microsoftms365.cfd Open in urlscan Pro
2606:4700:3036::ac43:bf78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://microsoftms365.cfd/
Effective URL:
https://microsoftms365.cfd/
Submission Tags: @phishunt_io
Submission: On April 14 via api (April 14th 2023, 11:10:38 pm UTC) from DE — Scanned from DE

Summary HTTP 159 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 54 domains to perform 159 HTTP transactions. The main IP is 2606:4700:3036::ac43:bf78, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoftms365.cfd.
TLS certificate: Issued by E1 on April 14th 2023. Valid for: 3 months.

This is the only time microsoftms365.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:41b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
89	2606:4700:303... 2606:4700:3036::ac43:bf78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1	2606:4700:303... 2606:4700:3036::ac43:ce0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.213.49.172 52.213.49.172	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 15	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 2	52.213.202.61 52.213.202.61	16509 (AMAZON-02) (AMAZON-02)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.66.58.102 3.66.58.102	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2.16.238.158 2.16.238.158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.124.222.86 3.124.222.86	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 8	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	88.221.168.207 88.221.168.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.48.104.151 52.48.104.151	16509 (AMAZON-02) (AMAZON-02)
2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.209.20.194 52.209.20.194	16509 (AMAZON-02) (AMAZON-02)
1	52.218.52.140 52.218.52.140	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 5	217.79.178.233 217.79.178.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	193.135.9.128 193.135.9.128	48314 (IP-PROJECTS) (IP-PROJECTS)
1	108.128.115.132 108.128.115.132	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	108.138.17.75 108.138.17.75	16509 (AMAZON-02) (AMAZON-02)
2 3	54.158.27.67 54.158.27.67	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.19.200.27 52.19.200.27	16509 (AMAZON-02) (AMAZON-02)
1 1	52.212.138.15 52.212.138.15	16509 (AMAZON-02) (AMAZON-02)
2 2	35.158.189.178 35.158.189.178	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-VINS) (ASN-VINS)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2600:9000:212... 2600:9000:2127:8e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
159	45

1 2606:4700:3033::6815:41b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

microsoftms365.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 2606:4700:3036::ac43:bf78 (United States)

ASN13335 (CLOUDFLARENET, US)

microsoftms365.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:ce0e (United States)

ASN13335 (CLOUDFLARENET, US)

coinzillatag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.49.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-49-172.eu-west-1.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.202.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-202-61.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.58.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-58-102.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.222.86 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-222-86.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.243.60.138 (Norresundby, Denmark) 7 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.207 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.20 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.104.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-104-151.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.20.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-20-194.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.52.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.213 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.79.178.233 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm48.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.128 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.115.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-115-132.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-75.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.158.27.67 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-27-67.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.200.27 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-200-27.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.138.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-138-15.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.189.178 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-189-178.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (Centennial, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	microsoftms365.cfd 1 redirects microsoftms365.cfd	12 MB
18	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 5932 a1.adform.net — Cisco Umbrella Rank: 13623 c1.adform.net — Cisco Umbrella Rank: 585 dmp.adform.net — Cisco Umbrella Rank: 2901	42 KB
10	gstatic.com fonts.gstatic.com	198 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1239 se.semasio.net — Cisco Umbrella Rank: 22403	5 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 20516 tags.adsafety.net — Cisco Umbrella Rank: 105988	10 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 220	1 KB
5	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 227	5 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2080	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1457 load77.exelator.com — Cisco Umbrella Rank: 5266	2 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 296	610 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 456	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12276	629 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 768	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 337	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 556	665 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1516	928 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1018	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 553	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	872 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2949	690 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 569 pixel.rubiconproject.com — Cisco Umbrella Rank: 351	453 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 674	849 B
2	bidr.io 1 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 8732	1 KB
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3662	464 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 379	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23344	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 743	240 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15918	155 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1255	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 443	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2045	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 509	493 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 22004	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 692	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 622	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 31006	849 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2908	419 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 26251	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2346	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 795	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 383	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1048	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 615	681 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614	163 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4547	400 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 30256	467 B
1	google.de www.google.de — Cisco Umbrella Rank: 6074	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	coinzillatag.com coinzillatag.com — Cisco Umbrella Rank: 101248	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	54 KB
159	54

	Domain	Requested by
90	microsoftms365.cfd	1 redirects microsoftms365.cfd
12	c1.adform.net	2 redirects a1.adform.net c1.adform.net
10	fonts.gstatic.com	fonts.googleapis.com
5	cm.adsafety.net	4 redirects c1.adform.net
5	cm.g.doubleclick.net	5 redirects
5	se.semasio.net	4 redirects c1.adform.net
4	secure.adnxs.com	2 redirects microsoftms365.cfd c1.adform.net
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	ups.analytics.yahoo.com	1 redirects c1.adform.net
3	www.google-analytics.com	microsoftms365.cfd www.googletagmanager.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	a1.adform.net	1 redirects microsoftms365.cfd
2	cnv.event.prod.bidr.io	1 redirects microsoftms365.cfd
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.1dmp.io	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	microsoftms365.cfd
1	www.google.de	microsoftms365.cfd
1	www.google.com	microsoftms365.cfd
1	stats.g.doubleclick.net	microsoftms365.cfd
1	coinzillatag.com	www.googletagmanager.com
1	s2.adform.net	microsoftms365.cfd
1	fonts.googleapis.com	client
1	www.googletagmanager.com	microsoftms365.cfd
159	63

This site contains links to these domains. Also see Links.

Domain
medium.com
twitter.com
t.me
discord.gg
linktr.ee
www.instagram.com
whitepaper.fightout.com
www.linkedin.com
teodor.tv
fightout.com
www.facebook.com

Subject Issuer	Validity	Valid
microsoftms365.cfd E1	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-11` - `2023-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://microsoftms365.cfd/
Frame ID: DF2EF539BD81E037B8AC3023656CD1E9
Requests: 120 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Frame ID: 068C9FBF9511BDB20B0E8C69A975E1D0
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fight Out - Best Move-to-Earn Platform 2023

Page URL History Show full URLs

http://microsoftms365.cfd/ HTTP 301
https://microsoftms365.cfd/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

159
Requests

85 %
HTTPS

19 %
IPv6

54
Domains

63
Subdomains

45
IPs

10
Countries

12294 kB
Transfer

22008 kB
Size

79
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/@FightOut
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/FightOut_

Search URL Search Domain Scan URL

URL: https://t.me/Fight_Out_Official

Search URL Search Domain Scan URL

URL: https://discord.gg/87QExe7eGn

Search URL Search Domain Scan URL

URL: https://linktr.ee/FightOut

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amandaufcribas
Title: Amanda RibasMMA Fighter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/themuscle.ninja
Title: Tremayne DortchFitness Influencer

Search URL Search Domain Scan URL

URL: https://www.instagram.com/savmarshall1
Title: Savannah MarshallProfessional Boxer

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tailasantos.ufc
Title: Taila SantosMMA Fighter

Search URL Search Domain Scan URL

URL: https://whitepaper.fightout.com/
Title: View Whitepaper

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/carl-jones-01276676/
Title: Carl JonesCEO

Search URL Search Domain Scan URL

URL: http://teodor.tv/
Title: Teodor RaduHead of Development

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jack-hughes-7b790654/
Title: Jack HughesHead of Growth

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/amadeusrennalls/
Title: Amadeus RennallsHead of Design

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/marco-raposo22/
Title: Marco RaposoProduct Owner

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/daunt%C3%A9-crawford-113696118/
Title: Daunté CrawfordHead of Partnerships

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/david-ryan-038504226/
Title: David RyanCommunity Manager

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jack-attwood/
Title: Jack AttwoodSocial Media Executive

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/yogesh-sharmanu/
Title: Yogesh SharmaSenior Backend Developer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/alphaartrem/
Title: Yash AwasthiSenior Mobile Developer

Search URL Search Domain Scan URL

URL: https://www.instagram.com/themuscle.ninja/?hl=en
Title: Tremayne DortchGym Advisor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gravity.x.boxing/
Title: David RomanHead Coach

Search URL Search Domain Scan URL

URL: https://fightout.com/en/contact-us
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fightout/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FightOutOfficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fightoutofficial/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://microsoftms365.cfd/ HTTP 301
https://microsoftms365.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://secure.adnxs.com/seg?add=32237540&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32237540%26t%3D1

Request Chain 109

https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9 HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9&_bee_ppp=1

Request Chain 112

https://a1.adform.net/Serving/TrackPoint/?pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 118

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432

Request Chain 121

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4477581211473645190&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4477581211473645190&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=102ddc3bea614aef85ba0c94a58e20dd HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=275c075222296290b9924e6929be61c637f45d22b4fa2b941e9c16fb730d40ab

Request Chain 123

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1&verify=true

Request Chain 125

https://x.bidswitch.net/sync?dsp_id=70&user_id=4477581211473645190 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4477581211473645190 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=05fec16d-f26e-48c3-beff-7e93986969a3&_origin=1&gdpr=&gdpr_consent=

Request Chain 126

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432&C=1

Request Chain 127

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4477581211473645190&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4477581211473645190&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=4477581211473645190&gdpr=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=f66a6439-dd69-4800-9ab5-142f6b25388c&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=2969955020795551449&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RDJEN0RGNzU1NEEzQTAzRQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEGUfHp_GIAKTvoeKfM_p7ew&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEGUfHp_GIAKTvoeKfM_p7ew&sInitiator=internal&google_cver=1&gdpr= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7222046920509159578&sInitiator=internal&gdpr=

Request Chain 129

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4477581211473645190 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4477581211473645190&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 134

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 135

https://pixel.onaudience.com/?mapped=4477581211473645190&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 136

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4477581211473645190 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12023041423eeec39ba6ba2af3cf94&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=70e81fa6f8b959691ad6fe01657c92ad HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023041423eeec39ba6ba2af3cf94&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=70e81fa6f8b959691ad6fe01657c92ad&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA0MTQyM2VlZWMzOWJhNmJhMmFmM2NmOTQ&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELnugJDwKMTAIOohtR0h8tI&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023041423eeec39ba6ba2af3cf94 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4477581211473645190

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDQ3NzU4MTIxMTQ3MzY0NTE5MA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDQ3NzU4MTIxMTQ3MzY0NTE5MA&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlvQl5mLniq8C9EgdhnIn8&google_cver=1&google_ula=1641347,0

Request Chain 139

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=2969955020795551449&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=4477581211473645190

Request Chain 143

https://a.audrte.com/a?adform_uid=4477581211473645190 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWw2ME94V0o2SzRTd3ltYTR4M0Fod2VhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 144

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4477581211473645190&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4477581211473645190&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=82873407026225659880287457728262849151&noredirect=1

Request Chain 145

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4477581211473645190 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219833204486005386630

Request Chain 146

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7222046920509159578

Request Chain 148

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=f66a6439-dd69-4800-9ab5-142f6b25388c

Request Chain 149

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=mYOqU9GL1PNsyQ5

Request Chain 153

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2442710935 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=chglr69PMUq9IujG.5/P0O

Request Chain 157

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4477581211473645190&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4477581211473645190&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=82464cde-9d4f-4177-84ad-e743788221f2

Request Chain 160

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=4477581211473645190 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

159 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
microsoftms365.cfd/
Redirect Chain

http://microsoftms365.cfd/
https://microsoftms365.cfd/

224 KB
54 KB

228ms
127ms

Document
text/html

2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727fbdde7e0c908eb395919dcd898d7ef557f7fe9c50561ebc3cc7ec1a8bc91c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b7f9f5cda699b80-FRA
content-encoding: br
content-type: text/html
date: Fri, 14 Apr 2023 23:10:29 GMT
last-modified: Sun, 19 Feb 2023 12:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pODm%2Bpu%2BPX4ab6l%2BjnWZQr84XXs%2B%2BB9VC%2BcfLiYz9z48SVf3aYRbLmkGIPIgjvWW9wWnV5Jjy7oLJBOhd4jK8zMxqAZH4fkYiS6ZBSB1mlyiwCIWM9hOFDj1FyvIpzffLz6W4L0v7J7Y%2F5GHse3iRW0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 7b7f9f5bde3390e2-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 14 Apr 2023 23:10:29 GMT
Expires: Sat, 15 Apr 2023 00:10:29 GMT
Location: https://microsoftms365.cfd/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8Rg4UREzjh%2FlBGN%2FJjLevaBaCq6U6mQB3xXLFzWlXHK7L%2Fw3lNfVToTRB2ETI4Eqhu2m9WdxIAmOSkC7Q%2B6DjNL1oJYxc22XeyocrNGbAcfmqH27wN2Hpk6RxK1a66lTl3kHkFyVvAg6j5V%2BfEiX04%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 saved_resource Show response
microsoftms365.cfd/fightassets/ 144 B
468 B 137ms
133ms Script
text/plain 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/saved_resource
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c03173be88f9140c90abd11b4ffd3e2dc789827b6114ebfb4f7653e1e04fea58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 09 Feb 2023 22:13:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyVEeFsHDQNdy6kPDKSiFo%2FD9dBEP2IUV3vT43%2Bl2YuYvP5K6tbLG6DDCF6mOGiv9OXZMDZ80sDP579pVTTAHl62PrbON%2Fd1GUyBB0Qoll9L2SAAVYLrMx3mpro5SqNUF00Ouljf8uN2Bhd5dQgW%2Fus%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f5dbb619b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144

GET
H2 200 js Show response
microsoftms365.cfd/fightassets/ 226 KB
227 KB 177ms
174ms Script
text/plain 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaf5f1f380effce2293460c0a530308b8c33d10253cb3487bff8c769e764df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 09 Feb 2023 22:13:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3UxvnXRMzni95XRZ8dLwqdVSSqekfvZjwSZ0VtdN6eYR1GELx1SRTeB0XH2J0sVubopDP9PgMdnj9tkcigJKKS15jjTHk7NoziELmP0hAQFVz%2Bk5VTlmPs%2BICYpU9ObC0SoG2Mx99ySHMvgrd6tvfU%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f5dfba59b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 231521

GET
H3 200 trackpoint-async.js Show response
microsoftms365.cfd/fightassets/ 78 KB
28 KB 196ms
196ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/trackpoint-async.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29kt5%2BsKfDOUaDK1f8h4d6yfgpIbae2yh9l%2BdVTah%2BziBRUDCbmOi7l5rPWVQbaIfbon5HrQ4zY2Gv1Qbxiuof4McNv0hNOXPoEhfjSQvRU9VvoK25rbEfgyTWU%2FNYt%2FfkGevT%2F7tkcwfF1dQgZq7KE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f607f3f9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:29 GMT

GET
H2 200 disable-devtool.js Show response
microsoftms365.cfd/npm/ 16 KB
6 KB 51ms
48ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/npm/disable-devtool.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cdf6b244310cbcbdeb6796a6daf32987381a00d0313d894d3bfa42bd4d15b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:35:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXr2%2B3flpxIN%2BEx8kO2vuBDk8bQ8kM74wC73JnLp5c8tDcv4TwY6NBlkvMzaiLTUZhjqw6zj5%2BZQ1Slm84BPPLlw7Jf4POlq%2BxCQvFczHABupU3s17cRzxmUPdfRHQJ1rxCKmxCVPDIUZA6R%2B3oOhRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb5f9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 404 buffer-6.0.3.js
microsoftms365.cfd/ 0
0 136ms
134ms Script
text/html 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/buffer-6.0.3.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2gJtHaYhfbqUTM9rvNxTv3iGJ4SSvD6NcKU9xe6AAMA3rYJL8figEO0pZOmyCsLEaz00t9lql5XiT634J%2Fi54ofu9%2FxDYrvnyVVkybiVJWLz%2Bc4cYhCyS0Chw3CbnhwjsjFk1ed9xAYdKIwJ8H8YWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb629b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ethers.umd.min.js Show response
microsoftms365.cfd/ajax/libs/ethers/5.6.9/ 719 KB
152 KB 80ms
78ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/ajax/libs/ethers/5.6.9/ethers.umd.min.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:35:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNaL6whoBe4UO3Y4jSlO7HFSElEvDJSRZrb0yz%2BA7c1dxSmxKp4yYHDC0TuuLsbgqTBubKiOYe35c0y8X7UI0cGEr4Q4VDgPzJhsSnklPgyB5LojPf1HzPGWJRq%2BHJmwEPF9LS4YP0KABYOfGAMLug8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb639b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 index.min.js Show response
microsoftms365.cfd/-walletconnect/web3-provider-1.7.5/dist/umd/ 730 KB
194 KB 81ms
79ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/-walletconnect/web3-provider-1.7.5/dist/umd/index.min.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roqXH0YPObBqmRxg%2Bv7PMHjzaDlugjoZv5Stnh%2Bpksours%2BJkHAmDGviKG84WqKp5ZA3B5MxPlGwg2WOfKqMoqNb1Dle0gKuLkt%2F%2FMaiRnnZmyy34A7pe%2BaDLynnI%2Bqc497MyPO9vj8ijKdawtbEGIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb649b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 web3.min.js Show response
microsoftms365.cfd/web3-latest/dist/ 1 MB
309 KB 90ms
88ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/web3-latest/dist/web3.min.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5bb2e3d5b8faca666b725f51205a51f75b1fc015354a87e648f54e3fbb858eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNgHepvTBc2sCqPU7BOygm5vFtESf5%2Fd4MCVHL%2FJhqCMLgrwrugjb2%2BJB1WFScnvQbY%2FEja%2FD1OpIzMN7gDf5mD7bpO6xoo0ejlCII1eKtOjzskvKFZpMZ414JhuRnXBUToEbz2YxWIfnu2rEFWY82Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb659b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 moralis.js Show response
microsoftms365.cfd/moralis-v1-latest/dist/ 3 MB
540 KB 80ms
78ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/moralis-v1-latest/dist/moralis.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da56e335cf79decae9d35c9cf0256faf47719a7f821308c85f3e6142526077b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:54:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zb%2Fm%2BmmaR0jH%2Fp33gFiWZ78avPQUjbatoDItlBhm%2BHRko3pwJSvdDD5irretNyi67dH%2BvlV3ZdrEgbxkm11xG%2F88w%2FCfVAgD2eeuyvP0XjXHThB4%2F8e407UoqG9oUp7q1h3MMTzPSYlolhNqaqzI5vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb669b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 seaport.js Show response
microsoftms365.cfd/js/ 2 MB
396 KB 80ms
78ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/js/seaport.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7770a462769cbe0a70d183272f59515afec271054f85a5f2973eb1d89e4702d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:54:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km1H%2BFqHaWprljWYJWRBJHwRVGURF6oyAkgzunICzLS7caX0BMofbCCYUxvI%2B0n69eHnX2W66wTy6FNToKWQESf7mw9nS1Cr7pVZdHEY9DTlmUzPA7%2Fn88N4JkTHuV7lIvljn6salNCAvdq0elZIWEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb679b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 eth-tx.js Show response
microsoftms365.cfd/js/ 315 KB
92 KB 117ms
115ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/js/eth-tx.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1612c4b8228ff3e2b95222a2ab4513bab4c12e30609efff8af6385db0b8017dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tHNrraWWXV5LZpTC0m5h7GyLI3Uo9JJ%2FfMWVbw%2BtJV6V8grgTMQdvqP8CAXlFLZeXDeGvVTwmKYsI480pTtACB45ypEFYG47u7K00ZdVyAH%2BmV8oIjp61XGly7Ivt01dNz7WeP6qJnJxoqDa8OptNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dfb9f9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 index.js Show response
microsoftms365.cfd/js/ 98 KB
18 KB 103ms
102ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/js/index.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e348954cba0c59c0b3a8b6d2379d43f5f3483af07cb01076af793e48480d958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgAKOeEpSvYujGvugV0n507LbTa2pUTE%2Bgn6rhqrsglKDvFRKu3pKtpjQI8c9VW78CAYufZMauH0U0WqmEBLdYthffiLnBu4V9K%2B8HP4hoVqsq4JmkJeNfqb1WW6uLDOXIo3iDJjMUkI3uNOoQjG5tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dfba09b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 settings.js Show response
microsoftms365.cfd/js/ 1 KB
859 B 104ms
102ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/js/settings.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24010fe0d24898b5316c8625eb5ea078c19b7176e9b971fcb7972825101dc77c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 11:57:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haL1mNAvLKtsxqbj0axzN6Zao6bk85o3xoNJFz5caqDjjrSkMTAaNErDq1uInYYKsqUeY46K2rF9bJJ7xjpQApSx9V9kiBVYgQXIjqxEAponGrODJVSOXOXIdrKsZv84f2IjL%2BEJ8viz9bRZi2rbSsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dfba39b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 not.js Show response
microsoftms365.cfd/js/ 75 KB
26 KB 103ms
102ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/js/not.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41de0a86ed599ab2c0fc261bfa3314d6e0f36285ca62b4274a329e1cc304dabc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Feb 2023 12:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSCHFsFrtmeWz8BLwevzkmMJ2agfdR28ji7%2F5KJnXtDj56vOQ%2BGV1IZDC9BSxP3do2r1n%2FLrvSIHPtoQ8NlhiVUFBlL0unYwOTjvKmB1mw4uVXigfDxNekv2vJk5b4jhAuwVJSpU42%2BpmFyEKiQXtgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dfba49b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H3 200 analytics.js Show response
microsoftms365.cfd/fightassets/ 49 KB
21 KB 156ms
156ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/analytics.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRKb%2FEieWhA9UCUIqNHV2Xy2lp6LXqH549I4J33eS1HV7ieF9evwhjgrLWIH%2BIqjXrSkbG8%2FkRnA2XP9ZpydOlGu9FuYWe%2Fc4y9Cyc1AbNB%2BywBZsOgaw%2BpnLgFvi2rq%2BxLLFX66EVe5S2rAuRl4zWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f607f409054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:29 GMT

GET
H3 200 gtm.js Show response
microsoftms365.cfd/fightassets/ 148 KB
54 KB 1879ms
1878ms Script
application/javascript 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/gtm.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2883f0ce2532d955c4bc2bb6f8caba512a2b1da7da2bc56a10ae4df82cef257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yii9GA2tNtPx%2Fkq98UsWTcAI5l5%2BxzSmnFvshmUPuRN6%2FJIp23%2BKhfCwLgeSWMx9baYwEryaZAVXy0L71Ix39uCcpntogYlJ53%2BArsgkLh9wyRGAvclKiX%2BZCQ%2FkMgLT296ILDGotBmnbBMTqFKlNxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f653a619054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H2 200 bootstrap.min.css
microsoftms365.cfd/fightassets/ 190 KB
29 KB 54ms
52ms Stylesheet
text/css 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/bootstrap.min.css
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

Request headers

Referer: https://microsoftms365.cfd/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 22:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVsmRq4ruV1IxtPiPGwp4fUjXAr5RSA%2FUbtrLHQhSRCsXYDAKNS5fHY8DVU%2FTmEWWwWEH0BlySnXYHJRSQe30buJPEPFF9Phc%2Bye8ACTUA7NSCFSFDziZe3aJow8kUIKlAIL0jorDPr0cH1p9BZwK2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb5c9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H2 200 styles.d805838a1ea46bc9.css
microsoftms365.cfd/fightassets/ 394 KB
50 KB 64ms
62ms Stylesheet
text/css 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/fightassets/styles.d805838a1ea46bc9.css
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f235cadae605fa5d78b705d60c81707cc34d469a49dc0f76f2ccb1f4f19d446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 22:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48382
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQyk8hAis8ic294NEvXTGr9Z8JSKi%2FUWLPymy2928M%2BUAefnNCUez8caZhZ9ALVEoaWs8v1dXmcW7peaqdMWdxU2lR8EXDAUimLvEv78kMLaOJXtK8yak6jLov25o9GYzg0fZuICj1rE%2FufRuy1RSHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f5dbb5d9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 09:44:07 GMT

GET
H3 200 all-logos.svg
microsoftms365.cfd/fightassets/ 38 KB
21 KB 173ms
168ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/all-logos.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a1c3656799ecd03924e0ef2a33d1e96382e075160a6c7240752968b13e75e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP8C1tXMDeamLOWomOMAr%2B2fNN7JCHD0yWU75iCWTpZqzeOxtr1ntMgcAuC6kvYY8tUEMX%2Fcquq5wVn1QGarEOCmo03Jo6rYCTbrftJcBiwhBLKuXC1FlsXO0%2Fp4Fw9exIcJGC2DJ2Mn4wwB3%2F5bV1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a6c9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 Transak.png
microsoftms365.cfd/fightassets/ 15 KB
16 KB 175ms
169ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/Transak.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883f25db92ef0a1cd23c0fca22c4adad648c43f77e6d745dc7f326d62bdb6c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9qoABmle4EykJZRHAAmtb1cCcFkwRKMgDLuJb89SFJ%2Fy77Qy5IEEU%2BNjoK%2FwiCdDPzxGWXuCK5P5iF7t9tLfTWBhLO5ijAOppZbmDvUg7Qbkixyw%2Bfm4OEXIb7SnwzPYzxVWtwX5ls33Dn9I9nedyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a709054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15633
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 Uniswap.png
microsoftms365.cfd/fightassets/ 15 KB
16 KB 131ms
126ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/Uniswap.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f0c8c616a62b955b7b508ad5c32bd1af458a14911773778598c084e2656d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGzNBRuOwveWXwiAjSkzHNsK6ArcNjxAcqz6Wc2JWHyfUWQayHRILZQmx8HG%2Fz40UTfOv94a4Tg2pwrC2HSRHFp%2FjA9UO0q%2BtVe2MJAsNeL8r1dmb6g1Ux3h97l%2BMdhtpWYO31sz4OuPIlT44%2BYgXWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a729054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15435
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 LBank.png
microsoftms365.cfd/fightassets/ 4 KB
4 KB 133ms
127ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/LBank.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b81be993f9fddebd93385a745f148a8e4fb94c1113dfe8f340e255e13e6d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxj0uRiKcsq%2BVsRtZ0LTTz1C2xgwth4%2FKO0XnF2sUeN3bmLoUlIInN4U4wCDvpZ2656DM8YdUfVJfi8HpvytGQwRBIIoXK6QtnuqxM5%2FmMZej%2BtY2mJiOkYZLDxhga3mQQANywzdzPRlJlOjIV5nfeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a749054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3844
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 BitForex.png
microsoftms365.cfd/fightassets/ 7 KB
7 KB 176ms
170ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/BitForex.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2846e6d2f176f6426a016e30d02f0b1bab89493dab28557d4ded619dbeebcc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN0RqIppLZX0cDc2mrFnWJVnFJkoYGaqLJ54fdc%2BshDn1E8vPYaWAC3%2BIj6sK%2FPBnEEArSV5DzbQSsnMosYJEhW8eAmKeZ3ByJI%2FIGwbKbgFGYmzPFgukGFkBxoE%2FOV6iHu5e%2F4s5K7LKDtCRmtXAzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a769054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6713
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 DigiFinex.png
microsoftms365.cfd/fightassets/ 6 KB
7 KB 137ms
131ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/DigiFinex.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e35da87655c071b8d3e294f0fe5346f5de5986561462cefdb75756801f4726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAU2H4nxBuiQHzohe9HPf8Wb7E%2FfTI%2FGq6RiLBPxJYsLLR%2FmKJlpZcwJeFIHrfEzDY9moFQbXfFXUK%2FyoN89I3ChJ7JLLX2ReFL1Ih2qrH8NfKd%2BIQgXOcfN6F%2BmvxRcjsElTAW2%2FGevqRKkItwDOFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a789054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6331
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 ChangellyPro.png
microsoftms365.cfd/fightassets/ 18 KB
18 KB 176ms
171ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/ChangellyPro.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54bd4a65211100607ac173c6aef4a7824e0bbb2d3c7f363a7f055ca1339bc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRPa1QSPYJEf7OZTSyLpCLTrh7AY3tqpUQClpNCFskn%2Bq%2Fkd3tFWiD6aYdr1GQwzZR2HdMEcESFqnoLPGjn%2Fwg9DG9NYJPGEV03GWhbqpEYkYM9KHiXpr8XyqWfIeXJFfiNbHISuaUMsRB%2F8FPNvrjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a7c9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18265
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 BKEX.png
microsoftms365.cfd/fightassets/ 13 KB
13 KB 136ms
130ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/BKEX.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91924aa0e885f5611df8f5cc6ba5bb96d236323ed523a6383bfcbb0ed0c50473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUTdY8FkG2qgXCQZ0D7C6jH9Tm2s5XkPGwgywld5fRm22Pjzxp5KAz2orosdazG%2BIPLHjVqALFgFle2SVLqLD5Vvwsm87pJa0%2FhV9p3YefZzx8UOdeFRlECIUgTffYwcrTz6pHKa6D5DKunl1j9V2%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a7d9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13242
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 partner-1.png
microsoftms365.cfd/fightassets/ 69 KB
70 KB 1070ms
1065ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/partner-1.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f172f8f38f9766853f311a41522aa0baa4b961c9ba99d63957330e31a3564898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pu76zsoZcgXAKQbb5EKI2527Soo66LHXe5z7mvQia1%2F8B%2BqYmA27RnH7x4bon3bNHBw%2BfixKVJgqulo6ae9zm7c%2B5V3p7aV8q5bNzaMCr1Ar44fgQq1odAlXbNikVkQVbGwmRSBt84aJZ5iZY77YrPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a7e9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71050
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 partner-2.svg
microsoftms365.cfd/fightassets/ 54 KB
24 KB 177ms
171ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/partner-2.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06859894819e34b2291fd49124aed945bbc13648f3ca7fffb052e7e00d956725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn2ul%2FhA0S35eP8AdtP%2BICHNOuOmW4QpesweIxobWcMtLGvftWOhMvl%2F5XJxw4yHhWGXoA43yWDp18jikjdwAtxGf5q6C9Hdk5FXBp1v6HL%2Bg2EQNWxK4HmMNanWo%2FZckJVADCHsa6qkQmAIaI9dCv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a7f9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 partner-3.png
microsoftms365.cfd/fightassets/ 69 KB
70 KB 963ms
958ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/partner-3.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1256edce5d23725665765aeec67705cae416ee6fbbd9b881c91a5c748181c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj2YNMCTZJlz1gm1rj1cf45t8ZMZYhefCcRj3z5no4tjW4svXNSRC4KRIetzdDQAOCOROF%2B7gY3uEwuZ%2Fvh13R4F0pnziSKc0nqYPLLQDPgm1aj3cR8UMD31YmTX3lXsp3PBtP2sCOdNKomHKHD7a9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a829054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71113
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 partner-4.png
microsoftms365.cfd/fightassets/ 97 KB
98 KB 950ms
944ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/partner-4.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d759db3798ea15786984486110519838055a594dc703307f33811eba9b9b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0f5canzjfEu04AUMDO0lHcTmQBMTgx%2FWcrzAG99K1za8VVuqs5UMMEsbtqqqPR0yqzjTH%2BG0u%2F8lqHtDFztjuZS6baNaWfDuEnY7ixK1H7%2BhUOe6rqd%2BvOmNC5eQsF7uMOOamOKfo%2FGcvBIswxVGog%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a859054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99605
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 cryptonews.svg
microsoftms365.cfd/fightassets/ 8 KB
3 KB 214ms
209ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/cryptonews.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b719b030fa0ebe31dcfbe07dfed2a3e06132b79cf3b0a22774099d718e8ba6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVD1Da6L%2BAx7zKqszrLAL2D66bH6Z5MQGREKcLSZLzoCqhAmEps9IPlMTfNUIzkWx71P%2FyoOxaIriSdpOPxGTLIvrLuoJ3maD7ojLgZC3YFioBrgm%2FijMcVpuZ%2BfRearWz2QdpYwO8pPv%2B6BR1exMGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a869054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 b2c.svg
microsoftms365.cfd/fightassets/ 10 KB
5 KB 215ms
209ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/b2c.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c27beb532b7efa06e83b3e11b32f386d3ce489e7972a3898f041637745e3841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCbGzlQ6GKCsC8%2B0WVwnWh99%2B0g1gdoa2b8MqSpsXznMW2XJQ9HhxGfTwdk5q3oJEHI0aUoHLZUTj9xzkRz3DOH0IYHnSHtbsdwncx3iHrAICZu%2BZM%2FFbo3JmG1kr%2Boyz3Z9Po3CU6ZkLPlNdfN6bpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a889054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 economictime.svg
microsoftms365.cfd/fightassets/ 16 KB
8 KB 215ms
210ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/economictime.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceee239a9dbaff171d058ab9ac2c79ef39acef178111b3580143448cde0dd511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdUh9L3J%2FKgaVKGhIkOdSGw6GOzoU14uoHTvXSvsKoP2ky7%2BKrkKgWLNpXBP48vWf7vWiHaMI2qJFEYxlXgbl6slMRXeSxYMaNrt7S9X5igySjmkZ1RX%2FGFcMXywkk9dOEEmYD959eoRlG%2Ba8g2mGtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a8b9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 ct-logo.svg
microsoftms365.cfd/fightassets/ 15 KB
6 KB 216ms
210ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/ct-logo.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb8425f2b0db3e61f5e6dc22da84a35aa273af154e2808f0056bb54851733db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29fPW0400XGSSWeE8eWScQOFLwnBt9dI8QqZYWUmlg2ssnQr2Qk31PPDA9SfOduutcFYPWw6S5Qx4xuxf91zc3Z9NarNG1htxMvAskpzSKkzaBEcAHn27RBOdx3oxJIajTWZSWPbdZmExOwzUTehoj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a8d9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 newsbtc.svg
microsoftms365.cfd/fightassets/ 5 KB
2 KB 216ms
211ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/newsbtc.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42adb70215c28b80c2ac01fe5fa4cc6a374b61f40c892cf785c7b4024926bc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLsx6MWajjboHFc5Hy86rEsxRLvxlMfB10ENxmC8cjKOisdiFLNrvSBdXVsngnnrMvWgUJHeVCTsPMmoo48lTlwl2eClJiebA47YPQj13COPT7Ubv7QfArCS4ehnPdAmlDW7i95DuN2uZwhMlhe5Nz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a8e9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 bitcoinist.svg
microsoftms365.cfd/fightassets/ 15 KB
6 KB 216ms
211ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/bitcoinist.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7339926a5bf5089a6af29a8c12133068887e218a53ee9aaeed1baad1e72aa9d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRa56t5ue8goLUi17uwSSna77bBv5%2FRqiS3b%2FRAVaevsT4cMeXqT4WP0Hl5VIq1DSDLkYjF3Zc%2FXaATo3gw3pR%2B1wULNeBB9zZnk9TGjeYptQiwoxx2RG704q03FgGXYPTcZmlm1B7vUoPsxMs7Rz%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a909054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 insidebitcoins.svg
microsoftms365.cfd/fightassets/ 8 KB
4 KB 217ms
211ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/insidebitcoins.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86bf5d19482aca63695b945b81db0edd9de0caaaea052108fa211500aa892fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMk2JnYXVJR2%2B7k0ASxoEMiaclc6ivYBWXFn0m%2FtclKeElBBtVk0SEd8L3raDjT2Qx0AaL72pQoZi13%2BDxuqtruRn55709rVGyjae3Zbb7j0nkcr3ngdOjEpzyDgRz1ZZCqefpDWSaXqnuBzgK7k9LY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a919054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 kryptoszene.svg
microsoftms365.cfd/fightassets/ 11 KB
5 KB 217ms
212ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/kryptoszene.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702d0953574471d578e78121421959a25db0d7fc0376164f48be839bd2fab2b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RldObqIpETblnaNEQCch3RPtQ5J1zFYb7Q%2B3HTt2dyDVPJN94es8WFF3voKe13p%2BxGHTRtkPoxYD1HWQimx1AVlnNEpYl5Ik4xTeNU9t2JhQzP1h8S%2B%2B8ZyWrG%2FkAMcEwvG05NZGqaHDXgbJhNllpdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a929054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 bein_crypto.svg
microsoftms365.cfd/fightassets/ 6 KB
3 KB 217ms
212ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/bein_crypto.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83526d6c4c6eee32bdc8189fc0af3ecb58aacc60d57f6f659d120850d959b0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjj50SqEqxgqUhGm%2FpuCQMOCEAAlQjuy%2BoeMot5WcvWQ449CIXsUHlz%2F71vrQMxnpU1j0%2FTgvggLxpTbcSEx93iAZRVYqtGgTWrsKNRgZ06%2F9J72zY0v%2Bm6IwhEzFrbhgV7MsVQNyGNl%2BQ737xMy8x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a949054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 cryptonaute.svg
microsoftms365.cfd/fightassets/ 10 KB
4 KB 169ms
164ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/cryptonaute.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8ee0477f7cc1d4018a5282aab685cde69bffea47ef00a7fe2c1f4c19570926a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxaw477EuPUk%2BJLQxZc084cE%2FJBMChEe%2BvoajYt6bALwlMYWmOY8mwFXIp6sXDQ1QpjztrAlp6uwtu1GnXSmhHIUVIsjsnBInobhTSbXOR1bGjLh9BoiweIhYzNyflF0HiXGsfMG6cY5Doy6HafAhKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a969054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 coincierge.svg
microsoftms365.cfd/fightassets/ 6 KB
3 KB 628ms
623ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/coincierge.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700f9dc71f51fd887e0d97c53fb58495c8b94114c4698cd4bb5fca60b8b82e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLTD0wF44CiGcI4%2BAErCQ8NpiuL%2F7rGHF%2FdQ%2B7yP7A4byWqdpFpl%2BH%2BIaTqDMpePJUTWV0Y6J1cN2WkZ%2FQ46W0ao7VbOJdQF%2BEeyxTIVO%2F%2F5zy%2BFlIG22DUoIuPJSgXXiaDxy6%2BwiaN0NECKnDM6v%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654a979054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 accordion-img.jpg
microsoftms365.cfd/fightassets/ 100 KB
101 KB 589ms
584ms Image
image/jpeg 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/accordion-img.jpg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484ea38b6b2bd747ba5fbc6c5a821a2dba907dbcafd72e483b1d9ba3e506d81d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkT2JNLTm8vrJlg4EW6BF%2Bl362CMQRprKmhR21UeTHasEdm3LNDFKw0pc2PpS%2FTIq3kyNGzhsTQl6Q1oMykbgn1j975joBnFii2EKB80f%2BfCjaBd1%2FTIIbmHm2S9QchcAcJpLeQ32pqIYad%2B06ZTJIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a989054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102416
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 accordion-img2.png
microsoftms365.cfd/fightassets/ 431 KB
432 KB 510ms
505ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/accordion-img2.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe4e0f0b8bfd215c26bb75d404a8b09de962bf5160b2456ed67aeb46d316664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3tVQGLwiV65AuEwIDDuHpQZHH9DK8XQV02dW%2FVvY5ZO05O6bVnnk4npeCQRWFDvPTfZtMSjKT4G2oiuhq2q%2BygLaCWLdO1WdKwUDN9qGQbOnkdQfKTz0YH5uZGrDr4BRWrJujh04Xv2g0wi2hlkwhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a999054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 441612
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 accordion-img3.png
microsoftms365.cfd/fightassets/ 432 KB
433 KB 264ms
259ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/accordion-img3.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f7eb47d67a59d862c55ae014fa2b1341992ab536dd939495611f1c15fb1007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmGEQCB1mELbmsc0UeM9fxViK8TCpo3SbNCzGsZyARAlIFiX5YI9HEhXZwI2gEs32WPwV603OTFYCl2Lq7ezqVaKgoZNX7CrlwZtyUCJUnQn%2Fnc0YSgytjTagcxFI%2FSDdzA9gcwxiC2ibvbZwLDT58o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a9b9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 442454
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 mobile-0.png
microsoftms365.cfd/assets/images/ 179 KB
179 KB 217ms
212ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/mobile-0.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094e8ea49e8087adca2a2fe8ea064b16267033efd7bea651ab6e2697ba137ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:51:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr5og3KV7zMXd2F0PP8r8AaH6AYIafz%2BKPgBHF2XLAQBts1e4GPft5%2FNCK32KWCekCzgYQ1tMNMblVr5HXqecgH4MgBkweYYnmUvjRa0FwBKjTP%2Fi9I5KEst59EPktmKB5ij5GNw1PAKszZ%2Bif5P3VM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a9c9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 183212
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 mobile-3.png
microsoftms365.cfd/assets/images/ 319 KB
319 KB 217ms
212ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/mobile-3.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db85a1b1b429987b0816c54bcdc060bd576c01a9863ab9400d18f383614de0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 07:02:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXU30S7e0bY4frh4MKTQm4QZ7CjJ%2Fjq%2FxXLsV7g8fbCBgsVwUdP1dqP%2FvIKvuAm1UGaht7sQ6sgexV2qC9x2i6bpOrDi8q93zg%2Fu0eBRbJyDj%2B2BYBFV7i1cxVVJnjPG68tD3AbXoc7aT6%2FIKzxXzCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a9d9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 326269
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 mobile-1.png
microsoftms365.cfd/assets/images/ 183 KB
184 KB 341ms
336ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/mobile-1.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cec29e3541b5189f3a3e2b03bb0ca3d3c4629918dbbe2ef6aeee65b2b8e6ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 07:02:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keRhXHBamEuhgjbufWEZZWkWVMr%2BOS5UBWhzTyMzu%2FY1iw%2B4UgTr63HnF5SGqb3Y6aXCoE3JJZvwIzfsA2%2B6ckFdfkOvc%2BQKNcbdnGEUO5SMzJ2lD6SOHlCwTvjq1qPHO8LgpNkzrAeqqdaaJ4OuDyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a9e9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 187604
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 mobile-2.png
microsoftms365.cfd/fightassets/ 133 KB
133 KB 1882ms
1877ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/mobile-2.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1ebf08186151cc155d5e20a3d4d082dcc1c8188c8705d95f872d05d2519689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsDFHszUNXF%2FXZy0TlhVIIRFiw6izq2pOI2uL8oFAv35wLtsGJlLJPRluizzdz5QJADm5aWDtGCsWRZRP63%2FSYLMXaCh6dyNP9A3EVf3NmtgYtaHiIiIVRhqtFSbdF%2Fru07VJzVmcxjpDtAxCba4Avs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654a9f9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135862
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 left-icn.svg
microsoftms365.cfd/fightassets/ 596 B
877 B 417ms
412ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/left-icn.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe79365b03a7fd8b4403d0a3dec253d2a79ce16353a92c3c9d1425e0a0c30f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n08ZjAVanll0xnY9r4v2INO1ELcBJ9564vsxmLL1HFVKPuuKQTIyp0b4XCNsPQtmpeojsG2ZuJgGfRyb%2B6qN86AxaN%2F5S%2FIrXq%2BIHEK7yXXJh0GOJ863xq7xaVknj7I1jhmRBrqa7FH5NWGlVLNXUwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa09054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 right-icn.svg
microsoftms365.cfd/fightassets/ 603 B
872 B 419ms
414ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/right-icn.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9927f56f0a0839603f1fe091d878c6a03fecd2691edbcaade84fb5eb02665b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS9OF6eGVzSCWUJBiOtH2xbkqGkHwvs%2Bzd3dAB463A3R2PVrvO5TSFqNbdNufDb0di0chN%2BZazlEuyfrIaX8RKoOw1OLBANqi3LhUWK2B1I%2FY8fMXTAywB96RjXWQAkDo33jAB8F4a4L9uMI4HHK4nY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa19054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 white-paper-img.png
microsoftms365.cfd/fightassets/ 314 KB
314 KB 1347ms
1343ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/white-paper-img.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98075088ace07c2966f09a90d15909a28f55d4561204b4ab1dd75fc512af242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDX6VaogcKx9kXLXUjRjSpnjERy28xHGOjjHMJN1mD5%2FDpTLQGD8EIIQaP%2Blcq66CY%2BhK3XRENAlZsCgzIk%2BJHjp6IOvZtXZ%2BsIxpfbbWHz1OjXZleUoASMqAoY0TXm6wNk4vLoVfX5JMuX1raM3tQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654aa39054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 321367
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 strength.svg
microsoftms365.cfd/fightassets/ 397 B
788 B 419ms
414ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/strength.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31248769707c76547923d787770eb216d7e646cfd315025c0898f109d1b123ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfvhnSNFBLZmfT3ffOLDbdJyCFK1MS2pGgq%2FEW6aS125iup38xz1cMkZeaIC7iRKwrLySmeCF0qU9JHMgE4mnFIbkv5xRFE%2BQjr7nMnVoHqH0w4swx2Np1Dv3CnKMJE2aOoUGwwiFW6MTQ2bAd4LwZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa49054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 cardio.svg
microsoftms365.cfd/fightassets/ 668 B
893 B 419ms
414ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/cardio.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef3a12b8dd10d11f371a4b0cbe51ac673e6329c2fb12916edd33d06de1210223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdshwAXRWbVfAlc8Nwgu5XxhThT7adogj1wh0BQLFJ%2Fh81b8ETRpuwDmuIh5l8LnJaSdrmiJxnCHqkqHryv3mcyf5onoM1JfFfyuTGL6SbmRNkx8YG87Xg0Am7asB8GM%2F3WZmB%2B2XFMScF2QM%2B8XisY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa69054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 muscular.svg
microsoftms365.cfd/fightassets/ 647 B
877 B 419ms
415ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/muscular.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be17b108f097091b14c786a4658ac8625d06cf0de1674c66c8b29c7ca718af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51duWB3poV0P%2BBHRpABRcRItWtnEVRQJLxDAF93qCUU4uzHM%2Bz19KIu0KjA7sOzm%2BzD%2BaatYUJCskdM3%2FksuU8Le8EdbBsI1grLSyEhwl%2FhWpjbUftJWTMNk2Xp%2BxoGZZ9BKCai0uWZv0NCQhF9oeBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa79054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 technique.svg
microsoftms365.cfd/fightassets/ 2 KB
1 KB 419ms
415ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/technique.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877b859299ebcf1a7900cb03f4ada1207779616cec9c2245219a0ae1b78df252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obSveJOOHYtwmYG%2F6Q%2BTPAfbx4yHWay1RV7HLa%2Bhivbu89Z1Nk17t7jpc8%2BpVRlgIEL%2BtOCij9U%2B0gJMuVSJR6SM4dOMaEY6DnrfsRvuyLSUwShZZlEDuMVp85BudHIJpSbkRdfresjV86y6Vn4X0n4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aa89054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 wellness.svg
microsoftms365.cfd/fightassets/ 710 B
923 B 421ms
416ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/wellness.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c9e9bafee669ef481ee6b00056bfcd80792204afc18dcb1e73c255303ce2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV9eTGN3tT84s1du0vcr0E2nObqUvk%2FELYV6BNf4J%2BOclqaVqa74PflEVgx5qZDMPmcG5o1RrKVZzVcpN0eSXq7D0Fr2zCvnxe%2Bh2xrMg8pof3Fgx%2Fdhs8pl9bcVgdw2SEar0Dsp4ypKtE56IIRzBVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aaa9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 male-fighter-1.svg
microsoftms365.cfd/fightassets/ 883 KB
662 KB 1348ms
1344ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/male-fighter-1.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e36df1b888ada75ed6e39ba161585d08dc79b847dcb6c3848409fa56912ddda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZM5A%2FO7Jt8SHjfVjPNjs2PKNW3y4GxYVmHLEEdBnPOZfxO%2B6UGpjcjSo%2BLZ8ij4%2FwJkcLbhV0Wy%2BQErAc%2FdbbW1r3h%2FYPv2MPTgEtKYRagzOtyzzRXXbS9uKaJ72D7nV4Uv5AZtxf3K5%2BiKXGosz50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aab9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 female-fighter-1.svg
microsoftms365.cfd/fightassets/ 2 MB
2 MB 1142ms
1138ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/female-fighter-1.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49344198c9ab74239ba1aae44b4c0318e73284e8137aa5905edd5f69794d2c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9eb1IvwJtX9395PFPnZDQzc1ZPUVl7dmhV70a9cCD8rnKbfshAY7DxD%2BZV10aRGnRViBRCpyjVew3hGOOCgNDJT8Wu5wvYzlyhO3XSFq0WdNzaLsBbWBlL0hLylPZvy5bXw%2BxJeJHmZfKEyYPDmwWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aad9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 female-fighter-2.svg
microsoftms365.cfd/fightassets/ 974 KB
729 KB 986ms
981ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/female-fighter-2.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8923deff400fcbc550d4c33ce7cb4ef4e9ab4038796dbda51a6f5d7430acd13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVHnr7D2ht0tq47q4qxT%2BF2Zl9CikyD3pgoRfUqJJuZGE96a6aRr6c6gtBEE1gkXt%2Br8NAjs4PioG%2Fuwrb9S6FabEdQnKzsPsXm08RRpCEzM%2Bap4YT98jiCAAdy%2BR1mvnLsG8eMrH%2BXV86nAeDCvDLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aae9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 left.svg
microsoftms365.cfd/fightassets/ 460 B
814 B 421ms
416ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/left.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92c4ee8891504358ed5afc560b47e0a0a9cfde0b2a202eb2b704b0c100cfd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWAScmJmJm0Mg%2FMSZiarbb7GtAmHkoj6HEDaOL5eMwF6jMDpq4ZD2Y%2Bd8x5mvU9G6bH70HA26HYHzxfnDOP%2FFByTmj%2Bb2vuNhvnv6%2BGrfV%2Fcc%2F9EcoCj667rk9sKzBpdJuy1%2BzAlm27LwzK4OHmr9YE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654aaf9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 right.svg
microsoftms365.cfd/fightassets/ 459 B
802 B 1106ms
1101ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/right.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bcb57561d98f0a15da23824bdb550ab5056cc148b3424d0aa71df4309415af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WxKYQEZ0Ge%2F2T2Xegln5rAgjugbGFIQ7CM%2FAoD0DUxwUxbLMs3aIy7wE6JEHanX3XMNaqg25NHoVumcejkRzbTdNkQXk5M1DpU3zTMHctk7QKvMJbI7tQpDAxXpFmnwjid%2BKb0x407c7gtJYTlXnK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab19054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 helmet.svg
microsoftms365.cfd/fightassets/ 296 KB
223 KB 918ms
914ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/helmet.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bfe9ba42b3c0dcfba19211fafb639215883127da5ee6f9a5137a609112c800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Or%2FuzHUA%2Bwn%2ByWCMyZhlucB9AsJVB2Ohkzxeox7E65p7fSXwxB3U7wBuVuvfHT7vYcuC5LbPxePLFCPNxxK2JEtQxJ1vas1AhRs4%2BcBWXNGbHz5scZTyAf1f8Sq%2Bd2wIDXf0SXf5gcBvDw0Ss985GEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab29054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 woodies.svg
microsoftms365.cfd/fightassets/ 918 KB
690 KB 865ms
860ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/woodies.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7144b5febc2525d3542a35f7e0bad995e8027d5aa5ff6c71486d78323d67d2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY2GOnuMOzgDkwLYJqx9em%2FdaLVtQBZaPZ0S6bqDooPCqywNQ5MBvoOLFdbqH2kJkJLh8ck9mL4T2v10fihwc%2FRfGQLOcFWqv3%2F6lkZ5a13EkbGyWbcIHcKwmT%2FDHAM4JVhUAH%2BcWY1uKuAYXbvz8Gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab39054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 gloove.svg
microsoftms365.cfd/fightassets/ 274 KB
206 KB 828ms
823ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/gloove.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc7772ef2b7663bacdccb18e78c06a9df90164247e32b8293758bfafc5758a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5QfsdPv7X6rXDjKHah0D8IHugo%2FG9CFI6ygO8TJHBp0ujL7Rbsigus3A3xJkfKYr8zh6JCD25b%2BDBfjfHRGZtFKUZAu%2FvAZ7u6emEfw410Qchh7AMBcKhkbsrPMzD51sg5DkTe5eAqaSfmDRXm1OGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab49054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 shorts.svg
microsoftms365.cfd/fightassets/ 168 KB
127 KB 826ms
821ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/shorts.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ee65c207e2c7a96c3cf534111856a2e693abd24ee1ddbaa8df41262f7c193f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o44xkkm4Rq%2FkVsXL5aNshCIEI%2BYDlbnU4QBFpbX4HFpsrvjF6vVK15%2FLSW3ZxRMt7h9LWLNQ7dCjzQ2Zi6u3hDfowOIJxZ0mHoA5Bln%2FpkwsWzRWqwdRt0sCYoID8ZttWCLGv%2FLmA2g7dN00lACOFQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab59054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 cowboy-boot.svg
microsoftms365.cfd/fightassets/ 371 KB
280 KB 786ms
781ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/cowboy-boot.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a7b090584be67ab696c03e2d83dafb84932bc82fe4d09feb25007ae63fce4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOFBkj0txu2T56tJYb%2FTAvJgwd5BxHeVpyXbBDNoi1F4tAfhT4gpcaaaZc4roWmKBP9z9o4jMT8B2blzzRVZCdyzKHUihhKX599ten1kaqnSsOHUNdesvPBArX2qlSo2y6YbRcZiKpbu0rsu4Ug6KkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f654ab69054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 m1.png
microsoftms365.cfd/fightassets/ 351 KB
352 KB 724ms
720ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/m1.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bcd5175aedd8ce9901fb1614eafd5a6f0bf0ef2fa5e3f485b18d93cba26fa6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVXR5nNME2qNRfwA4mLrEUIS6MepV%2FsMnYC4z4g5bxjnLARfZfl6AdK4NwjSjg8Ew7cjzXaicvgHaUEKAUbO256FotTPsx9RHpA1l0X9TFY92%2FziSkHL4PXxHI%2FQtj664FAV%2FPxmGYSbp8odUYSJdUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654ab79054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 359719
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 m2.png
microsoftms365.cfd/fightassets/ 90 KB
91 KB 708ms
704ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/m2.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515c35a24fbe7cd9c6cfb3ff6a7bfbc03caf0e7e076a4e63dde378ecae65b098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ5q5Hy074GVF98e%2FSowAhVps8DV3MQGUqodYZk0hvDZQoSvNVu2agARMEB49H72AtpKXsYtArJSIryK62p8oWVfXDi59UdpmtEyvT3gC0ogoMTX63PjU3BFY0gvWqsb6V76WchMYHWbPAFdvDipbJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654ab89054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92448
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 m3.png
microsoftms365.cfd/fightassets/ 87 KB
87 KB 705ms
701ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/m3.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6981dcc49c49ba7421d4b0d12706bdacdd37d4c5cc239980fa310f2a97f9d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgZ5gGH0Y8BU5%2FS2pHuADHNIwFAVoQHakx1C0yEXs8VhW8qIXh8F%2BZ7eGYC3nNYrJOL4GuqL7JZ6bcPxZWjQiU8%2BxdhtTwyPX0gvDXozRq2nancQCRltqBy%2BwwwHGnznEsXt%2FJOjoUhg0KrCArS8gFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654ab99054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88733
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 roadmap-1.png
microsoftms365.cfd/fightassets/ 223 KB
224 KB 666ms
661ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/roadmap-1.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f234aaad8092413c0d20656cef429c4353f11a697b73f1868ef167e298b62a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTfgdcvb9PYDIlthI2chykAQ%2BsrMMC21hTE6qB3FUxWF8W2h5AfyPIWwYu7WWSsn0pgO%2B5Z%2BMuQXwd8T83HQ3sv1zPUvShsGwKVBWX%2FAOYFqSz0V18tCCmoZb0Wysod1dno9jdRv1szkutMYr9t4m8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654aba9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228533
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 roadmap-2.png
microsoftms365.cfd/fightassets/ 173 KB
174 KB 646ms
642ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/roadmap-2.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1326b701e16d75fc0387a3a0b427ab28b3b37882b67dc47c523c2a5e23c25521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHmWnai%2BpOG3SVBFfgmNhL%2FNNdAt5yWHk32RPJH5Tsc1nZ3GSGCi7629II%2BInabOraExm8yLF3sQrpPyrliJ%2Bx4MoDfSFqPTtU5TacqwPWzepElw%2Bq1yhHM3FPupskOW%2BBPaEqJN7iDFU4OBUKEPC1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654abb9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177599
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 roadmap-3.png
microsoftms365.cfd/fightassets/ 84 KB
84 KB 1633ms
1629ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/roadmap-3.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e66fa21cb8776c062b8c20b01568ec8b208e4cafd742b188c9f08b91a369c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdWUTKJEUt8AInAhhe9plb5CEe%2F2e%2F6feRZ47X8wNvKMT%2Bh%2FR3BitCFilTKpOLZBuRNe3OVfR3Ybqs9K3agNsvJSK%2Fl2fKW61VtotvVQUHp1LWzQh%2F28Ne8s7TRXn%2BrvsfBqDLuFnAEgSw2VfCR3T6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654abc9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85507
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 roadmap-4.png
microsoftms365.cfd/fightassets/ 121 KB
121 KB 1635ms
1630ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/roadmap-4.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b664a0af26ac080789729190a62ba60e2e6a143ecd2a95c417e6be29b5826514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEWQB9sWepeONtADeiXS2%2BLP6rkU9Ga1iGmJdB7jA6aQxgufCX6GCYTcysES4UqGVcAKx3GKtMYQREAH3qCbhbIU%2BjQGlXUFQZOFi%2BgY34cF2XvDgKziJ0Gy2TlKlvHJgG9dMvkHeFxsiWCQMl5kxdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654abd9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123696
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 roadmap-5.png
microsoftms365.cfd/fightassets/ 173 KB
173 KB 1654ms
1649ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/roadmap-5.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2d8d5dc76a24a712ec068448b7f6e192ca5d49e6d2365e4e7223bae8ad1258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 22:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA5A7OmZtBfY7cW%2F%2FpxaujcFO8CjQ9Pnt%2BAjVJ1DFXKizv4aqxyojIDEduTurQM6t%2BKGO%2BL3gqmEdd%2Bj6uL0VjVVvNH3fb%2Fo9OOXCLYtZakre529JGeTV6PlKQqZv40r5dmoNSHoIElsPI24KBbR1mA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654abe9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176825
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 cnv
microsoftms365.cfd/fightassets/ 43 B
504 B 420ms
416ms Image
image/gif 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/fightassets/cnv
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 09 Feb 2023 22:13:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWtqwYSX0UH9LCMRYaYMlbaKrrAuTEuw1HzBNNqCIqRkdQbqRyqVBylmSI4l39QRpDEBDkyo6et84WTpb4Km4jAl9DTgFWywecuxt85kZ8P0PmdTUhw0QEzhygyMfxvbtun84pEyGl3bnNpNhmwXczE%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f654abf9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
54 KB 146ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THBT2GC

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf44158feb1d05beaa020bbb7743201376f834ad7b9bb2ba50dbadf2733e4593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55354
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Apr 2023 23:10:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 142ms
53ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51c512cf3fb338352666adf70184a9ac9ab8f3dade443235a5b993b3c2235513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 23:10:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 23:10:31 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a4b4d6071898ba5b9dccf9a9c0fd673404f242f1b3c79c44e8fc760679027a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 header-bg.svg
microsoftms365.cfd/assets/images/ 400 KB
295 KB 296ms
296ms Image
image/svg+xml 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/header-bg.svg
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cd7ba9073cbefbf69ea69f61f7c57e22051dabf632b8659cfa09f6464cc248d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:54:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQQe7jqWXrruO3qnLSdpo0jr5I3acQlIAWSVUw0P1zb541cDO%2BKD%2Fg%2FyWwPFRzK3g9V9Z3o0DhFh9%2F4ipVpFl%2BZ8kJLYmN6IAj34PjaKYD3d5kPWiO5yF8%2F1hpibVmQrIvffV0Y4ClDH9sgD7U%2BVJVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f660b739054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 frosted-glass.png
microsoftms365.cfd/assets/images/ 6 KB
7 KB 1591ms
1590ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/frosted-glass.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: decb7694f85c355bea03c654e307082308b30d1d5d7679c3429ac8021f6cb3b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:55:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRfRSKxbu5bd4CD9I%2BoywkOZECsk1b9tURFOpPokgHdY5%2FXn3zVb9dQo3ALEqpSV5RdTKtlHgKUDl7QAUF6iblLPtt3soC2v2KK2NHHQHEt2gszvFMoUEBnooL%2B1RyxWaNAxOO9lIL0pF%2B3gbsk7kFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f660b749054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6460
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 fighting-bg-outline.png
microsoftms365.cfd/assets/images/ 25 KB
25 KB 1590ms
1590ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/fighting-bg-outline.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8607008acce109c647655328cd6d7ad6e70f7b1cf6992434a9bca99425ccb042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:56:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdZQhuMVqwY8RbRoHxrVK0Zg6vGOL2Tub95H2fLeqq78sS9XQEJLO88c%2FmltxO%2FJuk3%2FPj5LdQnTvXfvTOv76EjPoUMrgfBBDgZwM8B55imuC97V%2BZLmLsr9HKbDOMwm0UF1YUWAE8pqEhujjHBNHIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f660b769054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25364
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 paper-repeat-bg.png
microsoftms365.cfd/assets/images/ 143 KB
143 KB 1586ms
1585ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/paper-repeat-bg.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4c273e78eb5c2bd6e5e19114dc51138962d28c2ac20c383b5008623122f445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:56:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX3bD1kcqgyKWoKbg0Geci5dP0Zxp96MHMawXB4aFzmQKKZqkKIpZcjhuaVpLA2UtlgPN8xrefrrhXZGeygiKD%2FFbzflJdkxrKGxe4Ea17tdg5YWG6nZxPqO2RbaYQWe6gqvWnhCyzP1YhDIskIXPkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f661b7c9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146273
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 fighting-bg.png
microsoftms365.cfd/assets/images/ 89 KB
90 KB 1745ms
1744ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/fighting-bg.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1b6a9a473be966f0824bc06f9b3b69efbda18a8cf557223db0239fb12b1150

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:57:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFW2lrKeI2XXExTcHZQXTRgnsxFov84KiNCdvgCgP2eBCJdM8S2zhzAGnQibGFQPuecGjhF3zO5bjx%2FkbiXWVkOgYCpCrWW%2B9%2BlRrfbCMO1HfN6rSoLPa6aoTVp15xoi07%2B5N8v8dKjETP6l6e6NMgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f661b7e9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91619
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 crab-bg.png
microsoftms365.cfd/assets/images/ 9 KB
10 KB 1782ms
1781ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/crab-bg.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30371a405ad93abeaa3966066dd8c34d470131f8b5520df9b1e071e015c417e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:57:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZkSyE8P0LOKWCKikIx7jxqTkmxYlRvv4lVTa15Z6JO7QNXY90S%2BoW1kcHGZp0BqCmdwWTh%2Bk7KXTQc0PkluX68g6Z8jZ65YWcbi%2Bcw%2B6GgjLuXQPVq0%2Fa1%2FBmgPGKS7drK4aUtGf1%2BrOthC8hOeJmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f661b829054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9198
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 200 orange-repeat-bg.png
microsoftms365.cfd/assets/images/ 749 KB
749 KB 1661ms
1660ms Image
image/png 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftms365.cfd/assets/images/orange-repeat-bg.png
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6fd56a259351f02146643098797e2fb75ecf6e705fc78032705f3ae29bbbb74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:58:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EekUT5kWorieE9S6BGRCqtLF5LBKcPhoGOwRG0EKhCwo%2Fs1iWWs60%2FuQt5Ss97E9zA5EUfkOyBZJ0FAsny2FtF9QFtE8%2BAWoqUK1YkjQ9JsAjRJyCtiB2%2FGtWQGW6ZtgHfJwCuVPcChVwUEjICwEVb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7f9f661b849054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 766533
expires: Fri, 21 Apr 2023 23:10:30 GMT

GET
H3 206 avatar-scan.webm
microsoftms365.cfd/assets/videos/ 318 KB
0 1590ms
1590ms Media
video/webm 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/avatar-scan.webm
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:58:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BgmgH2rKx0tTyTiyztvnx0s%2BLUs2LFhSwoXeDmXuiFYYmpZYJigVOJWX6WOV69gU37jKrrFfmkwqS8pv87CYtf2Gr0RUrZU2ig2p6oFT7jAjA1IH4Xpuwim%2F6NmcEqXH6FELwbvrqq%2BxTMf%2Fcp7iAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
Content-Range: bytes 0-2119052/2119053
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f664b9a9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2119053

GET
H3 404 onboarding.webm
microsoftms365.cfd/assets/videos/ 1 KB
2 KB 1788ms
1788ms Media
text/html 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/onboarding.webm
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=0-

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbHYJxw9kYMnv4xaoS5ULU3%2BStC1kDzuHpkOaVy1kYzn2GmovSkknIq47x%2BfxM332TtcgokZRcMpm9RPgY8o0yCx69%2FdJuidHmh%2BcDGuqsKHE2FhqMaXbrI86AtfJsr6O1SnZQxOKod99Q9QBh3FrqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f664b9b9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 206 move-to-earn.webm
microsoftms365.cfd/assets/videos/ 131 KB
0 1789ms
1789ms Media
video/webm 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/move-to-earn.webm
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 06:59:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fdnqh16EgM6s%2F5mtj1MqPjeMKYD5jts2zxFfhDexESB7R%2BtkngYmsNBbpA2c9IR4gyDSzHRECQe%2Bflm8%2Fzy6BRtCMgZa%2FG%2B%2FZGntlsATeA6bWK%2BRZCNDrYCX30IFYag%2BEJITnxIsMHrlJ2s96l8jp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
Content-Range: bytes 0-1160541/1160542
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f664b9c9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1160542

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 177ms
79ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:09:19 GMT
x-content-type-options: nosniff
age: 302472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20432
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:09:19 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 138ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:32:39 GMT
x-content-type-options: nosniff
age: 301072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21440
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:32:39 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 280ms
183ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:29:58 GMT
x-content-type-options: nosniff
age: 301233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:29:58 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 269ms
172ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:02:23 GMT
x-content-type-options: nosniff
age: 302888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21352
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:02:23 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 207ms
111ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:51:24 GMT
x-content-type-options: nosniff
age: 303547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:51:24 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 246ms
151ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:38:56 GMT
x-content-type-options: nosniff
age: 304295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:38:56 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 338ms
243ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:38:08 GMT
x-content-type-options: nosniff
age: 304343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:38:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 246ms
152ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 304767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 184ms
94ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:35:35 GMT
x-content-type-options: nosniff
age: 304496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:35:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 315ms
242ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800&family=Barlow+Condensed:wght@400;500;600;700&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoftms365.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 304760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 235ms
147ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=235575786&t=pageview&_s=1&dl=https%3A%2F%2Fmicrosoftms365.cfd%2F&ul=en-us&de=UTF-8&dt=Fight%20Out%20-%20Best%20Move-to-Earn%20Platform%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1853730135&gjid=296629220&cid=877896197.1681513832&tid=UA-251081024-1&_gid=1330510781.1681513832&_r=1&_slc=1&gtm=45He34c0n81THBT2GC&z=980539231

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/fightassets/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftms365.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://microsoftms365.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
57ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THBT2GC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 22:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3539
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 00:11:32 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=32237540&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32237540%26t%3D1

0
1 KB

45ms
45ms

Script
application/javascript

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32237540%26t%3D1

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:31 GMT
AN-X-Request-Uuid: 25f91356-4ec8-4290-8aff-f1f059bc0c7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Fri, 14 Apr 2023 23:10:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ea0b0551-7ac5-4cb2-927c-5a7dacd83c1d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32237540%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 235ms
90ms Script
application/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx0000062cf0e7d8446165f-006385e0d3-329354d9-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 performance.js Show response
coinzillatag.com/lib/ 6 KB
2 KB 217ms
86ms Script
application/javascript 2606:4700:3036::ac43:ce0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coinzillatag.com/lib/performance.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THBT2GC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:ce0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31dc61107954007aaedd09cffab78f4c473115f2b346106716c233bee3ad8126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Apr 2022 08:43:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 198690
etag: W/"1672-5ddb2eb73563e-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7X3PE2dzl2zLaX8iw7LyAD4kk3xScTpMNTHIT%2BqgkHFWr6721gSNwDCoCoc9pcW3pxl3tvC35jT0GGEnyCvRIJyZJswqSYGaDnjMnmiShQUgDaWnj5BdldZSqujNpTC%2Fzo8RzkdUUXvsCUo%2BkGO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7b7f9f67eaff2c04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 07 May 2023 14:44:26 GMT

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9
https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9&_bee_ppp=1

43 B
796 B

54ms
54ms

Image
image/gif

52.213.49.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9&_bee_ppp=1

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

HTTP/1.1

Server

52.213.49.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-49-172.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=93&buzz_key=askpermission&value=&segment_key=askpermission-146&account_id=9&_bee_ppp=1
Date: Fri, 14 Apr 2023 23:10:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 226ms
147ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7M5QQEJZ9C&gtm=45je3280&_p=235575786&cid=877896197.1681513832&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681513831&sct=1&seg=0&dl=https%3A%2F%2Fmicrosoftms365.cfd%2F&dt=Fight%20Out%20-%20Best%20Move-to-Earn%20Platform%202023&en=page_view&_fv=1&_ss=1
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/fightassets/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://microsoftms365.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 152ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-251081024-1&cid=877896197.1681513832&jid=1853730135&gjid=296629220&_gid=1330510781.1681513832&_u=aEBAAEAAEAAAACAAI~&z=1477213775

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/fightassets/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftms365.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Apr 2023 23:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://microsoftms365.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365....

870 B
1 KB

40ms
40ms

Script
text/javascript

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

905de9b3b04957e902e3ac9163d2a586dc6265d780625eaf5733e70c04eef470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 693
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 140ms
51ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-251081024-1&cid=877896197.1681513832&jid=1853730135&_u=aEBAAEAAEAAAACAAI~&z=1267979268

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 148ms
51ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-251081024-1&cid=877896197.1681513832&jid=1853730135&_u=aEBAAEAAEAAAACAAI~&z=1267979268

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 068C 5 KB
2 KB 133ms
40ms Document
text/html 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=2889159&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=945636610112&ADFtpmode=2&loc=https%3A%2F%2Fmicrosoftms365.cfd%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

725ee738f370139a21f223fd37e134fae2370836ed5caea593af107b84b027ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://microsoftms365.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 23:10:32 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
467 B 151ms
41ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=4477581211473645190&stamp=hsMj6kUXWsIDvP-67D9Y4w2

Requested by

Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://microsoftms365.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame 068C 0
384 B 40ms
40ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 068C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432

43 B
422 B

96ms
95ms

Image
image/gif

52.213.202.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Server: 52.213.202.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-202-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Apr 2023 23:10:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4477581211473645190&Expiration=1682723432
access-control-allow-origin: *
date: Fri, 14 Apr 2023 23:10:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 068C 0
400 B 141ms
50ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 13 Apr 2023 23:10:32 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 068C 0
214 B 188ms
41ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 068C
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4477581211473645190&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4477581211473645190&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=102ddc3bea614aef8...
https://c1.adform.net/serving/cookie/match?party=9&uid=275c075222296290b9924e6929be61c637f45d22b4fa2b941e9c16fb730d40ab

35 B
600 B

40ms
40ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=275c075222296290b9924e6929be61c637f45d22b4fa2b941e9c16fb730d40ab

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=275c075222296290b9924e6929be61c637f45d22b4fa2b941e9c16fb730d40ab
date: Fri, 14 Apr 2023 23:10:32 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 068C 43 B
163 B 183ms
50ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4477581211473645190&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 068C
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1&verify=true

0
121 B

43ms
43ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=4477581211473645190&_origin=1&verify=true
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 068C 43 B
681 B 224ms
58ms Image
image/gif 2.16.238.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-158.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1681513832294014-368
Expires: Fri, 14 Apr 2023 23:10:32 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/ Frame 068C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=4477581211473645190
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4477581211473645190
https://ups.analytics.yahoo.com/ups/55859/sync?uid=05fec16d-f26e-48c3-beff-7e93986969a3&_origin=1&gdpr=&gdpr_consent=

0
121 B

43ms
43ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=05fec16d-f26e-48c3-beff-7e93986969a3&_origin=1&gdpr=&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: //ups.analytics.yahoo.com/ups/55859/sync?uid=05fec16d-f26e-48c3-beff-7e93986969a3&_origin=1&gdpr=&gdpr_consent=
date: Fri, 14 Apr 2023 23:10:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 068C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432&C=1

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=4477581211473645190&expiration=1682723432&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame 068C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4477581211473645190&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4477581211473645190&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=4477581211473645190&gdpr=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=f66a6439-dd69-4800-9ab5-142f6b25388c&sInitiator=internal&gdpr=&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=2969955020795551449&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RDJEN0RGNzU1NEEzQTAzRQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEGUfHp_GIAKTvoeKfM_p7ew&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEGUfHp_GIAKTvoeKfM_p7ew&sInitiator=internal&google_cver=1&gdpr=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7222046920509159578&sInitiator=internal&gdpr=

0
415 B

46ms
46ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7222046920509159578&sInitiator=internal&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:40 GMT
uip-status: Ok
frontend-id: 06
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7222046920509159578&sInitiator=internal&gdpr=
Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 068C 0
344 B 179ms
48ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=4477581211473645190&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 23:10:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 068C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4477581211473645190
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4477581211473645190&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
366 B

170ms
41ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Apr 2023 23:10:32 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 625462
x-accel-date: 1680888370
content-length: 43
x-77-nzt: AcO1rgWZzvL/NosJAA
x-accel-expires: @1681925170
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 25b02131c519194d68dd39641a9fb52e
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Fri, 14 Apr 2023 23:10:32 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 068C 0
98 B 145ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4477581211473645190/gdpr=/ Frame 068C 49 B
265 B 181ms
61ms Image
image/gif 52.48.104.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4477581211473645190/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.104.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-104-151.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.167
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 068C 62 B
227 B 295ms
188ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 14 Apr 2023 23:10:32 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 068C 43 B
273 B 155ms
50ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 068C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

192ms
65ms

Image
image/gif

52.218.52.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 52.218.52.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 23:10:33 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 2RW2Q2YSCF6GGQ6F
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: ZEQBVxfCTai2C8cr9NmNrSOAPWlPQHRk36p9nMl/vkRmfoBjzO7oPGaia/ntFKt+TBhPGpJj9+g=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 14 Apr 2023 23:10:32 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 068C
Redirect Chain

https://pixel.onaudience.com/?mapped=4477581211473645190&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

179ms
56ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 068C
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4477581211473645190
https://tags.adsafety.net/v1/cm?cm_uid=CM12023041423eeec39ba6ba2af3cf94&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=70e81fa6f8b959691ad6fe01657c92ad
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023041423eeec39ba6ba2af3cf94&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=70e81fa6f8b959691ad6fe01657c92ad&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA0MTQyM2VlZWMzOWJhNmJhMmFmM2NmOTQ&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELnugJDwKMTAIOohtR0h8tI&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023041423eeec39ba6ba2af3cf94
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4477581211473645190

43 B
2 KB

53ms
52ms

Image
image/gif

217.79.178.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 217.79.178.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm48.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:33 GMT
Last-Modified: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4477581211473645190
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 068C 0
338 B 210ms
55ms Image
text/plain 108.128.115.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.115.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-115-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-served-by: beacon-n017-dub-prod.krxd.net
date: Fri, 14 Apr 2023 23:10:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1681513832
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 068C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDQ3NzU4MTIxMTQ3MzY0NTE5MA
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDQ3NzU4MTIxMTQ3MzY0NTE5MA&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlvQl5mLniq8C9EgdhnIn8&google_cver=1&google_ula=1641347,0

35 B
591 B

42ms
42ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlvQl5mLniq8C9EgdhnIn8&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKlvQl5mLniq8C9EgdhnIn8&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 068C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=2969955020795551449&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=4477581211473645190

43 B
1 KB

48ms
48ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=4477581211473645190

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
AN-X-Request-Uuid: 7b156a04-f0da-4f74-9e4a-0be1ccb30e8b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=4477581211473645190
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 068C 0
384 B 41ms
39ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 068C 42 B
472 B 169ms
46ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Apr 2023 23:10:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 068C 43 B
444 B 150ms
40ms Image
image/gif 108.138.17.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-75.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 13:20:52 GMT
Via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-P7
Age: 35380
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: GF0XJbmqjLLW46cihwa1XqZmIO1mtW4xcYzzLZHAYMau0sCJ57966g==

GET
H/1.1

200

p
a.audrte.com/ Frame 068C
Redirect Chain

https://a.audrte.com/a?adform_uid=4477581211473645190
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWw2ME94V0o2SzRTd3ltYTR4M0Fod2VhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

117ms
117ms

Image
image/png

54.158.27.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 54.158.27.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-27-67.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 068C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4477581211473645190&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4477581211473645190&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=82873407026225659880287457728262849151&noredirect=1

35 B
600 B

40ms
40ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=82873407026225659880287457728262849151&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v047-056f07804.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ql3Aa5MtRTQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=82873407026225659880287457728262849151&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 068C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4477581211473645190
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219833204486005386630

35 B
591 B

60ms
39ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219833204486005386630

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219833204486005386630
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 068C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7222046920509159578

35 B
591 B

40ms
40ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7222046920509159578

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7222046920509159578
Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 068C 62 B
438 B 187ms
187ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 14 Apr 2023 23:10:32 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 068C
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=f66a6439-dd69-4800-9ab5-142f6b25388c

35 B
600 B

39ms
39ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=f66a6439-dd69-4800-9ab5-142f6b25388c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: MT3 796 58fb543 master iad-pixel-x14 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=f66a6439-dd69-4800-9ab5-142f6b25388c
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 14 Apr 2023 23:10:31 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 068C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=mYOqU9GL1PNsyQ5

35 B
600 B

40ms
39ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=mYOqU9GL1PNsyQ5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-00cce439c1d70db9e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=mYOqU9GL1PNsyQ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 068C 70 B
264 B 55ms
55ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Apr 2023 23:10:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 068C 0
72 B 722ms
154ms Image
text/plain 216.46.185.183
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 Centennial, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 068C 43 B
1 KB 133ms
41ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=4477581211473645190

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 068C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2442710935
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=chglr69PMUq9IujG.5/P0O

35 B
591 B

40ms
40ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=chglr69PMUq9IujG.5/P0O

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
via: 1.1 google
last-modified: Fri, 14 Apr 2023 23:10:33 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=chglr69PMUq9IujG.5/P0O
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 068C 23 B
172 B 263ms
74ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Fri, 14 Apr 2023 23:10:33 GMT
pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 068C 12 B
155 B 325ms
73ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:33 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2 204 /
s.ad.smaato.net/c/ Frame 068C 0
240 B 137ms
41ms Image
text/plain 2600:9000:2127:8e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4477581211473645190
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:33 GMT
cache-control: no-cache, must-revalidate
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: lwRu97uMN_W7DUrOaWw_TxdES-sAexGHGK0p1LzHCeQ0xV5TzfX9Sg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 068C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4477581211473645190&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4477581211473645190&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=82464cde-9d4f-4177-84ad-e743788221f2

35 B
591 B

40ms
40ms

Image
image/gif

37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=82464cde-9d4f-4177-84ad-e743788221f2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Fri, 14 Apr 2023 23:10:33 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=82464cde-9d4f-4177-84ad-e743788221f2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 4477581211473645190
match.contentexchange.me/adform/ Frame 068C 0
49 B 193ms
51ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/4477581211473645190?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:33 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 068C 37 B
140 B 127ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=4477581211473645190&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame 068C
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=4477581211473645190
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

175ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 23:10:33 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 068C 0
384 B 40ms
39ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=4477581211473645190&agencyId=8619&advertiserId=2142631&src=tp&rnd=460911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 23:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 206 onboarding.mp4
microsoftms365.cfd/assets/videos/ 62 KB
0 172ms
172ms Media
video/mp4 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/onboarding.mp4
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 14 Apr 2023 23:10:33 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2023 07:00:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtP7jLC7ost001QUQd1D1i1Ojv4UCd2ErsX3OZIahugvCpamPKI%2B%2BTS4rSzfFFKi%2FjO%2FPCBIdA6da%2BFwHDguOFC9CPakCyBQf2Yzu1f%2F9DdzPn2vej9Y76EySUxT4SgnUm%2FZBzsWyWpwpsb7vm0j8xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-19618919/19618920
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f717bbf9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 19618920

GET
H3 206 onboarding.mp4
microsoftms365.cfd/assets/videos/ 55 KB
56 KB 801ms
800ms Media
video/mp4 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/onboarding.mp4
Requested by: Host: microsoftms365.cfd
URL: https://microsoftms365.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48876ff12c4e0fa74a41b0b1b80335b4e000af916386b309a5f928a670fe7f6b

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=19562496-

Response headers

date: Fri, 14 Apr 2023 23:10:34 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Feb 2023 07:00:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4iiOKpYv7PhP%2Ffwg0bdXGhzXGbC6PhC12aOjLYDOHd2dF1ubuZLUdKxOhAhR6MDEah7Iv%2BKP%2FR1c0FC9Rh%2BM8wMRMJSjkkJPiY9x%2FfSuLH9JOinN%2FH31V0qrA3%2Fm%2F4H6lmPLOnamf5W4fXzf9s0JyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 19562496-19618919/19618920
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f72acb29054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 56424

GET
H3 206 onboarding.mp4
microsoftms365.cfd/assets/videos/ 266 KB
0 48ms
48ms Media
video/mp4 2606:4700:3036::ac43:bf78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftms365.cfd/assets/videos/onboarding.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://microsoftms365.cfd/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 14 Apr 2023 23:10:34 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Feb 2023 07:00:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP5R6d9B89%2FBlnfAP2uWfptzqo2deMMTHhU4rN9JtU1M5hBE%2F%2B%2BlctX2h2y0OFAr8bjI6f1vapEsyZEIdASNzAwv9eZ3ySymlMLvFAdYcMzkn1thzHpRzycZDG%2ByO9DyFNyxDhilYprzRvW%2B32vTvB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 32768-19618919/19618920
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7f9f77b89a9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 19586152

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.microsoftms365.cfd/	1970-01-20 11:06:40	Name: _gid Value: GA1.2.1330510781.1681513832
.microsoftms365.cfd/	1970-01-20 11:05:13	Name: _gat_UA-251081024-1 Value: 1
.microsoftms365.cfd/	1970-01-20 20:41:13	Name: _ga_7M5QQEJZ9C Value: GS1.1.1681513831.1.0.1681513831.0.0.0
.microsoftms365.cfd/	1970-01-20 20:41:13	Name: _ga Value: GA1.1.877896197.1681513832
.adnxs.com/	1970-01-20 13:14:49	Name: uuid2 Value: 2969955020795551449
.bidr.io/	1970-01-20 20:33:47	Name: bito Value: AAB_w07Ic7sAABhc0C68Nw
.bidr.io/	1970-01-20 20:33:47	Name: bitoIsSecure Value: ok
.adform.net/	1970-01-20 11:48:25	Name: C Value: 1
.adform.net/	1970-01-20 12:31:37	Name: uid Value: 4477581211473645190
.adform.net/	1970-01-20 11:06:40	Name: CM Value: 1\|1
.adform.net/	1970-01-20 11:25:23	Name: CM14 Value: 1681600232_1681513832_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 12:31:37	Name: uid Value: 4477581211473645190
.adscale.de/	1970-01-20 19:47:29	Name: uu Value: 102ddc3bea614aef85ba0c94a58e20dd
.adscale.de/	1970-01-20 19:47:29	Name: cct Value: 1681513832269
.ih.adscale.de/	1970-01-20 19:47:29	Name: tu Value: 4#2972186186#42~4477581211473645190~467087~0~0
.casalemedia.com/	1970-01-20 19:50:49	Name: CMID Value: ZDndaKiuoPOOYTmamEJvaAAA
.casalemedia.com/	1970-01-20 13:14:49	Name: CMPS Value: 1135
.casalemedia.com/	1970-01-20 13:14:49	Name: CMPRO Value: 1135
.360yield.com/	1970-01-20 13:14:49	Name: tuuid Value: f52c451d-cf0c-4b8d-855a-fe1d1f9c2f20
.360yield.com/	1970-01-20 13:14:49	Name: tuuid_lu Value: 1681513832
.ads.stickyadstv.com/	1970-01-20 12:31:37	Name: uid-bp-617 Value: 4477581211473645190
.ads.stickyadstv.com/	1970-01-20 11:48:25	Name: UID Value: 226e7ea176e85728979b0d0c344b2
.bidswitch.net/	1970-01-20 19:50:49	Name: tuuid Value: 05fec16d-f26e-48c3-beff-7e93986969a3
.bidswitch.net/	1970-01-20 19:50:49	Name: c Value: 1681513832
.bidswitch.net/	1970-01-20 19:50:49	Name: tuuid_lu Value: 1681513832
.yahoo.com/	1970-01-20 19:51:11	Name: A3 Value: d=AQABBGjdOWQCEFjNhTij3g9l44m07vYEo30FEgEBAQEuO2RDZAAAAAAA_eMAAA&S=AQAAAuNIreJE_U_v5F5nn1Hp63E
.360yield.com/	1970-01-20 13:14:49	Name: um Value: !42,252gwB7qV2iaZeWwoZA6l8eLb4J-AIVPAlELR8bycbe1,1682723432
.360yield.com/	1970-01-20 13:14:49	Name: umeh Value: !42,0,1743721832,-1
.eyeota.net/	1970-01-20 11:05:14	Name: SERVERID Value: 18969~DM
.analytics.yahoo.com/	1970-01-20 19:50:49	Name: IDSYNC Value: 173n~2b3b
.exelator.com/	1970-01-20 13:58:01	Name: EE Value: "ea2f3b6b23dced987d6a7cc8cd40987f"
cm.adsafety.net/	1970-01-20 19:50:49	Name: UID Value: CM12023041423eeec39ba6ba2af3cf94
.adsafety.net/	1970-01-20 19:50:49	Name: cm_uid Value: CM12023041423eeec39ba6ba2af3cf94
.exelator.com/	1970-01-20 13:58:01	Name: ud Value: "eJxrXxzq6XKLQSE10SjNOMksycg4JTk1xdLCPMUs0Tw52SI5xcQAyEtbXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi02NDRakl%252BUmb7IxXVxUUoaw6KS4lPBhw%252ByAADtHyrq"
.onaudience.com/	1970-01-20 19:50:49	Name: cookie Value: 58260a6a92faea4a
.onaudience.com/	1970-01-20 11:06:40	Name: done_redirects147 Value: 1
.adnxs.com/	1970-01-20 13:14:49	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E?kqffsv!]ta]8i_imf$9G=A^A.w)9E7s%Y_1.9TJRR4H@aW=-=dbb>P_iTD._*PlZ[C[-kX-MJb$s
.doubleclick.net/	1970-01-20 20:26:49	Name: IDE Value: AHWqTUl-_BO9P9-IQaRjSY8Lsw_YpA4eEwQinGaDCE8Pa5y07F9LQHErRt7L_yHe0Zo
.krxd.net/	1970-01-20 15:24:25	Name: _kuid_ Value: Pfu6_ZXO
.pubmatic.com/	1970-01-20 11:48:25	Name: KRTBCOOKIE_391 Value: 22924-4477581211473645190&KRTB&23263-4477581211473645190&KRTB&23481-4477581211473645190
.pubmatic.com/	1970-01-20 11:48:25	Name: PugT Value: 1681513831
tags.adsafety.net/	1970-01-20 19:50:49	Name: UID Value: 70e81fa6f8b959691ad6fe01657c92ad
tags.adsafety.net/	1970-01-20 19:50:49	Name: DID Value: 70e81fa6f8b959691ad6fe01657c92ad
tags.adsafety.net/	1970-01-20 19:50:49	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 19:50:49	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 11:48:25	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 19:50:49	Name: ct_uid Value: 70e81fa6f8b959691ad6fe01657c92ad
.adsafety.net/	1970-01-20 19:50:49	Name: ct_did Value: 70e81fa6f8b959691ad6fe01657c92ad
.adsafety.net/	1970-01-20 19:50:49	Name: ct_idt Value: 100
.semasio.net/	1970-01-20 19:50:49	Name: SEUNCY Value: D2D7DF7554A3A03E
cm.adsafety.net/	1970-01-20 19:50:49	Name: permanent Value: 1
.bluekai.com/	1970-01-20 15:28:45	Name: bku Value: aG/99sM5mVxZpkQB
.bluekai.com/	1970-01-20 15:28:45	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEx6BpzNmeW01EW6Bp1tBeDhmE9e9JtDYez=
.demdex.net/	1970-01-20 15:24:25	Name: demdex Value: 82873407026225659880287457728262849151
.agkn.com/	1970-01-20 19:50:49	Name: ab Value: 0001%3AKt%2FNkNwqsb9EV2LtSO8%2FcwcOSOu%2BsQ3M
.dpm.demdex.net/	1970-01-20 15:24:25	Name: dpm Value: 82873407026225659880287457728262849151
.w55c.net/	1970-01-20 20:35:28	Name: wfivefivec Value: mYOqU9GL1PNsyQ5
.mathtag.com/	1970-01-20 20:31:09	Name: uuid Value: f66a6439-dd69-4800-9ab5-142f6b25388c
ads.smartstream.tv/	1970-01-20 19:50:49	Name: DID Value: 70e81fa6f8b959691ad6fe01657c92ad
ads.smartstream.tv/	1970-01-20 19:50:49	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 19:50:49	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 11:48:25	Name: cm_uid Value: CM12023041423eeec39ba6ba2af3cf94
.id5-sync.com/	1970-01-20 11:05:14	Name: cf Value:
.id5-sync.com/	1970-01-20 11:05:14	Name: cip Value:
.id5-sync.com/	1970-01-20 11:05:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:05:14	Name: car Value:
.id5-sync.com/	1970-01-20 11:05:14	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:05:14	Name: callback Value:
.w55c.net/	1970-01-20 11:48:25	Name: matchadform Value: 5
.weborama.fr/	1970-01-20 20:31:09	Name: AFFICHE_W Value: hUlqHrGjvg2F16
.adfarm1.adition.com/	1970-01-20 13:14:49	Name: UserID1 Value: 7222046920509159578
.audrte.com/	1970-01-20 11:26:49	Name: arcki2 Value: il60OxWJ6K4Swyma4x3Ahweag!20220908!1681513833126!ip#80.255.7.107
.audrte.com/	1970-01-20 11:26:49	Name: arcki2_adform Value: 4477581211473645190!20220908!1681513833148
.tapad.com/	1970-01-20 12:31:37	Name: TapAd_TS Value: 1681513833236
.tapad.com/	1970-01-20 12:31:37	Name: TapAd_DID Value: 82464cde-9d4f-4177-84ad-e743788221f2
cm.adsafety.net/	1970-01-20 19:50:49	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaenJzM0RxaEhFUGRmSElONzJ2T2lWOUVBVy9SZ0NJNk1oYmRuTDhsbnIvZGNxTnNXenVGaHRVNDRGSWZ6bTFEaFArQXE5SFAzWnozUmxYT2RkOUYvUXhNeXVEeW4vS3NTYVhRN25EelN0UFRZcVErZ1ZGdzlaWmJGUW1TQWI3aXVUbDdsVDFLU1FqTHBaS1NjU2tSdUNhU29ENmVmTk5Tcm1sYzF6eVJ1SDhEYm1HUDJVUEhTS0lNRk5kUGU5bThxNmVHT0NLT2pxUHFycURMTkQ2RHBUczkvL1BzU3JmeFN0TmZTajJ3eHBjc3dDcG9wVmNPa3czRXJsVVlzUEtuMUlHOXp5VjF5cWZUQ1Rvd1ZSZzkzVWV1dEVnWjU4cEJpOGpiblQvY09jb0FMZC9YOXF2Vm1ROGtMSU00SGpneXd1TElqaXhGaERJZFVTRkY4bGtkNi9ubmF4b20zV1hzcWprczhWaDVETElKa091L08vSnBENFIwaTdBd1VhRmtiSjY2WkVBeDJad2FKUjBlYTNnUUx5WWZhZlNubndOWUlvMTQvcGR6K0svNlNOWFNpcG1zYVBnMlFwS25LQmxIUW9RTTR3ZVl4enU4eWhuaFBCVGI2ZFU0azllaFBURGNpd2FMMzVNWUNSRHFnSmU3TTJpUVJ6UEMxaW94OUpIZTNlUjQ3d2RpNm1JaWxJL3V2bzQwR0d3dGc5NDlzL2RVcExEdUh0by85K0lWVEtqVk1PVnM5cHlYZmFhVTBKdVoyLzR5RmlZMWI5bWY0NFpBWGN5eTU1Njl5RVQ3ZlFoMkNsd2ZQNXRxbG80SEdYZ09GSWhMTkI2Z3pkcHlmVHZ3Y2gyRkwydTJYZ1NBZHhoUnRWMERlR3dvTzE5UTNWZHlyczBpNmlGdG91VEJPcXRmbnBsQ3lCMHRPY0NBSEtCYnllazdhU1ZXZEtEVnBPQ08vNUpXckl0WHFVNTRqRHBIMjB5QmZlMTM0R0w2aUppYkQ2RmdIZTRNdWtwL3ErVGVDYTlpMnh0VGQvZkNzaFN6MThCNHROcU81NkdZM2c4ZXFwTnlEUGRZZ05nekxNL3JwVHpBeWRTTVdtZmZjMi9qOUE9PQ%3D%3D
.tapad.com/	1970-01-20 12:31:37	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1970-01-20 11:26:49	Name: arcki2_ddp2 Value: il60OxWJ6K4Swyma4x3Ahweag!20220908!1681513833325
.e-volution.ai/	1970-01-20 11:25:23	Name: v_usr Value: 3f507864-a749-4105-b42e-93f4a7deb6d9

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://microsoftms365.cfd/buffer-6.0.3.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4477581211473645190 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4477581211473645190/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://microsoftms365.cfd/assets/videos/onboarding.webm Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cnv.event.prod.bidr.io
coinzillatag.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
microsoftms365.cfd
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.102.35.84
108.128.115.132
108.138.17.75
109.206.161.21
139.162.147.24
141.94.171.213
142.250.186.98
15.197.193.217
162.19.138.120
18.184.216.10
185.64.189.110
185.80.39.216
185.86.138.155
185.89.210.20
185.89.211.84
193.135.9.128
2.16.238.158
2.23.197.190
216.46.185.183
217.79.178.233
23.215.16.120
2600:9000:2127:8e00:1b:5138:8a40:93a1
2606:4700:3033::6815:41b9
2606:4700:3036::ac43:bf78
2606:4700:3036::ac43:ce0e
2a00:1450:4001:808::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c00::9c
2a02:6ea0:c700::11
3.124.222.86
3.66.58.102
3.75.62.37
34.111.113.62
35.158.189.178
35.190.24.218
35.244.159.8
35.244.174.68
37.157.2.234
37.157.2.248
37.157.4.40
37.157.6.253
46.19.11.36
52.19.200.27
52.209.20.194
52.212.138.15
52.213.202.61
52.213.49.172
52.218.52.140
52.48.104.151
54.158.27.67
54.78.254.47
69.173.144.138
69.173.144.165
76.223.111.18
77.243.60.138
85.114.159.93
87.242.89.90
88.221.168.207
03a7b090584be67ab696c03e2d83dafb84932bc82fe4d09feb25007ae63fce4e
06859894819e34b2291fd49124aed945bbc13648f3ca7fffb052e7e00d956725
094e8ea49e8087adca2a2fe8ea064b16267033efd7bea651ab6e2697ba137ec5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
0bcd5175aedd8ce9901fb1614eafd5a6f0bf0ef2fa5e3f485b18d93cba26fa6c
0f2d8d5dc76a24a712ec068448b7f6e192ca5d49e6d2365e4e7223bae8ad1258
0fe4e0f0b8bfd215c26bb75d404a8b09de962bf5160b2456ed67aeb46d316664
1326b701e16d75fc0387a3a0b427ab28b3b37882b67dc47c523c2a5e23c25521
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1612c4b8228ff3e2b95222a2ab4513bab4c12e30609efff8af6385db0b8017dc
1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
24010fe0d24898b5316c8625eb5ea078c19b7176e9b971fcb7972825101dc77c
29f7eb47d67a59d862c55ae014fa2b1341992ab536dd939495611f1c15fb1007
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2da56e335cf79decae9d35c9cf0256faf47719a7f821308c85f3e6142526077b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e66fa21cb8776c062b8c20b01568ec8b208e4cafd742b188c9f08b91a369c70
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30371a405ad93abeaa3966066dd8c34d470131f8b5520df9b1e071e015c417e3
31248769707c76547923d787770eb216d7e646cfd315025c0898f109d1b123ec
31dc61107954007aaedd09cffab78f4c473115f2b346106716c233bee3ad8126
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e35da87655c071b8d3e294f0fe5346f5de5986561462cefdb75756801f4726
3a1c3656799ecd03924e0ef2a33d1e96382e075160a6c7240752968b13e75e15
3c27beb532b7efa06e83b3e11b32f386d3ce489e7972a3898f041637745e3841
3cdf6b244310cbcbdeb6796a6daf32987381a00d0313d894d3bfa42bd4d15b8d
3e348954cba0c59c0b3a8b6d2379d43f5f3483af07cb01076af793e48480d958
41de0a86ed599ab2c0fc261bfa3314d6e0f36285ca62b4274a329e1cc304dabc
42adb70215c28b80c2ac01fe5fa4cc6a374b61f40c892cf785c7b4024926bc74
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
45f0c8c616a62b955b7b508ad5c32bd1af458a14911773778598c084e2656d78
47d759db3798ea15786984486110519838055a594dc703307f33811eba9b9b27
484ea38b6b2bd747ba5fbc6c5a821a2dba907dbcafd72e483b1d9ba3e506d81d
48876ff12c4e0fa74a41b0b1b80335b4e000af916386b309a5f928a670fe7f6b
49344198c9ab74239ba1aae44b4c0318e73284e8137aa5905edd5f69794d2c97
4a4c273e78eb5c2bd6e5e19114dc51138962d28c2ac20c383b5008623122f445
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b719b030fa0ebe31dcfbe07dfed2a3e06132b79cf3b0a22774099d718e8ba6b
4be17b108f097091b14c786a4658ac8625d06cf0de1674c66c8b29c7ca718af3
4cec29e3541b5189f3a3e2b03bb0ca3d3c4629918dbbe2ef6aeee65b2b8e6ba2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
515c35a24fbe7cd9c6cfb3ff6a7bfbc03caf0e7e076a4e63dde378ecae65b098
51c512cf3fb338352666adf70184a9ac9ab8f3dade443235a5b993b3c2235513
53b81be993f9fddebd93385a745f148a8e4fb94c1113dfe8f340e255e13e6d7e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5f235cadae605fa5d78b705d60c81707cc34d469a49dc0f76f2ccb1f4f19d446
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb8425f2b0db3e61f5e6dc22da84a35aa273af154e2808f0056bb54851733db
700f9dc71f51fd887e0d97c53fb58495c8b94114c4698cd4bb5fca60b8b82e54
702d0953574471d578e78121421959a25db0d7fc0376164f48be839bd2fab2b3
7144b5febc2525d3542a35f7e0bad995e8027d5aa5ff6c71486d78323d67d2e9
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
725ee738f370139a21f223fd37e134fae2370836ed5caea593af107b84b027ce
727fbdde7e0c908eb395919dcd898d7ef557f7fe9c50561ebc3cc7ec1a8bc91c
7339926a5bf5089a6af29a8c12133068887e218a53ee9aaeed1baad1e72aa9d6
76a4b4d6071898ba5b9dccf9a9c0fd673404f242f1b3c79c44e8fc760679027a
7770a462769cbe0a70d183272f59515afec271054f85a5f2973eb1d89e4702d0
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7cd7ba9073cbefbf69ea69f61f7c57e22051dabf632b8659cfa09f6464cc248d
7d1b6a9a473be966f0824bc06f9b3b69efbda18a8cf557223db0239fb12b1150
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83526d6c4c6eee32bdc8189fc0af3ecb58aacc60d57f6f659d120850d959b0fb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8607008acce109c647655328cd6d7ad6e70f7b1cf6992434a9bca99425ccb042
877b859299ebcf1a7900cb03f4ada1207779616cec9c2245219a0ae1b78df252
883f25db92ef0a1cd23c0fca22c4adad648c43f77e6d745dc7f326d62bdb6c3e
8923deff400fcbc550d4c33ce7cb4ef4e9ab4038796dbda51a6f5d7430acd13b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bcb57561d98f0a15da23824bdb550ab5056cc148b3424d0aa71df4309415af9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
905de9b3b04957e902e3ac9163d2a586dc6265d780625eaf5733e70c04eef470
91924aa0e885f5611df8f5cc6ba5bb96d236323ed523a6383bfcbb0ed0c50473
92bfe9ba42b3c0dcfba19211fafb639215883127da5ee6f9a5137a609112c800
94ee65c207e2c7a96c3cf534111856a2e693abd24ee1ddbaa8df41262f7c193f
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8ee0477f7cc1d4018a5282aab685cde69bffea47ef00a7fe2c1f4c19570926a
a92c4ee8891504358ed5afc560b47e0a0a9cfde0b2a202eb2b704b0c100cfd6c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2846e6d2f176f6426a016e30d02f0b1bab89493dab28557d4ded619dbeebcc3
b2883f0ce2532d955c4bc2bb6f8caba512a2b1da7da2bc56a10ae4df82cef257
b664a0af26ac080789729190a62ba60e2e6a143ecd2a95c417e6be29b5826514
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc7772ef2b7663bacdccb18e78c06a9df90164247e32b8293758bfafc5758a3
c03173be88f9140c90abd11b4ffd3e2dc789827b6114ebfb4f7653e1e04fea58
c1256edce5d23725665765aeec67705cae416ee6fbbd9b881c91a5c748181c06
c5bb2e3d5b8faca666b725f51205a51f75b1fc015354a87e648f54e3fbb858eb
ceee239a9dbaff171d058ab9ac2c79ef39acef178111b3580143448cde0dd511
cf44158feb1d05beaa020bbb7743201376f834ad7b9bb2ba50dbadf2733e4593
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6fd56a259351f02146643098797e2fb75ecf6e705fc78032705f3ae29bbbb74
d86bf5d19482aca63695b945b81db0edd9de0caaaea052108fa211500aa892fb
db85a1b1b429987b0816c54bcdc060bd576c01a9863ab9400d18f383614de0c7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deaf5f1f380effce2293460c0a530308b8c33d10253cb3487bff8c769e764df1
decb7694f85c355bea03c654e307082308b30d1d5d7679c3429ac8021f6cb3b8
e36df1b888ada75ed6e39ba161585d08dc79b847dcb6c3848409fa56912ddda6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54bd4a65211100607ac173c6aef4a7824e0bbb2d3c7f363a7f055ca1339bc58
e6981dcc49c49ba7421d4b0d12706bdacdd37d4c5cc239980fa310f2a97f9d59
e9927f56f0a0839603f1fe091d878c6a03fecd2691edbcaade84fb5eb02665b5
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed1ebf08186151cc155d5e20a3d4d082dcc1c8188c8705d95f872d05d2519689
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3a12b8dd10d11f371a4b0cbe51ac673e6329c2fb12916edd33d06de1210223
f172f8f38f9766853f311a41522aa0baa4b961c9ba99d63957330e31a3564898
f234aaad8092413c0d20656cef429c4353f11a697b73f1868ef167e298b62a60
f5c9e9bafee669ef481ee6b00056bfcd80792204afc18dcb1e73c255303ce2fa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f98075088ace07c2966f09a90d15909a28f55d4561204b4ab1dd75fc512af242
fe79365b03a7fd8b4403d0a3dec253d2a79ce16353a92c3c9d1425e0a0c30f99

microsoftms365.cfd Open in urlscan Pro 2606:4700:3036::ac43:bf78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

85 %HTTPS

19 %IPv6

54 Domains

63 Subdomains

45 IPs

10 Countries

12294 kBTransfer

22008 kBSize

79 Cookies

26 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

microsoftms365.cfd Open in urlscan Pro
2606:4700:3036::ac43:bf78 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

85 %
HTTPS

19 %
IPv6

54
Domains

63
Subdomains

45
IPs

10
Countries

12294 kB
Transfer

22008 kB
Size

79
Cookies

159 HTTP transactions
7 data transactions