ 22 B
409 B 124ms
30ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.onmsft.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H/1.1 200
OK optout_check Show response
beacon.krxd.net/ 63 B
316 B 181ms
32ms Script
text/javascript 54.228.202.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.ziffdavis.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.202.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-202-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5689f3d6640befe887d11fbdbe526ce4c8bbb16d7eefe0c15c4994484a2c8997

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:11 GMT
Cache-Control: private, max-age=0, s-max-age=0
X-Request-Time: D=32 t=1553083451
Connection: keep-alive
X-Served-By: beacon-n015-dub.krxd.net
Content-Length: 63
Content-Type: text/javascript

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A282 3 KB
2 KB 283ms
223ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1213176693064812&correlator=4087287603357872&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062886%2C21063402&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F8095840%2F.2_A.6889.3_onmsft.com_tier2&sz=728x90&eri=2&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cdm=www.onmsft.com&bc=15&lmt=1553083451&dt=1553083451751&dlt=1553083451546&idt=197&ea=0&frm=23&biw=1585&bih=1200&isw=730&ish=90&oid=3&adk=2338238382&uci=oko2t29lkmt4&ifi=1&ifk=1199908482&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.onmsft.com%2F&top=https%3A%2F%2Fwww.onmsft.com%2F&dssz=5&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=1181580628&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

c0094e3da462d65cc197e73c1aa7d82049ce45676960e0428c9278644e8d1138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1661
x-xss-protection: 1; mode=block
google-lineitem-id: 4873797111
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252006365
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_319.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A282 67 KB
25 KB 82ms
22ms Script
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

sffe /

Resource Hash

c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25393
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame A282 0
0 24ms
0ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 404 pubvendors.json Show response
www.onmsft.com/.well-known/ 32 KB
8 KB 743ms
737ms Fetch
text/html 104.27.155.67
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onmsft.com/.well-known/pubvendors.json
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.155.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a574abb51e5c2212ada391e8af601c658e1973f6f1fda9e30e42c6d598316e

Request headers

:path: /.well-known/pubvendors.json
pragma: no-cache
cookie: __cfduid=d0a2e38492ea950bbcc2d961949ed1a351553083448; more_page=1; more_page_author=1; _ga=GA1.2.81060519.1553083451; _gid=GA1.2.1449737839.1553083451; _gat_ns=1; _gat=1; geoCC=DE; __gads=ID=ccdc53dcda4d070b:T=1553083451:S=ALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw; h_zdbb=; kxziffdavis_visits=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.onmsft.com
referer: https://www.onmsft.com/
:scheme: https
:method: GET
Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Cookie
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: more_page=1; expires=Thu, 21-Mar-2019 12:04:12 GMT; Max-Age=86400 more_page_author=1; expires=Thu, 21-Mar-2019 12:04:12 GMT; Max-Age=86400
cf-ray: 4ba78c161d9ebf75-AMS
link: <https://www.onmsft.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 77 KB
14 KB 70ms
10ms Fetch
application/json 2600:9000:200d:a400:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:a400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c578cc052ab80b04dfc8c7b7fc372ffc7bf6be58cf79fb6fa4f89392c181cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Fri, 15 Mar 2019 20:31:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 54838
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Mar 2019 16:00:21 GMT
server: AmazonS3
access-control-max-age: 86400
access-control-allow-methods: GET
x-amz-version-id: Yqz14Pw6ZVFTP7j06C2w8khzuTS06Ae5
via: 1.1 69ae15d1338b64299d3942a44fc1fb96.cloudfront.net (CloudFront)
cache-control: max-age=259200
content-type: application/json; charset=utf-8
x-amz-cf-id: ioZKEL6XM0ckYYWcy36BcmjvSCPY9kan_tt_pDiijbbLo6FyhqawBA==

GET
H2 200 ziffdavis.json Show response
cdn-gl.imrworldwide.com/ci/ 262 B
769 B 48ms
9ms XHR
application/json 52.222.167.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/ci/ziffdavis.json
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-27.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f75ee8a760c4319b767725c06ad12a0f5291c38fe35e93cbe59c18f02fdc248

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Tue, 05 Mar 2019 14:36:05 GMT
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 180
x-cache: Hit from cloudfront
status: 200
content-length: 262
last-modified: Tue, 05 Mar 2019 14:02:22 GMT
server: AmazonS3
etag: "1755ccfbfde3144d5444ccdbef529c66"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: yX.mqdv5qWxrhuurUuIf4G1GnusZ_MN.
access-control-allow-origin: *
cache-control: max-age=86400,s-maxage=86400
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: z3H1KveUkfMVI0R5PE1SP0uE2ArSN2kefYV1QRCMYWYAr05L_1920Q==

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=160...
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=160...

44 B
424 B

35ms
29ms

Image
image/gif

52.215.232.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=1600x1200&ja=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.232.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-215-232-115.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:11 GMT
server: nginx
access-control-allow-origin: *
location: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1553083451896&ci=ziffdavis&js=1&cg=0&ts=88572X1541654.skimlinks.js&vn=6.0.58&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.onmsft.com%2F&sr=1600x1200&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 302
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 jstag Show response
us-ads.openx.net/w/1.0/ Frame 1A88 48 KB
18 KB 45ms
20ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 651c806768275a730455cd92f67ee4257f07a24e7e4c826fe1119752a6436946

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17996
expires: Wed, 20 Mar 2019 13:04:11 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A88 75 KB
0 94ms
46ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A88 0
56 B 25ms
25ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuorWC3TxCYY4wUF5bfU3WkAMf9N4GaGxfH3eSnbwz3IW7fOl-R2OOK5k4dD-dca8NxM7yp7H1UaaDNvVxoK9RjCTnswlWH2o2UNABFT6iXK-KAOIMonGy9qqMvV96-7_ezjwupsDaHf6M70JVAAOaCqylmZV9-X9TyZulzW2PhS-UKtwZ5bnJDsFpkqlrBTDflV4Si56AkruZaAkJX718vcLV_W_Ev5vkgEIfVj2PqgkwFyRvMvQ6DoCFnGdiUJPMDZd9W13OEGRPu&sai=AMfl-YQXKiaCh26XiX6A5UH9Ajcf499g4jGTjQq4guS_XU6igaghWDks0db4qvLW9sbE3FpabqSU-nySLcvWT0OfLAzui_5e05s9tIVTTUVMK2f16MJanuLuh04jZ-EL&sig=Cg0ArKJSzJ5_ewj0NCXMEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 11ms
9ms Script
application/javascript 52.222.167.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-54.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9815a3710bc8cca4df26e419aba7ea94a099d75c92134ae1e05511f8d32ca98

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: EocAiwFPCCMyM7aj7.jvLwSTl4ESli6a
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 10:24:17 GMT
server: AmazonS3
age: 1712
date: Wed, 20 Mar 2019 11:35:58 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: oaLKfV6yW-J3QghT70KN4HKp6KJqWCD3shin6rdSCPTnhTNDMevkRg==
via: 1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)

GET
H2

200

/
p.skimresources.com/ Frame CE83
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=${profile_id}
https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true

43 B
107 B

20ms
20ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=%24%7Bprofile_id%7D&skim_mapping=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
status: 200
x-guploader-uploadid: AEnB2UrcGkJGlNNED_FQXZ7rARjJ8Slt6qoSLA8-l-rr-TtkHoC0jIQ_5KCmcOp31cX32WNe2MK2p-rrjQrBvQ6ne9aYJw_eFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
x-hw: 1553083452.cds002.pa1.hn,1553083452.cds034.pa1.c
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=%24%7Bprofile_id%7D&skim_mapping=true
Date: Wed, 20 Mar 2019 12:04:12 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

acj Show response
us-ads.openx.net/w/1.0/ Frame 1A88
Redirect Chain

https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=1600x...
https://us-ads.openx.net/w/1.0/acj?cc=1&ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=...

2 KB
1 KB

142ms
142ms

Script
application/json

173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?cc=1&ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 8d279f4e99a12c10d5668e4ac5a205868fa2b254cb5215f59ae7cf8dbbd96386

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Wed, 20 Mar 2019 12:04:12 GMT
server: OXGW/16.121.0
content-length: 0
location: https://us-ads.openx.net/w/1.0/acj?cc=1&ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=174398372&callback=OX_174398372&ju=https%3A//www.onmsft.com/&jr=&auid=538677446&dims=1600x1200&adxy=697%2C1244&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 154 KB
45 KB 16ms
14ms Script
application/javascript 52.222.167.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-54.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69ab1a2de27af9982ac383ba968b31150b40465eee67ccd2cb540397dd372c14

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: .JOJbolsUKPAQzRqc25FG3kbf09NeIy8
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 14:34:42 GMT
server: AmazonS3
age: 77335
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Tue, 19 Mar 2019 14:35:52 GMT
x-amz-cf-id: 0PE2AQyi1Buqw6scgyeTrI9jjfuNjS6KmpwWr6aGGa4Sy-Y0EMNPzw==
via: 1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)

GET
H2 200 arj Show response
ziffdavis-d.openx.net/w/1.0/ 173 B
661 B 146ms
116ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.onmsft.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=09ddb79f-52d3-4982-936b-4fd036c3f4e4%2C2bd2c742-f2ad-44a7-bb3e-ea3c5e825145%2Cb56d6061-69c5-4a60-a707-0b61c2328994&nocache=1553083452087&x_gdpr_f=1&aus=728x90%2C997x123%2C970x250%2C970x180%2C970x90%7C300x250%7C300x250&divIds=nsgpt-billboard-1%2Cnsgpt-rectangle-1%2Cnsgpt-rectangle-2&auid=540322690%2C540322690%2C540322690&
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: b190d90458aa1118cd187b3e1c06029f794a7ef26983f10cedf6ce78bfb99ae2

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.onmsft.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 370 B
1 KB 88ms
51ms XHR
application/json 37.252.172.39
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.39 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f66539c92c7f38476eda000428956723ba498c80d4d25265e00bfc18d7f7b416

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Proxy-Origin: 185.220.70.201; 185.220.70.201; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.4:80
AN-X-Request-Uuid: 8cc4972a-8df7-4787-be20-6b59af76023d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 370
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 59ms
16ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 20 Mar 2019 12:04:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.onmsft.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
904 B 289ms
234ms XHR
application/json 23.211.2.27
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=230303&v=7.2&r=%7B%22id%22%3A%22135f5e1e66a9ad3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214f2978da0783df%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%221519943b68bbfce%22%2C%22banner%22%3A%7B%22w%22%3A997%2C%22h%22%3A123%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22997x123%22%7D%7D%2C%7B%22id%22%3A%2216553a777c73686%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2217e4d83b50eca2%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A180%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22id%22%3A%2218787e0f933836e%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2219c4c6d2b0c1507%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22204508f9f360f57%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22230303%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.2.27 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-2-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4ed315a5d70b31da4fb8bcadb92d49280b6f9e592fb5b3c88186c3b5eedd90c5

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 333 B
1 KB 136ms
21ms XHR
application/json 213.19.162.41
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.site=onmsft.com&tg_i.pos=atf&tg_i.adunit=homepage&tk_flint=pbjs_lite_v1.38.0&x_source.tid=09ddb79f-52d3-4982-936b-4fd036c3f4e4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.839115602930018
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9b9a805808791c3d05db488f34c2e0b2efba3da4cf1356e0266701e79a23d7db

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 333
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
1 KB 139ms
22ms XHR
application/json 213.19.162.41
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.site=onmsft.com&tg_i.pos=atf&tg_i.adunit=homepage&tk_flint=pbjs_lite_v1.38.0&x_source.tid=2bd2c742-f2ad-44a7-bb3e-ea3c5e825145&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8932878696226361
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 50b1062e139ecca8a6bb207cc867a7b21ce960d44b105affe3895709fede8e58

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 334
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
1 KB 140ms
24ms XHR
application/json 213.19.162.41
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=142066&zone_id=660966&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.site=onmsft.com&tg_i.pos=btf&tg_i.adunit=homepage&tk_flint=pbjs_lite_v1.38.0&x_source.tid=b56d6061-69c5-4a60-a707-0b61c2328994&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10540403822437394
Requested by: Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/onmsft.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: b4aafb1431d72c21cee3cb7689f9c884886d059be648453ec83d0c173028bfe4

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.onmsft.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 334
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 jstag Show response
us-ads.openx.net/w/1.0/ Frame A282 48 KB
0 45ms
20ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 651c806768275a730455cd92f67ee4257f07a24e7e4c826fe1119752a6436946

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17996
expires: Wed, 20 Mar 2019 13:04:11 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A282 75 KB
0 94ms
46ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A282 0
164 B 25ms
24ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO3vmQjHHGPMm3sNOqP0wygferdvqFWgBEg2mZMpxB05CPvlc43DbmdX2Lgn7quoHJXOnpaxfpCwoEqiqNIUikDYEKmlUgoKbqv3HQieckYalgijIAll5R7JgE2VvfxLENf5gdFeHmogk53jao6vEdNSwds7IvSgEWiZ4N5tA7X8kQFbsHoRcwFLQksfjH3uGrGRwhpyX5cjPqCxio4q6toRzb35dapZ4wjlDxls-ap48n50na-YWSNx4O5C-5QRuOkenvjciFkMc3dk_v&sai=AMfl-YQXiSHRq77yGVBlcqiYl9PmaNoCrU8ps4dz2CtD7C068ykauaApTcGWaeW6u-Ixf1eU5efShSXVxkz_yvMuP45mHv6RmkIMlGinkhEKu9PvkC7T8gMsceaaSiIF&sig=Cg0ArKJSzBbrbDWKPesCEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame A282 2 KB
1 KB 103ms
103ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=9147361737&callback=OX_9147361737&ju=https%3A//www.onmsft.com/&jr=&auid=538683521&dims=1600x1200&adxy=428%2C2421&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 674a6c9efcae4ef4a6c8ac9d953716bd08dcf8ea7c0596501db83fc30efbbd09

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 531B 0
0 9ms
8ms Document
text/html 52.222.167.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-54.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
content-type: text/html
last-modified: Tue, 05 Mar 2019 14:34:40 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: bFE_v0S8rJQmD6jK1O9nK5_UKwVOFfYf
server: AmazonS3
content-encoding: gzip
date: Tue, 19 Mar 2019 14:35:52 GMT
cache-control: max-age=86400
vary: Accept-Encoding
age: 77336
x-cache: Hit from cloudfront
via: 1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)
x-amz-cf-id: 2-Rc_Nm4KtMkxu9E5Q2Y4zsBvQ4pBLpc7KXsn9fIq3i5WskyLBrEpA==

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame A282 2 KB
1 KB 108ms
107ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=1868911302&callback=OX_1868911302&ju=https%3A//www.onmsft.com/&jr=&auid=538683515&dims=1600x1200&adxy=428%2C2421&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1&nl=19&ul=22
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 4427c5e2fdc0fa78e7beccbffc1a98d22ddec6b6450c2aac6c5b3f7b4c0d273b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 1A88 2 KB
1 KB 129ms
129ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=1596678472&callback=OX_1596678472&ju=https%3A//www.onmsft.com/&jr=&auid=538677456&dims=1600x1200&adxy=697%2C1244&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1&nl=19%2C18&ul=22%2C103
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 6a398fd63bf59fe4fa771ebd6cc5ddf219507b4025f895bb61561a25532e2190

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame A282 2 KB
1 KB 97ms
96ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=6911574616&callback=OX_6911574616&ju=https%3A//www.onmsft.com/&jr=&auid=538683514&dims=1600x1200&adxy=428%2C2421&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=730x90&ifr=1&tws=1600x1200&mt=1&nl=20&ul=32
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 2c9ab30fecf4b50adb3b040f00a96d2e85604ef9e4040ad51bd1e3fa53ca2f99

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 119ms
119ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=728x90%7C997x123%7C970x250%7C970x180%7C970x90&scp=ad_group%3Dad_ex2%26rfr%3Dtrue%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26id%3D45a47d13-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%2C50%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452402&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=10&adk=993475243&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90&msz=980x90&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

9dd555f5fa6b6d5e1be00bfbabe9225ce94b1a247d7558295c5dcff107a6032b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2379
x-xss-protection: 1; mode=block
google-lineitem-id: 104135612
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 56493657212
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 131ms
130ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=300x250&scp=ad_group%3Dad_opt%26rfr%3Dtrue%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26id%3D45a47d14-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452410&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=1030&ady=727&adk=2829021588&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

1bb0840d84a61a4e6220d9438c74dd6551781839536d09f0d9da99489acc7fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2365
x-xss-protection: 1; mode=block
google-lineitem-id: 104135972
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 56493629132
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 219ms
217ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=300x250&scp=ad_group%3Dad_opt%26rfr%3Dtrue%26OOF%3Dfalse%26ppos%3Dbtf%26pos%3Dbtf%26id%3D45a47d15-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452416&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=697&ady=1951&adk=3744767740&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

7fb4025030b0dc6dd4f6fec4f7abd6d2fa66bd2f33772f5fac9bb4a25b08bb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2358
x-xss-protection: 1; mode=block
google-lineitem-id: 104135852
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 56493629852
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 200ms
199ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_opt%26OOP_type%3Dfooter%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d16-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452430&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=2127598883&uci=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

f1853e16925ee92c23d6be494cdefb0170a8867ffe9ce2ad05830a567fa77924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1338
x-xss-protection: 1; mode=block
google-lineitem-id: 4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257174434
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 250ms
249ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_opt%26OOP_type%3Dstitials%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d17-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452436&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=3506982411&uci=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

8a3812d51d17576e2c6a92b9167ac1915ff69b415b508f81b621fc8b4d6b0f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1341
x-xss-protection: 1; mode=block
google-lineitem-id: 4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256970531
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 295ms
295ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_opt%26OOP_type%3Dinpage%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d18-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452440&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=957215437&uci=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

629cdd16d3e6110ea1cd974b6537b785c86ebf16dfcdcea0c210e22527d58e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1609
x-xss-protection: 1; mode=block
google-lineitem-id: 4748685738
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239643365
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 361ms
361ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_opt%26OOP_type%3Dskin%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d19-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452446&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=1551954840&uci=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

b9f5e78832878595b6d63a5fe971afbc41020998bd7d2606c7a47e90efab918b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1337
x-xss-protection: 1; mode=block
google-lineitem-id: 4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256970540
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 393ms
392ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_bc%26OOP_type%3Dinline%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d1a-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452454&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=3000654692&uci=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

3520c6612351780c5f1b515bef3401db695a063e38595a5d9c2e30d4591a91de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1339
x-xss-protection: 1; mode=block
google-lineitem-id: 4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256924662
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 438ms
437ms XHR
text/javascript 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=97781355124541&correlator=692372221902235&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&adsid=NT&eid=21062420%2C21063335%2C21063401&vrg=319&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F4585%2Fns.onmsft%2Fhomepage&sz=1x1&ists=1&scp=ad_group%3Dad_opt%26OOP_type%3Dmasthead%26rfr%3Dtrue%26OOF%3Dfalse%26id%3D45a47d1b-4b08-11e9-ac4a-00259086cc16%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%26zc%3Dc57d027b98d8edbd345ae&eri=4&cust_params=url%3D%252F%26ref%3D%26gdpr%3D0%26zcp%3D563e864d2a29f4d1b423c%26cpid%3D92d7c10d76caaa612d973043dc655c69%26mop%3Dy%26amznslots%3D%26zc%3Dc593ff28-a0ff-46c1-b1b7-a84931f3c760%26p%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26zdbb%3D%26zdid%3D92d7c10d76caaa612d973043dc655c69%26p2%3D801189010%252C900001%252C900002%252C900003%252C6823%252C6825%252C6826%252C900009%252C900012%252C6829%252C900013%252C6831%252C900015%252C6833%252C6834%252C900019%252C900020%252C6837%252C900018%252C900017%252C6840%252C6841%252C6851%252C926188236%252C926188238%252C801188990%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3Dccdc53dcda4d070b%3AT%3D1553083451%3AS%3DALNI_MYyO7YhFrj_tZyfEeomUMmCckb2mw&cookie_enabled=1&bc=15&lmt=1553083452&dt=1553083452460&dlt=1553083450369&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=1199&adk=3940956861&uci=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.onmsft.com%2F&dssz=56&icsg=4487012509023424&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2835&msz=1x1&blev=1&bisch=1&ga_vid=81060519.1553083451&ga_sid=1553083451&ga_hid=479446684&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

29478c4973eef3a2af35ccfc81a109bad17769b8e45c3b6d4fd30968fb37d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1345
x-xss-protection: 1; mode=block
google-lineitem-id: 4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138256970447
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.onmsft.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 1A88 2 KB
1 KB 107ms
106ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?ai=4a24f3b2-55d1-4e6b-9522-d2c178ca417f&o=5916884618&callback=OX_5916884618&ju=https%3A//www.onmsft.com/&jr=&auid=538682177&dims=1600x1200&adxy=697%2C1334&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=303x250&ifr=1&tws=1600x1200&mt=1&nl=20%2C19&ul=32%2C91
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: b6ea80a09a8defe6293af2b749949c7dc38617e89b1d80e7de14e5a4046983aa

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A282 83 KB
31 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31822
x-xss-protection: 1; mode=block
server: cafe
etag: 2229521097763506342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
DATA 200
OK truncated
/ Frame A282 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1639331dc980369a62d357815dd4d7c3e6841338136298f5b11eb59c56dafdda

Request headers

Response headers

Content-Type: image/png

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame A282 198 KB
74 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame BB56 198 KB
74 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 ca-pub-8086391854971296.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame A282 68 B
176 B 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8086391854971296.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 20034
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 18:30:18 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190313/r20190131/ Frame D3A4 0
0 6ms
6ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190313/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190313/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 13 Mar 2019 13:30:43 GMT
expires: Wed, 27 Mar 2019 13:30:43 GMT
content-type: text/html; charset=UTF-8
etag: 1255180509436287879
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6616
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 599609
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame DB42 44 KB
13 KB 78ms
34ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194640332&placementId=104135612&pubCreative=56493657212&pubOrder=169870292&cb=99980053&adsafe_par&impId=45a47d13-4b08-11e9-ac4a-00259086cc16
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 04d7a30db57011415e5c5ec7be4978d8abdc5b5bdebda35304abfe3ce943e75d

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Content-Encoding: gzip
X-Server-Name: app40ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A7F3 83 KB
0 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31822
x-xss-protection: 1; mode=block
server: cafe
etag: 2229521097763506342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7F3 77 KB
0 55ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
DATA 200
OK truncated
/ Frame A7F3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e721392a59c82d36c3eef8aa8c3c852bcf54fcb041098fe6c0312cd1e173b331

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7F3 0
260 B 26ms
25ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstve0yxbwxVewMTLZZIAmAWL848eAZfODmbKA_s-zllDVo7S2EsAAhK3vvs94VuiO9qBmx-2f_xEz3bgS18fRVB-nudad9q8AmH7nqrHEgcz2MJeuYpQB9Dg6ajajfniXQZVdpmQMLfCw2t42UB3LjGv8Y6QZ7fnU91Y9HSihf2RrrgJYQX8TxIzeAL0fFGWn6kCh6ateTni_gBjW-v96ZRFzIls0EyWYvjFz84xUq3LF5z8vdK8zTfmW9LqDKfkg&sai=AMfl-YQZbreXVY0OgdpdHrMaCC5z2Qggxm15bXqG9ODJN8_35NB81mlbTQMF8IuUF0MOCg1tuvcBHON62ld7_NrivRWRoM4vklsjfIBY4d9kIw&sig=Cg0ArKJSzFT1LolAsuchEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 0C0E 44 KB
13 KB 81ms
35ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135972&pubCreative=56493629132&pubOrder=169870292&cb=1530908613&adsafe_par&impId=45a47d14-4b08-11e9-ac4a-00259086cc16
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 53baa3be5c1df9e9d1f64164c22a82aa400e87ac173cd3f36d83dcbec53843e8

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Content-Encoding: gzip
X-Server-Name: app22ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E134 83 KB
0 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31822
x-xss-protection: 1; mode=block
server: cafe
etag: 2229521097763506342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E134 77 KB
0 55ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
DATA 200
OK truncated
/ Frame E134 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83833127f62a9d798191effd89f16efb580d220dc199814a149e0e136f97d169

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E134 0
54 B 25ms
24ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFWT-99PUjhIMV5pIPidRpDuDX4T-LdVKJZ1mGvEY6jSgvAmFF3ydFtf0T-0e8CDjUxJZfOyaR3XWxhaBfmBod3t9DhAsWz8PtqxmqLSLGr9stR999l4R460i47LHc3ui0uV7UZzMXQ7eWtIxadgbRmwZb_xaMxJUj4W4fqYd81PPVMDGNgDSwGE8D-P_bcdQ8dERIpaVeLCKc8Tyi8JVrt0NUjW636-L9lGhL6RzSN742UWEAQu9egs4buK1X5w&sai=AMfl-YSTn6q14EOxQxtvn-T4fx7LmVpR7eFacFczILklroDDPeQis70j1PvEM36g6Cqo6oCTzai_MbOfxTudPannYzD8u1n-kykVgq5FAKe6SA&sig=Cg0ArKJSzGHrtlNaWrtbEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A7F3 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A7F3 109 B
171 B 21ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame A7F3 198 KB
74 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 2015 198 KB
74 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 ca-pub-8086391854971296.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame A7F3 68 B
0 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8086391854971296.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 20034
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 18:30:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1A88 83 KB
0 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31822
x-xss-protection: 1; mode=block
server: cafe
etag: 2229521097763506342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

POST
H2 200 pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV Show response
chickensstation.com/v2/0/ 291 B
644 B 397ms
346ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2d2a060a64da88a895dffb66079a579511c5428685814d177b4a3374505712b5

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: lisa
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 291
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E134 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E134 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame E134 198 KB
74 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 29E3 198 KB
74 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 ca-pub-8086391854971296.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame E134 68 B
0 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8086391854971296.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 20034
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 18:30:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1A88 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1A88 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 1A88 198 KB
74 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 4D21 198 KB
74 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 ca-pub-8086391854971296.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 1A88 68 B
0 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8086391854971296.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 20034
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 18:30:18 GMT

GET
DATA 200
OK truncated
/ Frame 58E3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95621724cadde651b769e30db9851e7187cbb89f8c863c1e1f83845c89928b9a

Request headers

Response headers

Content-Type: image/png

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 58E3 826 B
924 B 8ms
6ms Image
image/gif 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Mar 2019 00:45:22 GMT
x-content-type-options: nosniff
server: cafe
age: 386330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 00:45:22 GMT

GET
H2 200 view%3Fxai%3DAKAOjsvaiEPQlspNHJP2GNlfh9LUizCBOi3tjCvBzQLsCa_caKuM1SeZXvaI43_NOe4UWJrYla5nDuUG2DSj_vqBeu8Y2A_cLdT52onFOw4r7hqV-ENcdkRXaOY4FLYtuteY2xXRhO1DgEZ57vgLoO4577gvZMl_pznDmrR-HmWnxSsEENhz-7zP...
securepubads.g.doubleclick.net/pcs/ Frame 58E3 0
135 B 26ms
24ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvaiEPQlspNHJP2GNlfh9LUizCBOi3tjCvBzQLsCa_caKuM1SeZXvaI43_NOe4UWJrYla5nDuUG2DSj_vqBeu8Y2A_cLdT52onFOw4r7hqV-ENcdkRXaOY4FLYtuteY2xXRhO1DgEZ57vgLoO4577gvZMl_pznDmrR-HmWnxSsEENhz-7zPp8rPRK4Xmzl86V_tQflJrgI6eU9hi4lgsym4x5sknhtYDaJpmSjdEmyGiZyZhcoz1nCbass4wATMMYk%26sai%3DAMfl-YSkyG2kXRfUkx7302S2muLq9s4WUvcaDdAxX1-WyLZQI0XYYV5epixsU0h04qTcNQFu_1nAo5ncc1ehnRfXXf-rYz7m8QBq17Ffg3Cu0w%26sig%3DCg0ArKJSzIAfovvp_dv1EAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 8098 44 KB
13 KB 27ms
27ms Script
application/javascript 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135852&pubCreative=56493629852&pubOrder=169870292&cb=97435896&adsafe_par&impId=45a47d15-4b08-11e9-ac4a-00259086cc16
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b5db45a5510db255ceee681dff1a49ca904473e957517f90d68989f13f342662

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:12 GMT
Content-Encoding: gzip
X-Server-Name: app22ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5AC6 83 KB
0 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31822
x-xss-protection: 1; mode=block
server: cafe
etag: 2229521097763506342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AC6 77 KB
0 55ms
42ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:11 GMT

GET
DATA 200
OK truncated
/ Frame 5AC6 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e49d10f41c761ec3c5a131424cab5ccab1670b7cc5b587240b4071a2769354a4

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5AC6 0
63 B 24ms
23ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWAb7YrafNVlAuNjN6WzzmnRof_T03ekij_D3yT1C3LNO7GMgzz6EzBfUrGENc1WYiC7_AsZqSWQQVAmVKGZIkLiHOC73NbHitQSyMxR1c9d4y8rDplvZINP3VJz-jrCCLPsaamzju65BsAMIOpkf-sPqiHPz8WCo5k0XeJCRF7mb-LOBQK3AMHu9ULRj19EAuwCbi8h4P-S7M-vYhbN6arg33byx9WPvtFFb5RSVDN5DYHqWHuIDCjTo1WLSWgA&sai=AMfl-YQ3YPMkD0KXuSIE0e3Bf_8adV8gFu05oXrrcoYgQO2OJGDd8OvNrl_08mrun8yHqFM4QXUILb9Yi0RfWWh0WlShVxcyr_TrtFF7pwNDEw&sig=Cg0ArKJSzGK7C4JCxu7GEAE&urlfix=1&adurl=

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 8AA2 826 B
891 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Mar 2019 00:45:22 GMT
x-content-type-options: nosniff
server: cafe
age: 386330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 00:45:22 GMT

GET
DATA 200
OK truncated
/ Frame 8AA2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e67eca7afeaaacc4816cc5d81d1a97a8493ff646c524da006e1df38b7d428a3a

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view%3Fxai%3DAKAOjsuB6xKnWcBgFnmM7PYCPDzDwHkAXvy61XQciZoeYi4ujOKGph2-mAC3Vlh8itrFxRpGvX78ww2jpbz_bbNSWGSg9rWRfql3Y7rAFC6QUE81TAuPF9B32t96Tne-B1jSZH6kOWEsqoBZpIs9GB7eC2ZU70DwWkTV79VEWhMLPd6gMlZd9wOg...
securepubads.g.doubleclick.net/pcs/ Frame 8AA2 0
63 B 31ms
26ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuB6xKnWcBgFnmM7PYCPDzDwHkAXvy61XQciZoeYi4ujOKGph2-mAC3Vlh8itrFxRpGvX78ww2jpbz_bbNSWGSg9rWRfql3Y7rAFC6QUE81TAuPF9B32t96Tne-B1jSZH6kOWEsqoBZpIs9GB7eC2ZU70DwWkTV79VEWhMLPd6gMlZd9wOgPwelAkjDq0yQiBmOjUkbcQpcFabRWKy9iATs7E3Ecc-VhM6qxhX4RFsU3uTGrzXhcXItHPU6nsnYeqM%26sai%3DAMfl-YQrCuPMFXuHTqjXS6_3ULX5eb65sL5aNjfr1vQX4vdTSRs52YjQO_9Lsyd9-HaPq9CwBOh_e1hJVUMLkY7H5wfdc3EfsN2FfpnucgOo8A%26sig%3DCg0ArKJSzOlGy87z8mDmEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 65C5 0
0 222ms
216ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2923964143&adf=2092899799&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452522&bpp=27&bdt=976&fdt=266&idt=264&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=4&pv=2&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=1181580628&ga_fc=0&iag=3&icsg=2862962090&nhd=1&dssz=33&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2511&biw=1585&bih=1200&isw=730&ish=90&ifk=1199908482&scr_x=0&scr_y=0&eid=21060853%2C21063246&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.z7z4ad39tr56&fsb=1&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=2923964143&adf=2092899799&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452522&bpp=27&bdt=976&fdt=266&idt=264&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=4&pv=2&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=1181580628&ga_fc=0&iag=3&icsg=2862962090&nhd=1&dssz=33&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2511&biw=1585&bih=1200&isw=730&ish=90&ifk=1199908482&scr_x=0&scr_y=0&eid=21060853%2C21063246&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=2&uci=2.z7z4ad39tr56&fsb=1&dtd=332
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnnOcIEgwkkHThFKIA-oDoB7uYtjYZumlQVpA-bG4FcBDB2t3Fh3j3kZ_VC; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Mar 2019 12:04:13 GMT
server: cafe
content-length: 328
x-xss-protection: 1; mode=block
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Wed, 20 Mar 2019 12:04:13 GMT
cache-control: private

GET
DATA 200
OK truncated
/ Frame 1A88 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c06e56ba07aa9fb8a6c5ad240497295424b1e0cfd3b42c0fb1b36c8144324cd

Request headers

Response headers

Content-Type: image/png

GET
H2 200 tag Show response
a.teads.tv/page/43599/ Frame 7D15 861 B
782 B 210ms
107ms Script
application/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/43599/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 013d243a4a521e526eed45518989a2d6037b3790273997b76dd3dd5de76891c7

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 516
expires: Wed, 20 Mar 2019 13:04:13 GMT

GET
DATA 200
OK truncated
/ Frame 7D15 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba328aa7721b56ec30820212c5bc567ecca0deb07f02a5662fc9409ef85cb5d

Request headers

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5AC6 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5AC6 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 5AC6 198 KB
74 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/ Frame 13F4 198 KB
74 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 75582
x-xss-protection: 1; mode=block
server: cafe
etag: 12822828111139054337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:04:12 GMT

GET
H2 200 ca-pub-8086391854971296.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 5AC6 68 B
0 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8086391854971296.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 20034
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 18:30:18 GMT

GET
H/1.1 200
OK main.17.4.178.js Show response
static.adsafeprotected.com/ Frame DB42 153 KB
49 KB 88ms
26ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.178.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=728x90&pubId=53576252&chanId=194640332&placementId=104135612&pubCreative=56493657212&pubOrder=169870292&cb=99980053&adsafe_par&impId=45a47d13-4b08-11e9-ac4a-00259086cc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2d90ad9018fcaf71b7bfa876f1b5051a67b17986918b9fb8779e0e6a6dc438e9

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 20:01:35 GMT
X-Server-Name: app09ami.ami.303net.pvt
ETag: "5c914a9f-c134"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49460
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.17.4.178.js Show response
static.adsafeprotected.com/ Frame 0C0E 153 KB
49 KB 82ms
30ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.178.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135972&pubCreative=56493629132&pubOrder=169870292&cb=1530908613&adsafe_par&impId=45a47d14-4b08-11e9-ac4a-00259086cc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2d90ad9018fcaf71b7bfa876f1b5051a67b17986918b9fb8779e0e6a6dc438e9

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 20:01:35 GMT
X-Server-Name: app11ami.ami.303net.pvt
ETag: "5c914a9f-c134"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49460
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame EC4E 826 B
0 7ms
6ms Image
image/gif 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 16 Mar 2019 00:45:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
age: 386330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 00:45:22 GMT

GET
DATA 200
OK truncated
/ Frame EC4E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5d9f2de55b76b878c939dbd83e915affd493d93985bb6585877baaabe7c3d2f

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view%3Fxai%3DAKAOjsvMyDjw05rnZbe8lVcrq1dT9cum4Mpdj5P7YLu7s46Z9DQug1Vmi5bHcSyx4tWOmWBOOecouzTk-tRLJtlK7C1LzXd11tcBVkCmCFb3Oxn_ORXGEAkmCxq1MWDEND1uKllLmjLvtnVHX3mdJ_xSz99auJeXt7wZo3H28NNS8opaSfMoppOh...
securepubads.g.doubleclick.net/pcs/ Frame EC4E 0
158 B 26ms
23ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvMyDjw05rnZbe8lVcrq1dT9cum4Mpdj5P7YLu7s46Z9DQug1Vmi5bHcSyx4tWOmWBOOecouzTk-tRLJtlK7C1LzXd11tcBVkCmCFb3Oxn_ORXGEAkmCxq1MWDEND1uKllLmjLvtnVHX3mdJ_xSz99auJeXt7wZo3H28NNS8opaSfMoppOhjwZPNhFnWP7wEh-4UT8HVi552712yL11th6_KSR0CQ0jjXcuhbB31xGF1ApJgnnMc-mK4oukIeIWUCk%26sai%3DAMfl-YS0C0ljUjfdFnU-UlWlczNYT-vPw_TVAPVL2itsRYLWI8egSd666ojYj_J3WoZPjAz1PDg9uvT2Ft8JlkOS1iHMTS8Oj506Y--oDtfHqA%26sig%3DCg0ArKJSzCPIWki3-UhDEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 42AF 826 B
0 7ms
6ms Image
image/gif 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 16 Mar 2019 00:45:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
age: 386330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 00:45:22 GMT

GET
DATA 200
OK truncated
/ Frame 42AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b487f49725be2b189de4d207c798e71188af39eca9244369c03a5ca463cd24af

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view%3Fxai%3DAKAOjsvOgrO1IAvNWUtOsmQ3y9XPDIjwTOKDjzQfa5CFKHDrXY7PVFarRDkZJK7phecs2XcuX2SzYB_aAkzsCGLwqKw7dqZSgC3qYF1WXmNiMhL3aJ1hH_pTbTJZumeZ7Vvt7YGXAUctSvlbiqbRXsNbEiKoVpN6-xjEUS3c6GJB3keWeA2vSp8G...
securepubads.g.doubleclick.net/pcs/ Frame 42AF 0
63 B 24ms
22ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvOgrO1IAvNWUtOsmQ3y9XPDIjwTOKDjzQfa5CFKHDrXY7PVFarRDkZJK7phecs2XcuX2SzYB_aAkzsCGLwqKw7dqZSgC3qYF1WXmNiMhL3aJ1hH_pTbTJZumeZ7Vvt7YGXAUctSvlbiqbRXsNbEiKoVpN6-xjEUS3c6GJB3keWeA2vSp8G5pfvJLRa0Q6IauPbh8Rs5oQs-KtX7T4EAg2c6ZVuRP_iKElZWREf52mdfMNLx8cmeN2rf9usCGmu33s%26sai%3DAMfl-YQuW3O3IPeQUtJjIxIqMOJyGKgTWbvzYJZTv8wrGq4g4nRgOR-opsd10_nNmW2eiWJMkDUM_2GlDumAMVGNaCTjdNy9ctxlKviboggvgA%26sig%3DCg0ArKJSzBuER9j7GOejEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame 393C 826 B
0 7ms
6ms Image
image/gif 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKC70MzDaRABGAEyCOIsQc-mesrW

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 16 Mar 2019 00:45:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
age: 386330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 826
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 00:45:22 GMT

GET
DATA 200
OK truncated
/ Frame 393C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: facce429d2aff28599cb05b83cb86da97858939b7d6da5d2074c0f0de0cfa5b8

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view%3Fxai%3DAKAOjsvTEfAHi10C-XfjNogkKCPd07vEyWZy0VS5XsNrsOHoTzl0sHPkEL06e50NNNHWQ5Cu-SG3kUY9ZGr6qVp97NgscqA8pm2tEIIQb4TP7c2tkw6QweXuEp3lVZGQdhIHrbJtEho0vf8f0SeGrIQi29pc8mWW6L-vBk2ptklR2XZueljvMItj...
securepubads.g.doubleclick.net/pcs/ Frame 393C 0
63 B 26ms
26ms Image
image/gif 64.233.167.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvTEfAHi10C-XfjNogkKCPd07vEyWZy0VS5XsNrsOHoTzl0sHPkEL06e50NNNHWQ5Cu-SG3kUY9ZGr6qVp97NgscqA8pm2tEIIQb4TP7c2tkw6QweXuEp3lVZGQdhIHrbJtEho0vf8f0SeGrIQi29pc8mWW6L-vBk2ptklR2XZueljvMItjlzyIWP4yk2cNdAeSDWVD4qsd38Wg3lcvQj8kU1hCy0LTbU-LOcnKVfpcxBkiblFmJNtj5zaPIZ4aEco%26sai%3DAMfl-YQOhXIxLhDCWv05md3mKoX2fTNT3ZxoSlNdkyoTdbE4DfrCF17kvX7kOhfVbyz90T3BZaQOSc4SFocMmZRq-TMoTZSiv3sDE36OT3apbA%26sig%3DCg0ArKJSzKZ-dcKuknOJEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 94EB 0
0 265ms
265ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417941&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452664&bpp=16&bdt=83&fdt=479&idt=478&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=599482970.1553083453&ga_sid=1553083453&ga_hid=1665191674&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=727&biw=1585&bih=1200&isw=300&ish=250&ifk=1441198204&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.wn556bgb7vrh&fsb=1&dtd=490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417941&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452664&bpp=16&bdt=83&fdt=479&idt=478&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=599482970.1553083453&ga_sid=1553083453&ga_hid=1665191674&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=727&biw=1585&bih=1200&isw=300&ish=250&ifk=1441198204&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.wn556bgb7vrh&fsb=1&dtd=490
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnnOcIEgwkkHThFKIA-oDoB7uYtjYZumlQVpA-bG4FcBDB2t3Fh3j3kZ_VC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Mar 2019 12:04:13 GMT
server: cafe
content-length: 17333
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E134 75 KB
27 KB 48ms
43ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H/1.1 200
OK main.17.4.178.js Show response
static.adsafeprotected.com/ Frame 8098 153 KB
49 KB 22ms
21ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.178.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135852&pubCreative=56493629852&pubOrder=169870292&cb=97435896&adsafe_par&impId=45a47d15-4b08-11e9-ac4a-00259086cc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 2d90ad9018fcaf71b7bfa876f1b5051a67b17986918b9fb8779e0e6a6dc438e9

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 20:01:35 GMT
X-Server-Name: app11ami.ami.303net.pvt
ETag: "5c914a9f-c134"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 49460
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 870C 0
0 200ms
198ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=1224415319&adf=3279755404&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452603&bpp=12&bdt=49&fdt=586&idt=585&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=285441266.1553083453&ga_sid=1553083453&ga_hid=813440184&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=10&biw=1585&bih=1200&isw=980&ish=90&ifk=2510551254&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=1&uci=1.uk9f9j5jeuuc&fsb=1&dtd=599

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=90&slotname=4432410839&adk=1224415319&adf=3279755404&w=728&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1553083452603&bpp=12&bdt=49&fdt=586&idt=585&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=285441266.1553083453&ga_sid=1553083453&ga_hid=813440184&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=10&biw=1585&bih=1200&isw=980&ish=90&ifk=2510551254&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=2884689183&ifi=1&uci=1.uk9f9j5jeuuc&fsb=1&dtd=599
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnnOcIEgwkkHThFKIA-oDoB7uYtjYZumlQVpA-bG4FcBDB2t3Fh3j3kZ_VC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Mar 2019 12:04:13 GMT
server: cafe
content-length: 325
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7F3 75 KB
27 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1B13 0
0 232ms
229ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=60&slotname=6607148033&adk=718502040&adf=2462778810&w=303&fwrn=3&fwrnh=100&lmt=1553083453&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=303x60&url=https%3A%2F%2Fwww.onmsft.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553083452693&bpp=19&bdt=1310&fdt=542&idt=541&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=21&ife=4&pv=1&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=806096007&ga_fc=0&iag=3&icsg=45812635050&nhd=1&dssz=37&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1334&biw=1585&bih=1200&isw=303&ish=250&ifk=650745855&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=148&bc=15&osw_key=2408649076&ifi=2&uci=2.r3fqift7037z&fsb=1&xpc=bXETxvwOKd&p=https%3A//www.onmsft.com&dtd=552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=60&slotname=6607148033&adk=718502040&adf=2462778810&w=303&fwrn=3&fwrnh=100&lmt=1553083453&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=303x60&url=https%3A%2F%2Fwww.onmsft.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553083452693&bpp=19&bdt=1310&fdt=542&idt=541&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=21&ife=4&pv=1&ga_vid=81060519.1553083451&ga_sid=1553083452&ga_hid=806096007&ga_fc=0&iag=3&icsg=45812635050&nhd=1&dssz=37&mdo=0&mso=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1334&biw=1585&bih=1200&isw=303&ish=250&ifk=650745855&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=148&bc=15&osw_key=2408649076&ifi=2&uci=2.r3fqift7037z&fsb=1&xpc=bXETxvwOKd&p=https%3A//www.onmsft.com&dtd=552
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnnOcIEgwkkHThFKIA-oDoB7uYtjYZumlQVpA-bG4FcBDB2t3Fh3j3kZ_VC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Mar 2019 12:04:13 GMT
server: cafe
content-length: 327
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 695 KB
184 KB 56ms
53ms Script
text/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/43599/tag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e76814816ed63ba7cc471bd2d4b44c0aa7998f4d2d2baf9aae33ea36c88c1b71

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 15:14:39 GMT
x-amz-request-id: 1CBF5F2CECDE950C
etag: "152c1b528e7b3b50354170ac304a46e4"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=600
x-bucket: 3
accept-ranges: bytes
content-length: 187878
x-amz-id-2: gzVTBd6kfCbP4K/suXdQE1FB4de4+88kSreXOk76Ri1e+BrrkZFDStrI2w4tIr/VQKwyNI5yo4Y=
expires: Wed, 20 Mar 2019 12:14:13 GMT

POST
H2 200 suaglat8U1SIA9RYkM6pQEuRxCNQp0xvFnycNg4ppykhvQmZ3gBDoEPjyEFyIF11L6LHhHU Show response
chickensstation.com/v2/0/ 44 KB
11 KB 32ms
32ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/suaglat8U1SIA9RYkM6pQEuRxCNQp0xvFnycNg4ppykhvQmZ3gBDoEPjyEFyIF11L6LHhHU
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1aa10cc4247add4f4fe1e5de8f43f622ed414a0fb1f6c88180ca66e0d7890a43

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-hostname: lisa
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 98E3 0
0 32ms
27ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452; Version=1; Expires=Thu, 19-Mar-2020 12:04:13 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083453|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:13 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:13 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 8705 0
0 42ms
31ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452; Version=1; Expires=Thu, 19-Mar-2020 12:04:13 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083453|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:13 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:13 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 74DA 0
0 36ms
31ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=70e3ec84-4f1b-712e-8920-dd306ccfacf7|1553083452; Version=1; Expires=Thu, 19-Mar-2020 12:04:13 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083453|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:13 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:13 GMT
content-type: text/html
content-encoding: gzip

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 5332 81 KB
20 KB 30ms
17ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app11ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 26ms
24ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=728x90&pubId=53576252&chanId=194640332&placementId=104135612&pubCreative=56493657212&pubOrder=169870292&cb=99980053&adsafe_par&impId=45a47d13-4b08-11e9-ac4a-00259086cc16&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:2f6ed85a-bb21-defa-e92c-641fd9bf85d2,c:7p1k2G,sl:inView,em:true,fr:true,mn:app40ami,pt:1-5-15,wc:0.0.1600.1200,ac:303.10.980.90,am:i,cc:303.10.980.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b1|1b2|1b31|1b4|1c|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,pl:,rend:1,renddet:DIV.qs.sn,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:656,oid:46808559-4b08-11e9-9e8f-70106fb72bb0,v:17.4.178,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:13 GMT
X-Server-Name: app22ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 47ms
43ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135972&pubCreative=56493629132&pubOrder=169870292&cb=1530908613&adsafe_par&impId=45a47d14-4b08-11e9-ac4a-00259086cc16&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:d58a6fd8-9313-9210-da24-c7b53975c5c4,c:7p1k4y,sl:inView,em:true,fr:true,mn:app22ami,pt:1-5-15,wc:0.0.1600.1200,ac:1030.727.300.250,am:i,cc:1030.727.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rlg7Tqd+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,pl:,rend:1,renddet:DIV.qs.sn,rmeas:1,es:0,sc:0,ha:1,gm:1,tt:jload,thd:1,et:757,oid:468392aa-4b08-11e9-91f1-00259086ccce,v:17.4.178,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:13 GMT
X-Server-Name: app22ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame EBBF 0
0 203ms
196ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417943&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452915&bpp=24&bdt=183&fdt=814&idt=813&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=780071776.1553083454&ga_sid=1553083454&ga_hid=1942206968&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1951&biw=1585&bih=1200&isw=300&ish=250&ifk=3111486697&scr_x=0&scr_y=0&eid=21060853%2C21061796%2C370204057&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.kfzqd5kpn8bl&fsb=1&dtd=841

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8086391854971296&output=html&h=250&slotname=6415344831&adk=1240525668&adf=2751417943&w=300&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1553083452915&bpp=24&bdt=183&fdt=814&idt=813&shv=r20190313&cbv=r20190131&saldr=aa&correlator=6686287006664&frm=23&ife=5&pv=1&ga_vid=780071776.1553083454&ga_sid=1553083454&ga_hid=1942206968&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=697&ady=1951&biw=1585&bih=1200&isw=300&ish=250&ifk=3111486697&scr_x=0&scr_y=0&eid=21060853%2C21061796%2C370204057&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=15&osw_key=1941885338&ifi=1&uci=1.kfzqd5kpn8bl&fsb=1&dtd=841
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 Mar 2019 12:04:13 GMT
server: cafe
content-length: 328
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Mar-2019 12:19:13 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Wed, 20 Mar 2019 12:04:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AC6 75 KB
0 41ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190313/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 20 Mar 2019 12:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,600

Requested by

Host: dapperfloor.com
URL: https://dapperfloor.com/v2/0/kjdJnZdNRlzJdUoIkbWgU7zdJTU6IyYLJ6nr_FJRINthPn9lVlycg3oy77Bl-0O5Y670mDVKK8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 20 Mar 2019 12:04:13 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 20 Mar 2019 12:04:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H/1.1 200
OK sca.17.4.95.js Show response
static.adsafeprotected.com/ Frame 8D68 81 KB
20 KB 26ms
23ms Script
application/javascript 199.166.0.32
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.95.js
Requested by: Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.32 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.static.adsafeprotected.com
Software: nginx /
Resource Hash: 149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 20 Mar 2019 12:04:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name: app11ami.ami.303net.pvt
ETag: "5b293b6b-4fda"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 20442
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
309 B 24ms
23ms Image
image/gif 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=7529&campId=300x250&pubId=53576252&chanId=194640332&placementId=104135852&pubCreative=56493629852&pubOrder=169870292&cb=97435896&adsafe_par&impId=45a47d15-4b08-11e9-ac4a-00259086cc16&adsafe_url=https%3A%2F%2Fwww.onmsft.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:f2f3982f-cd45-36df-de41-0f4d1860e362,c:7p1k8h,sl:outOfView,em:true,fr:true,mn:app22ami,pt:1-5-15,wc:0.0.1600.1200,ac:704.1951.300.250,am:i,cc:704.1951.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rlg7TtH+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a1|1a2|1a31|1a4|1a5|1b1|1b2|1b311|1b4|1c|1d*.7529|1d1|1d2|1d31|1e|1f|1g|1h|1i,idMap:1d*,pl:,rend:1,renddet:DIV.qs.sn,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:773,oid:469656b6-4b08-11e9-91f1-00259086ccce,v:17.4.178,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:13 GMT
X-Server-Name: app22ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 298ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1k8z,pingTime:0,time:1020,type:pf,im:{pBlk:729,pLoad:954},clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1020,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[526~100],as:[526~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b1|1b2|1b31|1b4|1c|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt72.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 291ms
91ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1k9C,pingTime:0,time:1071,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:1071,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[336~100],as:[336~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt14.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A7F3 42 B
112 B 20ms
14ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpZ3TflgAV6LpM4mB8vr-csw_3pGQ1pCjhsSUYdWahUki5zxfROh6JT0kQCn3ZYY9ToVUz8rB82k9rGP2XXa2U5astBeADa7DKFr4&sig=Cg0ArKJSzFih7z3agXuQEAE&adk=993475243&tt=2173&bs=1585%2C1200&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&p=10,303,100,1283&sbeos=0&mcvt=1127&rs=3&ht=0&tfs=1065&tls=2192&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553083452575&rpt=0&isd=0&msd=0&lm=2&phel=0&phell=0&oseid=3&xdi=0&ps=1585%2C2756&ss=1600%2C1200&pt=36&deb=1-2-11-22-13-36-96-11&tvt=2179&r=v&id=osdim&vs=4&uc=4&upc=1&tgt=INS&cl=1&cec=10&clc=1&cac=0&cd=728x90&v=20190313

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E134 42 B
112 B 22ms
14ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdlpb_NT-HYYqDgT5tJrjQxlabgsTPVIhankMYtYE-XsAIYRik8Il3WV4t9BIqH7SHA1Ha2Yc5q1PTGc9o1W2EsdGr6T3nopxAznc&sig=Cg0ArKJSzAjscelduohjEAE&adk=2829021588&tt=2173&bs=1585%2C1200&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&p=727,1030,977,1330&mcvt=1127&rs=3&ht=0&tfs=1065&tls=2192&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553083452596&rpt=0&isd=0&msd=0&lm=2&phel=0&phell=0&oseid=3&xdi=0&ps=1585%2C2756&ss=1600%2C1200&pt=36&deb=1-2-11-22-13-36-96-11&tvt=2179&r=v&id=osdim&vs=4&uc=4&upc=1&tgt=INS&cl=1&cec=10&clc=1&cac=0&cd=300x250&v=20190313

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 1A88 41 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/rum.js

Requested by

Host: www.onmsft.com
URL: https://www.onmsft.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8d547ee98c94f1f078bf80c1cc650fe7dd0cf72b2f10d39d6e5325df39994761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:14:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 15935
x-xss-protection: 1; mode=block
server: cafe
etag: 15394513802682186313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:14:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 8431 0
0 27ms
26ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453; Version=1; Expires=Thu, 19-Mar-2020 12:04:14 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083454|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:14 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:14 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame AC64 0
0 23ms
19ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453; Version=1; Expires=Thu, 19-Mar-2020 12:04:14 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083454|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:14 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:14 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 6B08 0
0 21ms
19ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: https://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
vary: Accept
set-cookie: i=82259d21-6ed4-4977-b206-286446824c04|1553083453; Version=1; Expires=Thu, 19-Mar-2020 12:04:14 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553083454|gu; Version=1; Expires=Thu, 04-Apr-2019 12:04:14 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Mar 2019 12:04:14 GMT
content-type: text/html
content-encoding: gzip

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 202ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1kbx,pingTime:-2,time:1204,type:a,im:{sf:0,pom:1,prf:{beA:382,beZ:386,mfA:861,cmA:862,inA:862,inZ:883,prA:883,prZ:958,si:1039,poA:1040,bl:1111,poZ:1112,cmZ:1112,mfZ:1112,loA:1405,loZ:1408,ltA:1586,ltZ:1586,mdA:391,mdZ:493}},sca:{dfp:{df:4,sz:980.90,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1205,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[711~100],as:[711~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1,slid:[google_ads_iframe_/4585/ns.onmsft/homepage_0,google_ads_iframe_/4585/ns.onmsft/homepage_0__container__,nsgpt-billboard-1,zd-leaderboard],sinceFw:546,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt72.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 232ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kc2,pingTime:-2,time:1221,type:a,im:{sf:0,pom:1,prf:{beA:371,beZ:372,mfA:1096,cmA:1097,inA:1097,inZ:1106,prA:1106,prZ:1122,si:1128,poA:1128,poZ:1128,cmZ:1128,mfZ:1128,loA:1444,loZ:1445,ltA:1591,ltZ:1591,mdA:373,mdZ:471}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:1221,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[486~100],as:[486~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1,slid:[google_ads_iframe_/4585/ns.onmsft/homepage_1,google_ads_iframe_/4585/ns.onmsft/homepage_1__container__,nsgpt-rectangle-1],sinceFw:462,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt14.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 200 pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV Show response
chickensstation.com/v2/0/ 289 B
371 B 26ms
26ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: aa409659631881863c74feef8699c44bbda4caa64d99c97635f93f7eb5fcbd30

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Mar 2019 12:04:14 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: lisa
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 289
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,600
Origin: https://www.onmsft.com

Response headers

date: Fri, 08 Mar 2019 23:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 994814
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13944
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:44:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 116ms
94ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=f2f3982f-cd45-36df-de41-0f4d1860e362&tv={c:7p1kei,pingTime:-2,time:1145,type:a,im:{sf:0,pom:1,prf:{beA:433,beZ:435,mfA:1190,cmA:1190,inA:1190,inZ:1193,prA:1193,prZ:1202,si:1205,poA:1205,poZ:1214,cmZ:1214,mfZ:1214,loA:1374,loZ:1375,ltA:1574,ltZ:1574,mdA:435,mdZ:459}},sca:{dfp:{df:4,sz:300.250,dom:body}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:772}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:1145,n:0,pp:0,pm:0},slEvents:[{sl:o,t:772,wc:0.0.1600.1200,ac:704.1941.300.250,am:i,cc:704.1941.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[386~0],as:[386~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rlg7Tqd+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a1|1a2|1a31|1a4|1a5|1b.7529|1b1|1b2|1b311|1b4|1c|1d*.7529|1d1|1d2|1d31|1e|1f|1g|1h|1i,idMap:1d*,rend:1,renddet:DIV.qs.sn,rmeas:1,slid:[google_ads_iframe_/4585/ns.onmsft/homepage_2,google_ads_iframe_/4585/ns.onmsft/homepage_2__container__,nsgpt-rectangle-2],sinceFw:369,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt62.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 204 csi
csi.gstatic.com/ Frame 1A88 0
202 B 910ms
290ms Other
image/gif 2404:6800:4005:80f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~jth5sf05&chm=1&ctx=2&gqid=OyySXL7oJdT1bvvtn9gE&qqid=CLu-w9vWkOECFYcYGwodMZMBwQ&met.9=1.z~2.5u&met.4=fb.f4~lb.111~ol.1yr~idt.c3~dt.69&met.3=155.ft_j~157.ja_1~143.j9_3~132.k3~132.ka_1~132.m1~132.m1~157.m5_1~143.m4_3~129.n9~157.p2~143.p2_1~132.p2~132.p2~132.ru~132.ru~157.rv~143.rv_1~129.uk~157.uv~143.uv_1~132.uw~132.uw~157.107~143.106_1~132.129~132.129~132.15a~197.15d~123.15c_1~129.17a~157.1ah_1~143.1ag_1~132.1ak~118.1ak~132.1ak~118.1ak~197.1e1~132.1fb~118.1fb_1~132.1fc~132.1fd~118.1fd~326.f1~161.f1~159.f0_t~160.ft~132.1ga~118.1ga~157.1gv~157.1gv~143.1gu_2~132.1gx~118.1gx~129.1gy~132.1hc~118.1hd~197.1he~168.hd~168.hd~168.hd~168.hd~132.1i2~118.1i2~132.1i2~132.1id~118.1id~132.1iy~118.1iy~197.1ve~157.1wo~157.1wp~143.1wo_2~132.1y3~118.1y3~132.1y3~154.1yq~117.1yr~129.21b~132.21c~118.21d~132.21d~132.22b~118.22c~132.22f~118.22g~132.22g~132.22l~118.22l~197.22l~168.126~168.126~168.126~168.126~132.23d~118.23d~132.23d~168.12z_5~168.134~168.134~168.134~132.23m~118.23m~132.23m~157.23y~157.23z~143.23y_1~153.25k~132.25z~118.25z~157.28h~157.28h~140.26g_22~141.26g_22~132.296~118.296~132.297~118.297~132.297~132.29f~118.29g~168.19x~168.19x~168.19x~168.19x~132.2c0~118.2c0~129.2cs~132.2cu~118.2cv~132.2cv_9~118.2d4~113.2dc_4~112.2da_6~157.2dp~157.2dp~143.2do_1~132.2dz~118.2dz~132.2es~118.2es&met.1=1.jth5scmv~14.0~15.0~16.0~17.0~18.0~19.0~20.1ym~21.1yr~22.19n~23.19n&met.7=CA0QChgBIAkoCTAJaAlwCYABnlSIAfaBArABAbgBAQ~CA4QChgBICUoJTCFAThgaEhwZ3jWywOAAeTKA4gByPwJsAEBuAED~CDAQBxgBICcoJzCCAThbaFpwbniyAYABbIgBcbABAbgBAw~CCoQChgBICgoKDC_ATiXAQ~CCIQBhgBICwoLDCDAThXaF5wfniGArABAbgBAw~CA8QChgBIOQBKOQBMNsDOPgBaOUBcNsDeNkTgAH5EogB2SewAQG4AQM~CCwQChgBIOQBKOQBMP8BOBto5QFw-wF4_8YBgAGxxgGIAaiUBLABAbgBAw~CBsQCiCgBDg_~CCoQChgBIKIEKKIEMKIE~CCIQBhgBIKMEKKMEML0EOBtopARwvQR4OLABAbgBAw~CBsQCiDpBTiOAQ~CBsQCiCBBziCAQ~CBsQCiDJCDhu~CAEQChgBINsJKNsJMNsJaNsJcNsJgAHO-AGIAfOVBbABAbgBAQ~CC8QBxgBIJ0KKJ0KMLAKOBNongpwrwp4qwGAAWiIAW2wAQG4AQM~CC8QBxgBIJ4KKJ4KMLAKOBNonwpwrwp4qwGAAWiIAW2wAQG4AQM~CAMQBxgBIJ4KKJ4KMMIKOCRonwpwugp4x88EgAG-zgSIAZOyDLABAbgBAw~CAsQChgBIKcKKKcKMKcK~CBgQChgBIJoVKJoVMKIVOAdomxVwoRV4un2AAb98iAGIyAKwAQG4AQM~CBsQBSC5FTgf~CBsQBSDIFTgf~CBsQBSDLFTgd~CAUQBRgBIKAEKKAEMMoGOKoCaLIEcJcGeIwDgAHHAogBnASgAakKsAEBuAED
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2404:6800:4005:80f::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cxlV3D77HST4rWVtGpJjxYKtokBu_5Qc1ZKfQJkAVZ-XQaZmz1alUvpFtCG5BQo92ymRbsNVA
chickensstation.com/v2/0/ 2 B
287 B 41ms
40ms Other
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/cxlV3D77HST4rWVtGpJjxYKtokBu_5Qc1ZKfQJkAVZ-XQaZmz1alUvpFtCG5BQo92ymRbsNVA
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Mar 2019 12:04:14 GMT
x-datacenter: gce-europe-west3
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
x-hostname: lisa
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2
expires: Wed, 20 Mar 2019 12:04:13 GMT

GET
H2 200 wigo-no-slot
sync.teads.tv/ Frame 7E4B 0
0 107ms
65ms Document
text/html 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.onmsft.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.onmsft.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 325
expires: Wed, 20 Mar 2019 12:04:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 20 Mar 2019 12:04:14 GMT
set-cookie: tt_viewer=0d6a665c-5e38-4bd8-9fdb-1cb0a88fb711; Expires=Wed, 18 Mar 2020 12:04:14 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
309 B

12ms
11ms

Image
image/gif

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=09779080&cs_ucfr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1553083454683&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=09779080&cs_ucfr=1
Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
157 B 88ms
34ms Image
image/gif 23.211.0.4
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&pageId=43599&pid=48817&gid=[insertionId]&slot=native&env=js-web&f=1&ts=1553083454680&fv=2.21.52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.0.4 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 20 Mar 2019 12:04:14 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 20 Mar 2019 12:04:14 GMT

GET
H2 200 track
t.teads.tv/ 23 B
157 B 89ms
35ms Image
image/gif 23.211.0.4
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&pageId=43599&pid=48817&gid=[insertionId]&slot=native&env=js-web&f=1&ts=1553083454680&fv=2.21.52
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.0.4 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 20 Mar 2019 12:04:14 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Wed, 20 Mar 2019 12:04:14 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1knS,pingTime:-10,time:1969,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.95v220002022020220000022002222000022220202020222222222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220222222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC45NXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC45NXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8OHx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1553083454911||5a364f3842c1564ee8d4db11b53ffc8f||bf486f3aba4c432632bded0f99a7bd42||4a05add39d5f6819058bf8dc1240b97c||1cec4e3043a2856c529293cecd54c7e8||12816608e4b0c7cd31b7292514581b9a||b626d412ff1717a33a3fef361504bc30||4a5c458e02e9269dc3e9218597492031||1529428597,im:{pWait:48},env:{ar:self.0}}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:14 GMT
X-Server-Name: dt62.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 104ms
104ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kow,time:1995,type:e,env:{ar:2f6ed85a-bb21-defa-e92c-641fd9bf85d2.1},es:0,sc:0,ha:1,gm:1,slTimes:{i:1995,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1260~100],as:[1260~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:340,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt14.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=f2f3982f-cd45-36df-de41-0f4d1860e362&tv={c:7p1koB,time:1784,type:e,env:{ar:2f6ed85a-bb21-defa-e92c-641fd9bf85d2.2},es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:1784,n:0,pp:0,pm:0},slEvents:[{sl:o,t:772,wc:0.0.1600.1200,ac:689.1941.0.0,am:i,cc:689.1941.0.0,piv:0,obst:0,th:0,reas:l,bkn:{piv:[1025~0],as:[503~300.250,522~0.0]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:201,fm:rlg7Tqd+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a1|1a2|1a31|1a4|1a5|1b.7529|1b1|1b2|1b311|1b4|1c|1d*.7529|1d1|1d2|1d31|1e|1f|1g|1h|1i,idMap:1d*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt72.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1koL,pingTime:1,time:2024,type:p,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:2024,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1530~100],as:[1530~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:364,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt68.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1koM,pingTime:1,time:2025,type:pf,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:2025,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1531~100],as:[1531~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:364,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt46.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 120ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1koM,pingTime:1,time:2025,type:c,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:2025,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1531~100],as:[1531~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:364,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1,metricId:publ1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt62.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 135ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1koN,pingTime:1,time:2026,type:c,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:2026,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1532~100],as:[1532~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:364,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1,metricId:grpm1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt72.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 104ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kpM,pingTime:1,time:2073,type:p,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:2073,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1338~100],as:[1338~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:340,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt14.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kpN,pingTime:1,time:2074,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:2074,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1339~100],as:[1339~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:340,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt68.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kpN,pingTime:1,time:2074,type:c,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:2074,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1339~100],as:[1339~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:340,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1,metricId:publ1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt46.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 121ms
91ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1kpO,pingTime:1,time:2075,type:c,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:2075,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1340~100],as:[1340~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:340,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1,metricId:grpm1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:15 GMT
X-Server-Name: dt62.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ 44 B
424 B 31ms
30ms Image
image/gif 52.215.232.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=fqsVxGBWkgVnEDaMRiOx2RsmuyKwZ1553083452&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15530834521598711&c30=bldv,6.0.0.326&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.onmsft.com%2F&c73=phtype,&c74=dvcnm,&c62=sendTime,1553083455&rnd=554983
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.232.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-215-232-115.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:15 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

openx
match.adsrvr.org/track/cmf/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1
https://match.adsrvr.org/track/cmf/openx?oxid=5189a278-c753-7680-e8d0-e08c22a57ff9&gdpr=1

70 B
264 B

103ms
32ms

Image
image/gif

52.48.132.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5189a278-c753-7680-e8d0-e08c22a57ff9&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.132.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-132-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2019 12:04:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

Redirect headers

status: 302
server: OXGW/16.121.0
location: https://match.adsrvr.org/track/cmf/openx?oxid=5189a278-c753-7680-e8d0-e08c22a57ff9&gdpr=1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"

POST
H2 200 pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV Show response
chickensstation.com/v2/0/ 214 B
295 B 16ms
15ms Fetch
application/json 35.186.219.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://chickensstation.com/v2/0/pdyADOaDqTMsSqcyfQ-7rkjQMH4Ahazt54-LMDTYkL8M_SDecSEVwEFqmSgF8XzHJIfHZoV
Requested by: Host: chickensstation.com
URL: https://chickensstation.com/v2/0/jux-E_ybSvS8hdhfETraPx7wTBGt-IxGIeCM0XCD7HAEEzip7tj3WtAoLl4mMCIRPZ4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.219.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 42.219.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f1ee5ae0e00fe4c895fa51c5c527699bbd1817fdd9ab9924f3440945d9c3bddc

Request headers

Referer: https://www.onmsft.com/
Origin: https://www.onmsft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Mar 2019 12:04:18 GMT
x-datacenter: gce-europe-west3
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: lisa
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 214
expires: Wed, 20 Mar 2019 12:04:17 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1lrf,pingTime:5,time:6022,type:p,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:6022,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5528~100],as:[5528~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:185,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:19 GMT
X-Server-Name: dt62.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=2f6ed85a-bb21-defa-e92c-641fd9bf85d2&tv={c:7p1lrg,pingTime:5,time:6023,type:pf,clog:[{piv:100,vs:i,r:,w:980,h:90,t:655}],es:0,sc:1,ha:1,gm:1,slTimes:{i:6023,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:654,wc:0.0.1600.1200,ac:310.10.980.90,am:i,cc:310.10.980.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5529~100],as:[5529~980.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:185,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a*.7529|1a1|1a2|1a31|1b.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1a*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:19 GMT
X-Server-Name: dt46.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
89ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1lsi,pingTime:5,time:6073,type:p,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:6073,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5338~100],as:[5338~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:156,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:19 GMT
X-Server-Name: dt68.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
90ms Image
image/gif 104.244.36.20
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=7529&asId=d58a6fd8-9313-9210-da24-c7b53975c5c4&tv={c:7p1lsi,pingTime:5,time:6073,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:250,t:757}],es:0,sc:0,ha:1,gm:1,slTimes:{i:6073,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:756,wc:0.0.1600.1200,ac:1037.727.300.250,am:i,cc:1037.727.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5339~100],as:[5339~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:156,fm:rlg7TpZ+11|12|13|14|151|152|1531|16|171|172|1731|174|175|176|177|18|19|1a.7529|1a1|1a2|1a31|1a4|1b*.7529|1b1|1b2|1b31|1b4|1c|1d.7529|1d1|1d2|1d3|1e|1f|1g|1h|1i,idMap:1b*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.onmsft.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Mar 2019 12:04:19 GMT
X-Server-Name: dt14.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.onmsft.com/	1970-01-18 23:26:09	Name: more_page_author Value: 1
www.onmsft.com/	1970-01-18 23:26:09	Name: more_page Value: 1
.onmsft.com/	1970-01-19 08:10:19	Name: __cfduid Value: d0a2e38492ea950bbcc2d961949ed1a351553083448

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1) Message: ZD Core :: Outbound Link Tracking Initialized
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.95.js(Line 32) Message: a: 0.001953125ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
admiral.mgr.consensu.org
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
api.skimlinks.mgr.consensu.org
as-sec.casalemedia.com
beacon.krxd.net
cdn-gl.imrworldwide.com
cdn.krxd.net
cdn.nsstatic.com
cdn.static.zdbb.net
chickensstation.com
consumer.krxd.net
csi.gstatic.com
dapperfloor.com
dt.adsafeprotected.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.pcmag.com
googleads.g.doubleclick.net
gurgle.zdbb.net
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
loadeu.exelator.com
match.adsrvr.org
native.sharethrough.com
ns.zdbb.net
onmsft.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.wp.com
r.skimresources.com
s.skimresources.com
s0.wp.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
sync.crwdcntrl.net
sync.teads.tv
t.skimresources.com
t.teads.tv
tags.bkrtx.com
tpc.googlesyndication.com
us-ads.openx.net
vendorlist.consensu.org
walker.zdbb.net
winbeta.disqus.com
www.google-analytics.com
www.googletagservices.com
www.onmsft.com
x.skimresources.com
zdbb.net
ziffdavis-d.openx.net
104.109.65.90
104.109.71.139
104.244.36.20
104.27.155.67
147.75.102.200
151.101.0.175
151.101.120.134
151.139.128.10
172.217.16.166
173.241.240.143
173.241.240.220
185.64.189.112
192.0.76.3
192.0.77.2
192.0.77.32
199.166.0.26
199.166.0.32
2.18.232.7
213.19.162.41
23.211.0.4
23.211.2.27
23.43.115.95
23.62.118.129
2404:6800:4005:80f::2003
2600:9000:200d:a400:1:af78:4c0:93a1
2606:4700::6813:c697
2a00:1450:4001:809::200a
2a00:1450:4001:815::2001
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2002
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9b
2a02:26f0:6c00:19f::13b2
35.186.219.42
35.190.40.172
35.190.59.101
35.201.117.115
35.201.67.47
35.201.98.64
37.252.172.39
52.210.77.107
52.215.232.115
52.222.167.27
52.222.167.54
52.48.132.12
54.171.6.140
54.171.7.149
54.228.202.240
54.230.202.51
64.233.167.157
95.101.194.150
00a574abb51e5c2212ada391e8af601c658e1973f6f1fda9e30e42c6d598316e
011f946d11bf46c69eb4706bb16280ed1dbb6256a2ea01886dbd8d879196f313
013d243a4a521e526eed45518989a2d6037b3790273997b76dd3dd5de76891c7
03a9cf53cc261adb4bb72f973e84a4e4932ec7594e19898a36cf9c3a5a2a86ea
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d7a30db57011415e5c5ec7be4978d8abdc5b5bdebda35304abfe3ce943e75d
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
07fa03f1e5fef6c5ee89c033aa08a86d1e791714aa6437142823c8e5adea8a93
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
0ae7ce3f41afff05ff27f15fdeb4c73f46faffdcb74ecbe0da5dd5cab841c2f8
0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056
0b792944db962b2607af2999911c685d31d55c0274f7502fa4432b04e289c791
0be6b5124255ff322b8ae46c78581b881c8bac4085262b88459a38bb2ed4d3f8
0e3abbfcc2a247b2a7219c83108d2929b48474644993688d19c7eacfc980e422
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
14815d3ad86f0839b16208a0d832d3695822c6d9bb9fc242b946cecad46799a6
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc
1639331dc980369a62d357815dd4d7c3e6841338136298f5b11eb59c56dafdda
163b5c85c0aa922f4fde09a30501fb7c61514140acf94cdf12cc79b99c83b768
19c578cc052ab80b04dfc8c7b7fc372ffc7bf6be58cf79fb6fa4f89392c181cc
1aa10cc4247add4f4fe1e5de8f43f622ed414a0fb1f6c88180ca66e0d7890a43
1bb0840d84a61a4e6220d9438c74dd6551781839536d09f0d9da99489acc7fff
1bd4ea7c7c88379238504970d1017b549ec5f131a3e0961a35a4640b8309cdb7
1ccc05654ab74c632b5e47c7ece188cda4b48715c826e59a8643c66089983e79
1cf12f9f003f05dc1c97f3d3c3003cbe152c1d6df5b358b7c6dedc69daa47979
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
245b32205fec22452bf18058bb09a362fef7360323af82387c31e7632af6a4f4
24dbf46f68946120c1776e0438ae1f68f02cae5049f371df626036c8a41b3338
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27fc9a45b9993bc868b14bb28533cf5def1b13051b0839b032685ef731b07fbc
28ae559502a1a0ec542557b315daf48cee77071f5cba0975c7336d42cb97fd54
29478c4973eef3a2af35ccfc81a109bad17769b8e45c3b6d4fd30968fb37d4a8
2a6edfd42fc27f6166648eeb100e104fe048ff81da4b7fa62f0adfa36ee7b2db
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2c9ab30fecf4b50adb3b040f00a96d2e85604ef9e4040ad51bd1e3fa53ca2f99
2d2a060a64da88a895dffb66079a579511c5428685814d177b4a3374505712b5
2d90ad9018fcaf71b7bfa876f1b5051a67b17986918b9fb8779e0e6a6dc438e9
31a51ae4e98591463bb69e0e79ca761f22f8be1477974c549772beec4c41dd89
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33adf855a03023a767d54515b2613df379f9f656427ecdf28b57036a57715f0e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b14a16854df3a63dadd057047cf8bfa16baa33755750db5bef477d29aad61e
3520c6612351780c5f1b515bef3401db695a063e38595a5d9c2e30d4591a91de
364676f96f6882f8d130bcf8f0f6a6577695a5e24a67ea5908178f3cb2301206
3ba328aa7721b56ec30820212c5bc567ecca0deb07f02a5662fc9409ef85cb5d
3dd605490efded6afa1551c643fdb396e4118ca4c39c02539da543ba7ed0216e
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
40291bf824e9cd4bc021abfe668862f701c9632134017a90d9e5133a473e5167
411a1f0e583abdd08cfe9645bd140c9f3eb8ec8ab864e79ca85527ec42d98d3d
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4427c5e2fdc0fa78e7beccbffc1a98d22ddec6b6450c2aac6c5b3f7b4c0d273b
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44
4c4cee8f7b246b0ff524dee98d373fed410980244cbae7b996b816d80eb080ff
4d139abbd8400ecf686f76d746762208fafb9cbd4e17dbb09df70a54e299615d
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4ed315a5d70b31da4fb8bcadb92d49280b6f9e592fb5b3c88186c3b5eedd90c5
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
50b1062e139ecca8a6bb207cc867a7b21ce960d44b105affe3895709fede8e58
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53baa3be5c1df9e9d1f64164c22a82aa400e87ac173cd3f36d83dcbec53843e8
5689f3d6640befe887d11fbdbe526ce4c8bbb16d7eefe0c15c4994484a2c8997
589baefd191a29fc58bdbf7f7ed9a03291b218d1549c1ced35b5f197a81d4ec3
5998ea0ddeb88858fb1d3cac734662086a999298da0eadb3da62e19fd8907f83
5abf0c3555cff7b63e38f6e7b8e7f56896937c0c2cc97cfaee7997c443e3e254
5aefe484ce181c451c93085ebd4d666c98558b989464e870fc4042094ff87ffe
5e9d5d7f0c649b8afca5ec420809ba9a6067a5dddd25be954f27c2ae034a1121
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
608d9987a9068e62c51dc21ec5e0ac3c44d3c4732ebde4f0f9c5f9b042bf05e7
629cdd16d3e6110ea1cd974b6537b785c86ebf16dfcdcea0c210e22527d58e19
651c806768275a730455cd92f67ee4257f07a24e7e4c826fe1119752a6436946
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
674a6c9efcae4ef4a6c8ac9d953716bd08dcf8ea7c0596501db83fc30efbbd09
68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313
6876f9894bb74e3aaf598e1a6afdc2cc375c0acdad2634c9fb0384080fcd9f1b
69ab1a2de27af9982ac383ba968b31150b40465eee67ccd2cb540397dd372c14
6a398fd63bf59fe4fa771ebd6cc5ddf219507b4025f895bb61561a25532e2190
6e24dc1e42f169dedfe6d27cd15fc6f1171802de3f29d5bd3987d7895e6b5c2d
73117fd3b2f81cc12d5cd266a007eb843b5f6ebea23e298231b54a0595314f77
75989d5f8e4b30cc547941d2ae66081e411f1c7bf590cacf3d16c9e27c6294b4
76c89f30a537c7330350de97c8eb97554f54a1155b212cc7fcb5b732b9c83e8e
779d875613caa8f40bb7c5d047ae22de2b3ebe3344f93175d8081d3b6ce6d433
7c06e56ba07aa9fb8a6c5ad240497295424b1e0cfd3b42c0fb1b36c8144324cd
7fb4025030b0dc6dd4f6fec4f7abd6d2fa66bd2f33772f5fac9bb4a25b08bb45
830ce433f7ca55cc4225cf953b38d53f1912e4b8a28b88cd37a77dede506c993
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83833127f62a9d798191effd89f16efb580d220dc199814a149e0e136f97d169
850c087fcbaf8f98d1361b12b81b9ab5d4832f051f9a4caeb67532953041fa9c
8a3812d51d17576e2c6a92b9167ac1915ff69b415b508f81b621fc8b4d6b0f55
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8d279f4e99a12c10d5668e4ac5a205868fa2b254cb5215f59ae7cf8dbbd96386
8d547ee98c94f1f078bf80c1cc650fe7dd0cf72b2f10d39d6e5325df39994761
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8f72b3f1e8e484f697b01ec3a63f087748fb200712c0415ad6f76ee6834205
8f75ee8a760c4319b767725c06ad12a0f5291c38fe35e93cbe59c18f02fdc248
9291fdc44bccd9b470eddfb7e2326370687526185eeea097a02541d08b60ef53
95621724cadde651b769e30db9851e7187cbb89f8c863c1e1f83845c89928b9a
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d
9b9a805808791c3d05db488f34c2e0b2efba3da4cf1356e0266701e79a23d7db
9dd555f5fa6b6d5e1be00bfbabe9225ce94b1a247d7558295c5dcff107a6032b
9fd7bfa229eec86e2b02fdcf85e49e5b2699a2d9cd53ee36b4df53513d1da1f3
a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94
a1033dc43930887f32e9dccec31d834c60c6ffb9ff15e30a829931148328e8d0
a3a74ac3d7c243608663e37e07e918353611896ab817c9f501f12021169bbe12
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
aa409659631881863c74feef8699c44bbda4caa64d99c97635f93f7eb5fcbd30
ace3fc4fc5a27c9b60aba92cb023b922c5c2e11c3bfa3da57e83845914333d9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b190d90458aa1118cd187b3e1c06029f794a7ef26983f10cedf6ce78bfb99ae2
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b487f49725be2b189de4d207c798e71188af39eca9244369c03a5ca463cd24af
b4aafb1431d72c21cee3cb7689f9c884886d059be648453ec83d0c173028bfe4
b5db45a5510db255ceee681dff1a49ca904473e957517f90d68989f13f342662
b6ea80a09a8defe6293af2b749949c7dc38617e89b1d80e7de14e5a4046983aa
b9f5e78832878595b6d63a5fe971afbc41020998bd7d2606c7a47e90efab918b
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
ba5fffdff8f523f420a139a15f24eeecd6aa8c59c112673e0799f0c8dd8977ba
c0094e3da462d65cc197e73c1aa7d82049ce45676960e0428c9278644e8d1138
c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388
c4c6a3047d39795467df19c1f997be5b774c103859b991cf57f921251d2d0512
c5d9f2de55b76b878c939dbd83e915affd493d93985bb6585877baaabe7c3d2f
c96a79a5d8b083483072af21ec12fd4a953156551fae6acf4605bf0882020f11
c9fa85a3fd3b712fbf329fd5b11c4143810bb0e775fd77f88d6d510b1fdd53a5
ccc8413bc09ee8ffe0688a01b0059677c9cc298e6098aa01b7afdcc7f6d31bcc
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d50a0117455ffa8079ce1825ce28244c774a22d894459cb661c1d9e100f5c85e
d55d784de8d3753e83c9051a7d2f6f6e2ad20127441d7da00bcc96e93c165f19
d6305c6ca4187969344afb4397344a451f65786537f4f54302c59f38c07f0a9d
d65e024114942f5caecd6171527aec27b414339447373bc6476365812c0fd8a9
dbd0425550d0738c39c0f6ffe17880245425dccd356d77a5e0e30f9845fc90ca
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d10f41c761ec3c5a131424cab5ccab1670b7cc5b587240b4071a2769354a4
e67eca7afeaaacc4816cc5d81d1a97a8493ff646c524da006e1df38b7d428a3a
e721392a59c82d36c3eef8aa8c3c852bcf54fcb041098fe6c0312cd1e173b331
e76814816ed63ba7cc471bd2d4b44c0aa7998f4d2d2baf9aae33ea36c88c1b71
e79ed1633ead48ef7a84b855cd3401af41885e4226c7674264de703720ca9d30
e9815a3710bc8cca4df26e419aba7ea94a099d75c92134ae1e05511f8d32ca98
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecfe5e36e828580c140af128acfb40a16d748b1b8b08c3a6c4ea52dabced06b5
ed60479e079b9e6d5280c6fdd11636fd55a11ebf935bd8dc09c6c66eb77bb3da
eed854d2588f3afad208a8b8e5d6bd957d7489b876157239ea35ead4fff3efae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f6d2d51a42f9766103f06006acdc8351bd1956b3be303e9f0bb3da4d7429b
efdb746dd0d43920c77417dbdd11ae99d49d171694590915ae48d06cfd2e4818
f1853e16925ee92c23d6be494cdefb0170a8867ffe9ce2ad05830a567fa77924
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f1ee5ae0e00fe4c895fa51c5c527699bbd1817fdd9ab9924f3440945d9c3bddc
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9
f66539c92c7f38476eda000428956723ba498c80d4d25265e00bfc18d7f7b416
facce429d2aff28599cb05b83cb86da97858939b7d6da5d2074c0f0de0cfa5b8
faf8c6a9d4b450cfccf29d2506affae4c76e397773edbbf6a3fdac0222ca00f3
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.onmsft.com Open in urlscan Pro 104.27.155.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

269 Requests

100 %HTTPS

25 %IPv6

35 Domains

66 Subdomains

53 IPs

7 Countries

3015 kBTransfer

8540 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.onmsft.com Open in urlscan Pro
104.27.155.67 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

100 %
HTTPS

25 %
IPv6

35
Domains

66
Subdomains

53
IPs

7
Countries

3015 kB
Transfer

8540 kB
Size

3
Cookies

269 HTTP transactions
11 data transactions