www.microsoft.com.office.poctest.blueoriginpoc.myshn.net Open in urlscan Pro
54.243.131.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Effective URL:
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Submission: On January 01 via api (January 1st 2023, 8:23:10 am UTC) from US — Scanned from US

Summary HTTP 142 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 46 domains to perform 142 HTTP transactions. The main IP is 54.243.131.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.microsoft.com.office.poctest.blueoriginpoc.myshn.net.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 1st 2022. Valid for: a year.

This is the only time www.microsoft.com.office.poctest.blueoriginpoc.myshn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	54.226.139.207 54.226.139.207	14618 (AMAZON-AES) (AMAZON-AES)
1 42	54.243.131.162 54.243.131.162	14618 (AMAZON-AES) (AMAZON-AES)
1	23.200.3.25 23.200.3.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1400:d::... 2600:1400:d::17db:5d11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3035::6815:2127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:1ec:4e:1... 2620:1ec:4e:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:1400:d:5... 2600:1400:d:594::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.107.237.40 13.107.237.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	20.44.10.122 20.44.10.122	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:23c... 2600:9000:23ca:6200:c:7c62:1240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 24	3.226.229.46 3.226.229.46	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
4	23.36.1.16 23.36.1.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.235.82.200 54.235.82.200	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	23.23.215.102 23.23.215.102	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.104 63.140.38.104	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.210.217.65 44.210.217.65	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
10 11	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	2606:4700::68... 2606:4700::6812:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1 1	96.6.31.207 96.6.31.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	23.219.95.182 23.219.95.182	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.227.74.209 54.227.74.209	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	34.193.14.46 34.193.14.46	14618 (AMAZON-AES) (AMAZON-AES)
2 2	23.23.40.21 23.23.40.21	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	192.35.249.137 192.35.249.137	11742 (SPOTX-IAD) (SPOTX-IAD)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	54.85.128.169 54.85.128.169	14618 (AMAZON-AES) (AMAZON-AES)
142	34

30 54.226.139.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-139-207.compute-1.amazonaws.com

microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.live.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 54.243.131.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-131-162.compute-1.amazonaws.com

www.microsoft.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com.office.poctest.blueoriginpoc.myshn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.3.25 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-3-25.deploy.static.akamaitechnologies.com

statics-marketingsites-eus-ms-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d::17db:5d11 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2127 (United States)

ASN13335 (CLOUDFLARENET, US)

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:4e:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:594::356e (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.237.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.44.10.122 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:6200:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdnssl.clicktale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 3.226.229.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-229-46.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.1.16 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-1-16.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.82.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-82-200.compute-1.amazonaws.com

ats.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.215.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-215-102.compute-1.amazonaws.com

mscom.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.104 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-104.data.adobedc.net

msftenterprise.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.217.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-217-65.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (New Market, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.166 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

rtd.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.194.49 (United States) 10 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.6.31.207 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-31-207.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.219.95.182 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-95-182.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.74.209 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-74-209.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States) 1 redirects

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

dmpsync.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.14.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-14-46.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.40.21 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-40-21.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.137 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.128.169 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-128-169.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	myshn.net 2 redirects microsoft.com.office.poctest.blueoriginpoc.myshn.net www.microsoft.com.office.poctest.blueoriginpoc.myshn.net cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net login.live.com.office.poctest.blueoriginpoc.myshn.net bat.bing.com.office.poctest.blueoriginpoc.myshn.net logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net target.microsoft.com.office.poctest.blueoriginpoc.myshn.net	944 KB
25	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 301 mscom.demdex.net — Cisco Umbrella Rank: 24250	27 KB
13	everesttech.net 11 redirects ats.everesttech.net — Cisco Umbrella Rank: 16419 cm.everesttech.net — Cisco Umbrella Rank: 1416 rtd-tm.everesttech.net — Cisco Umbrella Rank: 4165 sync-tm.everesttech.net — Cisco Umbrella Rank: 918	3 KB
6	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 826	2 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1536 c.clarity.ms — Cisco Umbrella Rank: 2283 k.clarity.ms — Cisco Umbrella Rank: 11532	21 KB
5	linkedin.com 4 redirects dc.ads.linkedin.com — Cisco Umbrella Rank: 11919 www.linkedin.com — Cisco Umbrella Rank: 712 px.ads.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 7528	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	349 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 883	100 KB
4	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 3875	82 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 396	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	3 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	2 KB
3	akamaized.net statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 21144 img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1335	9 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 815	902 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 698	380 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1114	877 B
2	3lift.com 2 redirects dmpsync.3lift.com — Cisco Umbrella Rank: 32316	762 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1625	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1178 s.tribalfusion.com — Cisco Umbrella Rank: 2747	934 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 456	979 B
2	tubemogul.com 2 redirects rtd.tubemogul.com — Cisco Umbrella Rank: 10446	373 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 525	835 B
2	bing.com 2 redirects c.bing.com — Cisco Umbrella Rank: 444	914 B
2	s-microsoft.com c.s-microsoft.com — Cisco Umbrella Rank: 16440	62 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014	556 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 842	378 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1316	450 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 452	752 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1913	285 B
1	bttrack.com 1 redirects bttrack.com — Cisco Umbrella Rank: 1190	433 B
1	reson8.com 1 redirects ds.reson8.com — Cisco Umbrella Rank: 4776	388 B
1	postrelease.com 1 redirects jadserve.postrelease.com — Cisco Umbrella Rank: 1505	533 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1541	828 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 1216	553 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1004	493 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1248	732 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 981	394 B
1	media6degrees.com 1 redirects idpix.media6degrees.com — Cisco Umbrella Rank: 3259	550 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 679	684 B
1	omtrdc.net msftenterprise.sc.omtrdc.net — Cisco Umbrella Rank: 43893	295 B
1	google.com www.google.com — Cisco Umbrella Rank: 16	548 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3453	14 KB
1	clicktale.net cdnssl.clicktale.net — Cisco Umbrella Rank: 7465	74 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 3564	41 KB
1	placeholder.com via.placeholder.com — Cisco Umbrella Rank: 31263	664 B
142	46

	Domain	Requested by
38	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net	1 redirects www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
24	dpm.demdex.net	1 redirects www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
22	cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
9	sync-tm.everesttech.net	9 redirects
6	browser.events.data.microsoft.com	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
5	www.facebook.com
4	bat.bing.com.office.poctest.blueoriginpoc.myshn.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net bat.bing.com.office.poctest.blueoriginpoc.myshn.net
4	analytics.tiktok.com	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net analytics.tiktok.com
4	mem.gfx.ms	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net mem.gfx.ms
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	dmpsync.3lift.com	2 redirects
2	px.owneriq.net	2 redirects
2	match.adsrvr.org	2 redirects
2	rtd-tm.everesttech.net	1 redirects
2	rtd.tubemogul.com	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	idsync.rlcdn.com	2 redirects
2	c.bing.com	2 redirects
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com.office.poctest.blueoriginpoc.myshn.net www.clarity.ms
2	dc.ads.linkedin.com	2 redirects
2	fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net
2	c.s-microsoft.com	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
2	img-prod-cms-rt-microsoft-com.akamaized.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	sync.srv.stackadapt.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	rtb.adentifi.com
1	bttrack.com	1 redirects
1	ds.reson8.com	1 redirects
1	jadserve.postrelease.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	analytics.twitter.com
1	idpix.media6degrees.com	1 redirects
1	k.clarity.ms	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	sync.mathtag.com	1 redirects
1	target.microsoft.com.office.poctest.blueoriginpoc.myshn.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net	login.live.com.office.poctest.blueoriginpoc.myshn.net
1	cm.everesttech.net	1 redirects
1	msftenterprise.sc.omtrdc.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	mscom.demdex.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	www.google.com
1	googleads.g.doubleclick.net	1 redirects
1	ats.everesttech.net
1	px4.ads.linkedin.com
1	px.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	d.impactradius-event.com	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	cdnssl.clicktale.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	login.live.com.office.poctest.blueoriginpoc.myshn.net	mem.gfx.ms
1	fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net	fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	js.monitor.azure.com	mem.gfx.ms
1	wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	via.placeholder.com	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	statics-marketingsites-eus-ms-com.akamaized.net	www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
1	microsoft.com.office.poctest.blueoriginpoc.myshn.net	1 redirects
142	67

This site contains links to these domains. Also see Links.

Domain
aka.ms.office.poctest.blueoriginpoc.myshn.net
www.xbox.com
support.microsoft.com.office.poctest.blueoriginpoc.myshn.net
onedrive.live.com.office.poctest.blueoriginpoc.myshn.net
outlook.live.com.office.poctest.blueoriginpoc.myshn.net
www.skype.com.office.poctest.blueoriginpoc.myshn.net
www.onenote.com.office.poctest.blueoriginpoc.myshn.net
dynamics.microsoft.com.office.poctest.blueoriginpoc.myshn.net
powerplatform.microsoft.com.office.poctest.blueoriginpoc.myshn.net
azure.microsoft.com.office.poctest.blueoriginpoc.myshn.net
developer.microsoft.com.office.poctest.blueoriginpoc.myshn.net
learn.microsoft.com.office.poctest.blueoriginpoc.myshn.net
techcommunity.microsoft.com.office.poctest.blueoriginpoc.myshn.net
azuremarketplace.microsoft.com.office.poctest.blueoriginpoc.myshn.net
appsource.microsoft.com.office.poctest.blueoriginpoc.myshn.net
visualstudio.microsoft.com.office.poctest.blueoriginpoc.myshn.net
unlocked.microsoft.com.office.poctest.blueoriginpoc.myshn.net
www.facebook.com
twitter.com
www.linkedin.com
account.microsoft.com.office.poctest.blueoriginpoc.myshn.net
go.microsoft.com.office.poctest.blueoriginpoc.myshn.net
education.microsoft.com.office.poctest.blueoriginpoc.myshn.net
careers.microsoft.com.office.poctest.blueoriginpoc.myshn.net
news.microsoft.com.office.poctest.blueoriginpoc.myshn.net
privacy.microsoft.com.office.poctest.blueoriginpoc.myshn.net
choice.microsoft.com.office.poctest.blueoriginpoc.myshn.net

Subject Issuer	Validity	Valid
office.poctest.blueoriginpoc.myshn.net GlobalSign RSA OV SSL CA 2018	`2022-11-01` - `2023-12-03`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 05	`2022-10-21` - `2023-10-16`	a year	crt.sh
www.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-10-04` - `2023-09-29`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05	`2022-12-23` - `2023-12-18`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-09-08` - `2023-09-03`	a year	crt.sh
ct-tag.clicktale.net Amazon	`2022-05-26` - `2023-06-24`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-20`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Frame ID: 73E55ABBFCC0BAD6A9083F139EF8856B
Requests: 98 HTTP requests in this frame

Frame: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/tags?session_id=2a194572-082e-43d4-b52a-b0df342069c6
Frame ID: BEF0F64CAE1D00FF213F95E394621D74
Requests: 2 HTTP requests in this frame

Frame: https://fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net/Clear.HTML?ctx=Ls1.0&session_id=2a194572-082e-43d4-b52a-b0df342069c6&id=97be05dd-3608-49cf-99b5-7d71c5312b67&w=8DAEBD164164012&tkt=H3ihr9e92IdW6yd1ZgQ9S0kvtvZRuOxcpRCTIW%252fmvgxWa6Xkol8FwucPzYl8al50J0qSf57jqUTVcSeQxDLY%252buo7StZWQ%252bnjvafLuvhr3qeWhI%252f2FuFynaUuWv7kP%252fBE86U%252fFnoFf1%252bA%252f%252fdOQnmogAejA57r54UNPrxtMJRoMM6L53v8MmKwDo%252bZWJx7zdO5x8s7eAU0zuwmm6%252bLE2YZdurf%252bX3SYU2%252f84gPBCJxhJsNzyuhbqP0hHf9CpXycwrN7jTVh3duFydMCt6cwqVokMzDxuikSZu2OJm5%252bgk8kTVKpxKG9dn13KUY3tMUcQz0&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC
Frame ID: 4D2429392AFAB43BBED4F76BBBF3EC6F
Requests: 1 HTTP requests in this frame

Frame: https://login.live.com.office.poctest.blueoriginpoc.myshn.net/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net&uaid=d04e6945-6131-4e29-21e1-af9d865b5132&partnerId=mshomepage
Frame ID: 68BD720FDBBD58D826D91ACADBB4143A
Requests: 2 HTTP requests in this frame

Frame: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/store/buy/cartcount
Frame ID: 6BE663FC04F85A8C4DB0D3803FEAFBA4
Requests: 1 HTTP requests in this frame

Frame: https://mscom.demdex.net/dest5.html?d_nsid=0
Frame ID: 715820B1274787942E7DB5E55E2BC384
Requests: 35 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=mshomepage&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F
Frame ID: 375143187768CC7F50AA893D5BC02828
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft – Cloud, Computers, Apps & GamingCalifornia Consumer Privacy Act (CCPA) Opt-Out Icon

Page URL History Show full URLs

http://microsoft.com.office.poctest.blueoriginpoc.myshn.net/ HTTP 301
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/ HTTP 302
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

75 %
HTTPS

26 %
IPv6

46
Domains

67
Subdomains

34
IPs

3
Countries

1383 kB
Transfer

4140 kB
Size

89
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://aka.ms.office.poctest.blueoriginpoc.myshn.net/edgeperformanceuhf
Title: Switch now

Search URL Search Domain Scan URL

URL: https://www.xbox.com/
Title: Xbox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://onedrive.live.com.office.poctest.blueoriginpoc.myshn.net/about/en-us/
Title: OneDrive

Search URL Search Domain Scan URL

URL: https://outlook.live.com.office.poctest.blueoriginpoc.myshn.net/owa/
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.skype.com.office.poctest.blueoriginpoc.myshn.net/en/
Title: Skype

Search URL Search Domain Scan URL

URL: https://www.onenote.com.office.poctest.blueoriginpoc.myshn.net/
Title: OneNote

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/games/store/xbox-game-pass-ultimate/cfq7ttc0khs0?icid=CNavAllXboxGamePassUltimate
Title: Xbox Game Pass Ultimate

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/games/store/pc-game-pass/cfq7ttc0kgq8?icid=CNavAllPCGamePass
Title: PC Game Pass

Search URL Search Domain Scan URL

URL: https://dynamics.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: Dynamics 365

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: Microsoft Power Platform

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: Azure

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com.office.poctest.blueoriginpoc.myshn.net/docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Microsoft Learn

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: Azure Marketplace

Search URL Search Domain Scan URL

URL: https://appsource.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Title: AppSource

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/games/store/pc-game-pass/cfq7ttc0kgq8?icid=mscom_marcom_H2a_PCGamePass&Holiday23
Title: Join now

Search URL Search Domain Scan URL

URL: https://unlocked.microsoft.com.office.poctest.blueoriginpoc.myshn.net/nfl-powering-a-better-game/?ocid=cmmwu7exyrx
Title: Read the story

Search URL Search Domain Scan URL

URL: https://unlocked.microsoft.com.office.poctest.blueoriginpoc.myshn.net/nba-donovan-mitchell-childrens-village/?ocid=cmmulrkz072
Title: Learn about the partnership

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Microsoft

Search URL Search Domain Scan URL

URL: https://twitter.com/microsoft

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/microsoft

Search URL Search Domain Scan URL

URL: https://account.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com.office.poctest.blueoriginpoc.myshn.net/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://education.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Educator training and development

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/free/students/
Title: Azure for students

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Careers

Search URL Search Domain Scan URL

URL: https://news.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://aka.ms.office.poctest.blueoriginpoc.myshn.net/yourcaliforniaprivacychoices
Title: California Consumer Privacy Act (CCPA) Opt-Out Icon Your California Privacy Choices

Search URL Search Domain Scan URL

URL: https://support.microsoft.com.office.poctest.blueoriginpoc.myshn.net/contactus
Title: Contact Microsoft

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/?LinkId=521839
Title: Privacy

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/?linkid=2196228
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://go.microsoft.com.office.poctest.blueoriginpoc.myshn.net/fwlink/?linkid=2196227
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Title: About our ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://microsoft.com.office.poctest.blueoriginpoc.myshn.net/ HTTP 301
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/ HTTP 302
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://dc.ads.linkedin.com/collect/?pid=7850&fmt=gif HTTP 302
https://dc.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D7850%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQKfOoFKD6sYxwAAAYVsbUwyODXNmzcsTzkfk4uqrzvMMHxo_4eB5zKrRqalpxP6FdvVtco

Request Chain 81

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory HTTP 302
https://www.google.com/pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory&is_vtc=1&random=2415517078

Request Chain 85

https://cm.everesttech.net/cm/dd?d_uuid=02582319366975169313197907280371022789 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7FC5AAAALGzawN-

Request Chain 95

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=02582319366975169313197907280371022789&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d02582319366975169313197907280371022789 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=d46863b1-42e4-4f00-baec-cc509e289364&ddsuuid=02582319366975169313197907280371022789

Request Chain 99

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037110854060084727

Request Chain 101

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&RedC=c.clarity.ms&MXFR=032C95AD790F652E1FF087217D0F6B1A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&MUID=0F6B28C127DF63F90F573A4D26AE62EB

Request Chain 106

https://idsync.rlcdn.com/365868.gif?partner_uid=02582319366975169313197907280371022789 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDI1ODIzMTkzNjY5NzUxNjkzMTMxOTc5MDcyODAzNzEwMjI3ODkQABoNCOSFxZ0GEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ac4f1031c647b24325755c9fd0854635813f3cc53226f842406cd7739790188eb0da87c991749652

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI1ODIzMTkzNjY5NzUxNjkzMTMxOTc5MDcyODAzNzEwMjI3ODk= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECNp3hsRDEyu5ZsMe78qBkk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 110

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

Request Chain 111

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=02582319366975169313197907280371022789 HTTP 302
https://dpm.demdex.net/ibs:dpid=992&dpuuid=a80ac11jme5a

Request Chain 113

https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=997336237027792449

Request Chain 114

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=007323d3-8b18-4640-a8a6-fc24415b389e

Request Chain 115

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bTyE7m89g-p2OYTuaT_L7246guZ2bYK6Ojtwtgrw

Request Chain 116

https://c.bing.com/c.gif?uid=02582319366975169313197907280371022789&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0F6B28C127DF63F90F573A4D26AE62EB

Request Chain 117

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5479107FBD7E94&gdpr=0&gdpr_consent=

Request Chain 120

https://a.tribalfusion.com/i.match?p=b13&u=02582319366975169313197907280371022789&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=02582319366975169313197907280371022789&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 121

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=02582319366975169313197907280371022789&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lxup8KtE2pExayKLnEVkR8MGXpS_w6kfDDI-~A

Request Chain 122

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7258477811886955612&uid=Q7258477811886955612&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7258477811886955612

Request Chain 123

https://jadserve.postrelease.com/dmp/7?vk=02582319366975169313197907280371022789&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID HTTP 302
https://dpm.demdex.net/ibs:dpid=38117&dpuuid=bf2f84bd-7e6d-4835-a930-1d51954bddd8

Request Chain 124

https://ds.reson8.com/adb-ext.gif?puid=02582319366975169313197907280371022789 HTTP 302
https://dpm.demdex.net/ibs:dpid=57282&dpuuid=3C8E2C349C2BEDE678A65DCF62FBB606

Request Chain 125

https://bttrack.com/dmp/adobe/user?dd_uuid=02582319366975169313197907280371022789 HTTP 302
https://dpm.demdex.net/ibs:dpid=49276&dpuuid=aa58ffd9-5f6e-4cc5-a3da-ec3e9fb0364f

Request Chain 126

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=4663278335337858257483&gdpr=0&gdpr_consent=

Request Chain 128

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02582319366975169313197907280371022789?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02582319366975169313197907280371022789?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a33c06f97d45d1c43678cb1170f5c647

Request Chain 129

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

Request Chain 130

https://rtd.tubemogul.com/migrate_et3/ HTTP 302
https://rtd-tm.everesttech.net/migrate_et3/

Request Chain 131

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTdGQzVBQUFBTEd6YXdOLQ==

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y7FC5AAAALGzawN-&expires=90

Request Chain 133

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN- HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN-&C=1

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y7FC5AAAALGzawN-

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y7FC5AAAALGzawN- HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y7FC5AAAALGzawN-

Request Chain 136

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7FC5AAAALGzawN-

Request Chain 137

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1&__user_check__=1&sync_id=82d799de-89ad-11ed-8a04-1b8585150103

Request Chain 138

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y7FC5AAAALGzawN-&t=2592000&o=0

Request Chain 140

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=q3LHAW1RQ9iavsqGeVbJ9A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=02582319366975169313197907280371022789

Request Chain 141

https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=jWCIg3BSQrB86xWNfMVdFiaEdkc

142 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Redirect Chain

http://microsoft.com.office.poctest.blueoriginpoc.myshn.net/
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

191 KB
28 KB

777ms
776ms

Document
text/html

54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b15b9a6145a05bcf001bafa4c2eddf77f3601625a78ad6b85adc8bfe852995f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0,s-maxage=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 27645
Content-Type: text/html;charset=utf-8
Date: Sun, 01 Jan 2023 08:22:57 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
TLS_version: tls1.2
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Dispatcher: dispatcher2eastus2
X-EdgeConnect-MidMile-RTT: 19 19
X-EdgeConnect-Origin-MEX-Latency: 2038 2038
X-Frame-Options: SAMEORIGIN
X-RTag: AEM_PROD_Marketing
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Vhost: publish_microsoft_s
ms-commit-id: 7b5c624
ms-cv: Ta9La47GTcC1yOhM.0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 01 Jan 2023 08:22:56 GMT
Location: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Server: nginx
Strict-Transport-Security: max-age=31536000
TLS_version: tls1.2
X-RTag: ARRPrd
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30

GET
H/1.1 200
OK main-light.min.ACSHASH3e822d6827d4b41cd4b5e8a7d66a7e5f.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/ 354 KB
45 KB 138ms
137ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/main-light.min.ACSHASH3e822d6827d4b41cd4b5e8a7d66a7e5f.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9b1e64b01e6cedbe068f09b2ed91df0fbea823c248ec854deb2d3422e6fc1184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 2f885be
TLS_version: tls1.2
Connection: keep-alive
ms-cv: RHQeD6GxTzi7OE1F.0
Content-Length: 45413
Last-Modified: Mon, 19 Sep 2022 17:45:12 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-base.min.ACSHASH50628e34bba9f2b65078edc419e409b3.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 311 KB
24 KB 303ms
127ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-base.min.ACSHASH50628e34bba9f2b65078edc419e409b3.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fe0db16494f87dc9d27022905b95d08bdeac77645807a40a843783ff4d1f15bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher3eastus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 2878823
TLS_version: tls1.2
Connection: keep-alive
ms-cv: lt83xcU7SnyKSWcS.0
Content-Length: 23983
Last-Modified: Tue, 09 Nov 2021 19:03:02 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-uhf.min.ACSHASHf9f2395c582fa601707b7a5dfae9f05f.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 406 B
926 B 320ms
144ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-uhf.min.ACSHASHf9f2395c582fa601707b7a5dfae9f05f.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d7d6d06624d4bdf6935b848df342ce322d02b58d12bf12149df92d557e5e9bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1westus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_s
ms-commit-id: d9ec375
TLS_version: tls1.2
Connection: keep-alive
ms-cv: QTtl3GtwSa+Y2DwL.0
Content-Length: 183
Last-Modified: Tue, 01 Sep 2020 18:18:04 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-polyfills.min.ACSHASH87340f968f85ec162e195e5217994ae7.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 59 KB
20 KB 286ms
107ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-polyfills.min.ACSHASH87340f968f85ec162e195e5217994ae7.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

21d44fa63ad828d6b46608dc300e7955a09cbff9084510fa622887d0b9cb6892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 10fc269
TLS_version: tls1.2
Connection: keep-alive
ms-cv: VUYAT4rCSMG0fMRM.0
Content-Length: 20097
Last-Modified: Wed, 12 Jan 2022 18:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-jquery.min.ACSHASHb1168f0ce867875996c28ca9e8b4949b.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 90 KB
33 KB 284ms
106ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-jquery.min.ACSHASHb1168f0ce867875996c28ca9e8b4949b.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d2f4b85b7f0f668a5127c43b8dd3e08b8959c4436def2f00a62619fb0f887679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher3westus2
X-EdgeConnect-Origin-MEX-Latency: 53
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 1
X-Vhost: publish_microsoft_s
ms-commit-id: f37f6fe
TLS_version: tls1.2
Connection: keep-alive
ms-cv: J1DXTVCtTsCl2LNw.0
Content-Length: 32548
Last-Modified: Tue, 02 Jun 2020 00:52:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-jquery-cookie.min.ACSHASHa67d659f582bf93e1d8156fc182326f5.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 1 KB
2 KB 286ms
91ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-jquery-cookie.min.ACSHASHa67d659f582bf93e1d8156fc182326f5.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d76d1ac714b8979dc902ef8f6b3de25fc320b974816b7d592caa7496cc98e5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher3westus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: f37f6fe
TLS_version: tls1.2
Connection: keep-alive
ms-cv: v3zsgf4hRbujDqXF.0
Content-Length: 793
Last-Modified: Tue, 02 Jun 2020 00:52:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK v1.min.ACSHASHd825183b3614c7a5dca53474beaec39e.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-analytics/ 2 KB
1 KB 371ms
82ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-analytics/v1.min.ACSHASHd825183b3614c7a5dca53474beaec39e.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

080ea6ddcf2661a39bd01791928461ba12ca1b0f7508791e4ef80a62405f4365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1westus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 745e634
TLS_version: tls1.2
Connection: keep-alive
ms-cv: EMxpdVBUQ4SdnGt6.0
Content-Length: 699
Last-Modified: Wed, 27 Jul 2022 17:43:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK v1.min.ACSHASH3007ee72081412fbd8b665a01afb7cad.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/ 3 KB
2 KB 96ms
96ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASH3007ee72081412fbd8b665a01afb7cad.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

83af1e385fb14102655f33cc258ac7ef1e939a537d22d25dc0ad802f8b5d83b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: aad9f57
TLS_version: tls1.2
Connection: keep-alive
ms-cv: HIZ0WpCVQmChFFbu.0
Content-Length: 1304
Last-Modified: Wed, 07 Sep 2022 17:51:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASHca07771c800c8dbc085e2a351d219e77.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/holiday-themer/v1/holiday-themer/clientlibs/ 870 B
2 KB 369ms
80ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/holiday-themer/v1/holiday-themer/clientlibs/site.min.ACSHASHca07771c800c8dbc085e2a351d219e77.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

753789b72c5d2e49135f24c09140643d2cabbaf1add9c4a2a1f47337b4d28de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 25, 25, 32, 26, 25
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 0, 19, 14, 19, 98
X-Vhost: publish_microsoft_s
ms-commit-id: fa7d7cb
TLS_version: tls1.2
Connection: keep-alive
ms-cv: cVylELT8T/OdUXYj.0
Content-Length: 489
Last-Modified: Thu, 04 Nov 2021 17:47:56 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK 74-888e54
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1... 167 KB
23 KB 282ms
107ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6b55626cad4ee8862ad2573221bb994343dc79c3b7472ec4d33fc1f82b3330e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ms-operation-id: 08d6219492a1e145a0dac9fa58f5ae19
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: RT
X-S2: 2022-12-13T20:46:07
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: c0fb40dc-b1f2-48fc-ae9a-55ac839c2c37
TLS_version: tls1.2
Connection: keep-alive
MS-CV: TQiD6N7KTEm8+lT4.0
Content-Length: 22759
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 13 Dec 2022 20:46:07 GMT
Server: nginx
X-Az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29939001
X-S1: 2022-12-13T20:46:07
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Timing-Allow-Origin: *
X-Robots-Tag: none
X-AppVersion: 1.0.8349.33967
Expires: Wed, 13 Dec 2023 20:46:18 GMT

GET
H/1.1 200
OK override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ 1 KB
926 B 216ms
65ms Stylesheet
text/css 23.200.3.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.200.3.25 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-3-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Unused62: 8096267
Content-Encoding: gzip
Date: Sun, 01 Jan 2023 08:22:57 GMT
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6EEC3A2D67C35
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 2235af75-301e-0065-5ed9-51bb57000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 473

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 238ms
72ms Image
image/png 2600:1400:d::17db:5d11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::17db:5d11 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
last-modified: Fri, 02 Dec 2022 20:12:54 GMT
x-resizerversion: 1.0
x-datacenter: eastus
x-source-length: 4054
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216821
x-activityid: dc527dad-0eaf-4584-b4f7-98bda01a4db8
timing-allow-origin: *
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length: 4054
expires: Tue, 03 Jan 2023 20:36:39 GMT

GET
H/1.1 200
OK site.min.ACSHASH0df7fef27e9de44acae5b384a20f2542.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/universalheader/v1/universalheader/clientlibs/ 2 KB
1 KB 88ms
82ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/universalheader/v1/universalheader/clientlibs/site.min.ACSHASH0df7fef27e9de44acae5b384a20f2542.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd34a6261aa2ba4b1b371bd2cd91146e77bdbadf10f3950f53f79fe22b28eea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: aedd210
TLS_version: tls1.2
Connection: keep-alive
ms-cv: ethwJyI6SwS5Q8Zn.0
Content-Length: 750
Last-Modified: Mon, 18 Jul 2022 17:49:08 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASH7c34475ccd4fb5689f833f1255874583.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/alert/v1/alert/clientlibs/ 194 B
755 B 87ms
80ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/alert/v1/alert/clientlibs/site.min.ACSHASH7c34475ccd4fb5689f833f1255874583.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

10bca8c892dc4dabeb614788a7e14e43d1eeb9914633469da43b759efc71a703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher2southeastasia
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_s
ms-commit-id: f37f6fe
TLS_version: tls1.2
Connection: keep-alive
ms-cv: 5EROuZMORqKjeP+D.0
Content-Length: 141
Last-Modified: Wed, 16 Dec 2020 19:07:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site-countdown.min.ACSHASH94aa1eb906a7edbbac5f31e5866db0fd.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/alert/v1/alert/clientlibs/ 6 KB
2 KB 157ms
157ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/alert/v1/alert/clientlibs/site-countdown.min.ACSHASH94aa1eb906a7edbbac5f31e5866db0fd.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7b0bb971c5e8e4cd2aa3d77cc5f9b24e6b74d6e4837dfdc5ee8658ce7a47b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 28d4a99
TLS_version: tls1.2
Connection: keep-alive
ms-cv: RZ7j0HqrSACXjmKX.0
Content-Length: 1693
Last-Modified: Mon, 24 Oct 2022 20:14:08 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASH58ded7ec79d32269013420240bdd4f9f.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/highlightcarousel/v1/highlightcarousel/clientlibs/ 37 B
668 B 82ms
75ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/highlightcarousel/v1/highlightcarousel/clientlibs/site.min.ACSHASH58ded7ec79d32269013420240bdd4f9f.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9d497882d9669c6a952c31eec8ee2d173814492563a9f91d8bfe80ebbfd828a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: f37f6fe
TLS_version: tls1.2
Connection: keep-alive
ms-cv: 9t3RS/4bSpGtht1B.0
Content-Length: 51
Last-Modified: Wed, 14 Apr 2021 18:19:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASHaae55fd1705718f75074813dfcc832ec.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/highlight/v1/highlight/clientlibs/ 2 KB
1 KB 74ms
73ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/highlight/v1/highlight/clientlibs/site.min.ACSHASHaae55fd1705718f75074813dfcc832ec.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c4abe7d416d41c766d9f68fba4b7d71fadc34da5429a9cbb5fb8e37699e4f043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 2d48175
TLS_version: tls1.2
Connection: keep-alive
ms-cv: OuCDrIpfRa+O5Dxr.0
Content-Length: 828
Last-Modified: Wed, 19 May 2021 20:06:40 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASH6ed56cb8f73d7269f8148a22dae6f004.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/highlightcarousel/v1/highlightcarousel/clientlibs/ 1 KB
1 KB 83ms
76ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6e196bcf2063fd5e67784100cc78932054b99c2ad6a829fa1cdd8beb2d8133f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher3eastus2
X-EdgeConnect-Origin-MEX-Latency: 28
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 16
X-Vhost: publish_microsoft_s
ms-commit-id: e973494
TLS_version: tls1.2
Connection: keep-alive
ms-cv: xM84/vfZSBev1I0g.0
Content-Length: 454
Last-Modified: Thu, 17 Jun 2021 17:25:24 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-base.min.ACSHASH4a1a159dbf6ecd5b5d3a44e3bd0a50a8.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 26 KB
10 KB 85ms
78ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-base.min.ACSHASH4a1a159dbf6ecd5b5d3a44e3bd0a50a8.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2fdca28abc02613c6fb27cdd4b6781f2ba5301cec06524d76ab9ee5ee9083c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 26, 26
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 15, 30
X-Vhost: publish_microsoft_s
ms-commit-id: 7b5c624
TLS_version: tls1.2
Connection: keep-alive
ms-cv: g5mWRW1LT96ySEFf.0
Content-Length: 9266
Last-Modified: Mon, 12 Dec 2022 19:16:29 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK site.min.ACSHASH48501a4d0f4564d484ac84ade1bb653d.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/content-card/v1/content-card/clientlibs/ 1 KB
1 KB 84ms
83ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/content-card/v1/content-card/clientlibs/site.min.ACSHASH48501a4d0f4564d484ac84ade1bb653d.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

09013e113c9b9329fb10385dc2bad7cbf8d3d0ba288d322fb56da3bb43ec4184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: f37f6fe
TLS_version: tls1.2
Connection: keep-alive
ms-cv: PER0chVVS6iSO/RX.0
Content-Length: 708
Last-Modified: Fri, 07 May 2021 21:44:27 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H2 200 1.gif
via.placeholder.com/ 106 B
664 B 132ms
45ms Image
image/png 2606:4700:3035::6815:2127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/1.gif
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ca1fdd7823716444e36b7f1a43eb32aa76179ec0592542eab5bc9ad1ae11ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55293
x-cache: L2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106
last-modified: Fri, 30 Dec 2022 19:47:40 GMT
server: cloudflare
etag: "63af405c-6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdT7sVNnMfvvgsZ7T901fMfC9VD9It95NWb9GX0Isv090gQHlkjgjJtp%2BYVg5ZcJLTOsMsGUDufZRhcd2PwGJHUFI3zTUdtjN973D%2BqyhQQ5ZyL%2BXsySEID608JLvLF%2BOZrLSDh5TY9L9Me1vPU0ODUl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7829d9a4aa0067e4-MIA
expires: Sat, 31 Dec 2022 19:47:24 GMT

GET
H/1.1 200
OK Facebook%202x
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 650 B
1 KB 376ms
64ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Facebook%202x?scl=1

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b51b9243527353696243a6ea257f09eb367bd9ae2e5f913adca8a7caf3a1668b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 175
Server: nginx
Last-Modified: Fri, 14 May 2021 23:46:27 GMT
ETag: "6b4216cbcd3aa02cd68fdc80979c792e"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 650
Expires: Sun, 01 Jan 2023 11:24:34 GMT

GET
H/1.1 200
OK Twitter%202x
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 542 B
1019 B 308ms
76ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Twitter%202x?scl=1

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

31964343541ff587ccc71f4f1747b2aaaa07941566961b0dfdfcc39aa708310f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 537
Server: nginx
Last-Modified: Fri, 14 May 2021 23:45:56 GMT
ETag: "81c3ecda88bc13dc2c7014cb53a19f7e"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 542
Expires: Sun, 01 Jan 2023 11:09:29 GMT

GET
H/1.1 200
OK Linkedin%202x
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 1 KB
2 KB 326ms
64ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Linkedin%202x?scl=1

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1b353005f5b7942f4d04892b17e9dbe7559d1b9897f4a29c9ce64619039b6f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 33
Server: nginx
Last-Modified: Fri, 14 May 2021 23:39:25 GMT
ETag: "dfd3322303eae1153b25b9a3f41e877b"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 1072
Expires: Sun, 01 Jan 2023 12:31:00 GMT

GET
H/1.1 200
OK sites.min.ACSHASHf6ffff8a8fec7f49605eedfe67c90d10.css
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/back-to-top-button/v1/back-to-top-button/clientlibs/ 263 B
809 B 98ms
91ms Stylesheet
text/css 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/back-to-top-button/v1/back-to-top-button/clientlibs/sites.min.ACSHASHf6ffff8a8fec7f49605eedfe67c90d10.css

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f8ff71be5a86f13df49880578eaf9cd200edb4cd259fc63bbc7094e6fbc8b7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1westus2
Date: Sun, 01 Jan 2023 08:22:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: bae01e6
TLS_version: tls1.2
Connection: keep-alive
ms-cv: mmcl7OGzQyO7Ivc5.0
Content-Length: 191
Last-Modified: Wed, 18 Aug 2021 20:44:58 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK sites.min.ACSHASH2b973beecf0db761f5e2d0453e76b82e.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/content/back-to-top-button/v1/back-to-top-button/clientlibs/ 156 B
766 B 80ms
75ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6d4e2a663cf792486908a639bb7d5af1a6c664289039d7040a5a8326c12e27a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1westus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: d9ec375
TLS_version: tls1.2
Connection: keep-alive
ms-cv: nRDT3PhyRV67JHAO.0
Content-Length: 134
Last-Modified: Thu, 11 Feb 2021 23:49:34 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK wcp-consent.js Show response
wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net/mscc/lib/v2/ 51 KB
14 KB 314ms
119ms Script
application/javascript 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net/mscc/lib/v2/wcp-consent.js
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: daf7759fedd9af6c4d7e374b0d056547ae7cb245ec24a1c4acf02932f30dc536

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
Content-MD5: QT/MdZzBmCG2G2lBgIsptQ==
Age: 8885
X-Cache: CONFIG_NOCACHE
Connection: keep-alive
Content-Length: 13055
x-ms-lease-status: unlocked
Last-Modified: Wed, 24 Aug 2022 17:34:58 GMT
Server: nginx
ETag: 0x8DA85F6F74C6D08
Vary: Accept-Encoding
X-Azure-Ref: 04kKxYwAAAACplitJAhh+T4G5TnjKXWiDUEhMMzBFREdFMDMxMgAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: fed80a42-a01e-0025-1ea5-1d214a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=43200
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none

GET
H/1.1 200
OK 37-8473b9 Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-... 133 KB
36 KB 91ms
91ms Script
text/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8ac92f485bb461233eb5246121d586ec352b91f52773142647e26b29ff9ce953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ms-operation-id: d026c53e20f08c46a62533c20e2d35af
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: RT
X-S2: 2022-10-18T17:40:57
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: c2418cba-6aa1-4668-b18a-63157547cd9c
TLS_version: tls1.2
Connection: keep-alive
MS-CV: UxtmBYXWsEmjqPfw.0
Content-Length: 35639
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 18 Oct 2022 17:40:57 GMT
Server: nginx
X-Az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-09-24T05:27:58.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=25089481
X-S1: 2022-10-18T17:40:57
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Timing-Allow-Origin: *
X-Robots-Tag: none
X-AppVersion: 1.0.8301.38639
Expires: Wed, 18 Oct 2023 17:40:59 GMT

GET
H2 200 meversion Show response
mem.gfx.ms/ 29 KB
12 KB 262ms
106ms Script
application/javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

63a8fe97d81d026fc046c5d3fddd8dab1d85cfd7e524c9f0173cf91327d96234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sun, 01 Jan 2023 10:22:58 GMT
date: Sun, 01 Jan 2023 08:22:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
vary: Accept-Encoding
x-azure-ref: 20230101T082258Z-htqpgf7ut95k93yy20bz0c7wyg0000000920000000009twb
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_MISS
cache-control: public, no-transform, max-age=7200
x-ua-compatible: IE=edge

GET
H/1.1 200
OK main-light.min.ACSHASHf482e47f46fb33d80b20334060534d1c.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/ 186 KB
54 KB 106ms
105ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/main-light.min.ACSHASHf482e47f46fb33d80b20334060534d1c.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f1d53a884e2fd5e0730d082e026844a7ccdb5748f1aacede6424fd33206c1638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 60
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 0
X-Vhost: publish_microsoft_s
ms-commit-id: 2f885be
TLS_version: tls1.2
Connection: keep-alive
ms-cv: Oe7yHUhfT6WEp8LB.0
Content-Length: 55009
Last-Modified: Mon, 19 Sep 2022 17:45:12 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-httpclient.min.ACSHASHd7040c4f85fe2ba1582e6cad144877a6.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 39 KB
14 KB 88ms
88ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-httpclient.min.ACSHASHd7040c4f85fe2ba1582e6cad144877a6.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ca033a1ae17ddc8cf0ad0dde3aec8157fbfd4a3305d233bd9cb7d560524bc034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 24, 24
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 19, 31
X-Vhost: publish_microsoft_s
ms-commit-id: 7b5c624
TLS_version: tls1.2
Connection: keep-alive
ms-cv: QOv2JcjeQr61SmEv.0
Content-Length: 13398
Last-Modified: Mon, 12 Dec 2022 19:16:26 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-cookieconsent.min.ACSHASHc892f451b0c4db9c8ab2601a427c9b2c.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 162 B
797 B 78ms
78ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-cookieconsent.min.ACSHASHc892f451b0c4db9c8ab2601a427c9b2c.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

389377dda2f9b7a9ef203764c0e8d2a7b22f02158e98f90a74d4bae3c52cd9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1westus2
X-EdgeConnect-Origin-MEX-Latency: 31
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 65
X-Vhost: publish_microsoft_s
ms-commit-id: 5b40b34
TLS_version: tls1.2
Connection: keep-alive
ms-cv: 0jJXWy/4SCWugPYx.0
Content-Length: 118
Last-Modified: Wed, 21 Jul 2021 20:56:24 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none

GET
H/1.1 200
OK embed-thirdparty.min.ACSHASHebf52f3d1547aaaa48ca65496e01fd9a.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 1 KB
1 KB 107ms
107ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/embed-thirdparty.min.ACSHASHebf52f3d1547aaaa48ca65496e01fd9a.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f96518df2d7e3a0df1a4e76d17b0005bf5f170073b432f271072e193acd7124d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: ce271df
TLS_version: tls1.2
Connection: keep-alive
ms-cv: 5y36pD+aR12ng8y0.0
Content-Length: 572
Last-Modified: Wed, 25 Aug 2021 22:05:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK featurecontrol.min.ACSHASHf120033122e43a4cb0b53bb306afc5dc.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 146 B
769 B 78ms
78ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/featurecontrol.min.ACSHASHf120033122e43a4cb0b53bb306afc5dc.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0776a8d556c597b202331e992bdabe65be587f468595214c7eaac639736687f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 0bf130d
TLS_version: tls1.2
Connection: keep-alive
ms-cv: kE0xpIHWScGBMprn.0
Content-Length: 137
Last-Modified: Thu, 10 Jun 2021 16:53:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 172 KB
61 KB 118ms
118ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d6e8dec9c8136c314474c34a90fd2ac4f7bdeeedb67f0fc68bbc44df77ba9a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 2f6e57f
TLS_version: tls1.2
Connection: keep-alive
ms-cv: SmW9nAsOQQyq7IrD.0
Content-Length: 61828
Last-Modified: Wed, 30 Nov 2022 18:55:57 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK clientlib-greenid.min.ACSHASH44a811225ab0a12502f646d624dede72.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/ 952 B
1 KB 82ms
81ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-greenid.min.ACSHASH44a811225ab0a12502f646d624dede72.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c7ff31cad30713623fac4cba88bef7375246f8118b7a5fdd8e50ff3e611e9837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 116
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 19
X-Vhost: publish_microsoft_s
ms-commit-id: 0c15161
TLS_version: tls1.2
Connection: keep-alive
ms-cv: PLSdphELRi+/RCit.0
Content-Length: 544
Last-Modified: Mon, 27 Jun 2022 17:56:34 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK mwfmdl2-v3.54.woff
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/mwf/_h/v3.54/mwf.app/fonts/ 26 KB
27 KB 126ms
79ms Font
application/font-woff 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-base.min.ACSHASH50628e34bba9f2b65078edc419e409b3.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-base.min.ACSHASH50628e34bba9f2b65078edc419e409b3.css
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ms-operation-id: 2596a48ffad5b64bbc39fa8f351d7fe1
Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-RTag: RT
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: 3a376ac9-ae98-4e35-b75c-a8cfc594f68d
TLS_version: tls1.2
Connection: keep-alive
MS-CV: NfxgKG/UKUqzzEmW.0
Content-Length: 26288
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 10 Apr 2022 22:45:05 GMT
Server: nginx
X-Az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odeastus, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
Access-Control-Allow-Methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=24308354
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
X-AppVersion: 1.0.8125.42964
Expires: Mon, 09 Oct 2023 16:42:12 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 382ms
67ms Font
font/woff2 2600:1400:d:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/main-light.min.ACSHASH3e822d6827d4b41cd4b5e8a7d66a7e5f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:594::356e New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=159742
accept-ranges: bytes
content-length: 34052
expires: Tue, 03 Jan 2023 04:45:20 GMT

GET
H/1.1 200
OK MWFUISymbol.woff2
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/resources/fonts/ 21 KB
22 KB 111ms
111ms Font
application/octet-stream 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/resources/fonts/MWFUISymbol.woff2

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/main-light.min.ACSHASH3e822d6827d4b41cd4b5e8a7d66a7e5f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f343d652b1484f6d901474a52613dd7186ff89a513056a15de649f06bbd96124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-mwf-new/main-light.min.ACSHASH3e822d6827d4b41cd4b5e8a7d66a7e5f.css
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
Date: Sun, 01 Jan 2023 08:22:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: 7b5c624
TLS_version: tls1.2
Connection: keep-alive
ms-cv: ZXrnAUacRsW94RoU.0
Content-Length: 21372
Last-Modified: Wed, 14 Jul 2021 21:47:47 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Cache-Control: public, max-age=38026
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 320ms
66ms Font
font/woff2 2600:1400:d:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-base.min.ACSHASH50628e34bba9f2b65078edc419e409b3.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:594::356e New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=256201
accept-ranges: bytes
content-length: 29388
expires: Wed, 04 Jan 2023 07:32:59 GMT

GET
H/1.1 200
OK Highlight-Surface-Pro-9-All-Colors-FY23HOL:VP5-1920x600
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 77 KB
77 KB 289ms
67ms Image
image/jpeg 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-Surface-Pro-9-All-Colors-FY23HOL:VP5-1920x600

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a77f52bafc2e925e79f9fa182352484e573b4eb4656c9a46d7c071c400e2e7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: -20808
Server: nginx
Last-Modified: Sun, 01 Jan 2023 07:14:16 GMT
ETag: "edaca3ed923f94c30229ce69bd48e99f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 78338
Expires: Sun, 01 Jan 2023 17:14:31 GMT

GET
H/1.1 200
OK surface-go2-link-list-120x120
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 362 B
839 B 256ms
76ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/surface-go2-link-list-120x120?wid=40&hei=40

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dff412eec93dee7bdc7863c6d08cdadf8b7acd8ff06c587e619b3380292999b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 240
Server: nginx
Last-Modified: Mon, 10 Oct 2022 22:46:41 GMT
ETag: "c7e1bfdda77804987ec6085d1e654113"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 362
Expires: Sun, 01 Jan 2023 14:11:04 GMT

GET
H/1.1 200
OK xbox-blk-logo-link-list-120x120
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 410 B
887 B 212ms
81ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/xbox-blk-logo-link-list-120x120?wid=40&hei=40

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fa3fa94c28f7a07e20c72a3b180abb2acecf50053271d57647dfc17906d2f838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 377
Server: nginx
Last-Modified: Fri, 07 Oct 2022 23:43:13 GMT
ETag: "1e30557f39d8ceb40a4e0d540cefbb82"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 410
Expires: Sun, 01 Jan 2023 13:29:42 GMT

GET
H/1.1 200
OK gldn-Quick-Link-Icon-80x80-Microsoft-365
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 344 B
821 B 209ms
63ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/gldn-Quick-Link-Icon-80x80-Microsoft-365?wid=40&hei=40

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

624ec25c76efe3f19162a9696c9cbeb1d66417a76bcedb9f621948a9409c63d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 220
Server: nginx
Last-Modified: Fri, 14 May 2021 23:57:14 GMT
ETag: "31ff26497921caa2e5f3d5d3f12ea5ec"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 344
Expires: Sun, 01 Jan 2023 11:22:17 GMT

GET
H/1.1 200
OK keyboard-mouse-link-list-120x120
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 396 B
873 B 146ms
81ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/keyboard-mouse-link-list-120x120?wid=40&hei=40

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0a3cd31a85d5a252d532bba8d547aaf6187ccb465b7357b3b1f6e00ac62ad847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 347
Server: nginx
Last-Modified: Tue, 13 Dec 2022 14:08:01 GMT
ETag: "1db101aa343255a3453bf970e9199960"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 396
Expires: Sun, 01 Jan 2023 09:47:19 GMT

GET
H/1.1 200
OK gldn-ICON-LL-briefcase-120x120
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 318 B
795 B 214ms
82ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/gldn-ICON-LL-briefcase-120x120?wid=40&hei=40

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

582f97b3f8df55d6de0ed904b36299684c92e613512b72060cf67fc0273ebbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 387
Server: nginx
Last-Modified: Fri, 19 Aug 2022 23:21:39 GMT
ETag: "7522740dd774685b013d8f777bf092ef"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 318
Expires: Sun, 01 Jan 2023 11:22:29 GMT

GET
H/1.1 200
OK Content-Card-Surface-Laptop-5-Platinum-Alcantara-FY23HOL
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 6 KB
6 KB 74ms
74ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Surface-Laptop-5-Platinum-Alcantara-FY23HOL?wid=380&hei=213&fit=crop

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a35c07af4cf51ab56eb3c3dfa7f1377be8172360dcd6a616f90db41071c86624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 2808
Server: nginx
Last-Modified: Mon, 17 Oct 2022 16:21:26 GMT
ETag: "07d0c3f2a219a2c2922d1d5bdb99c64a"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 5862
Expires: Sun, 01 Jan 2023 13:25:30 GMT

GET
H/1.1 200
OK Content-Card-Surface-Go-3-FY23HOL
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 2 KB
3 KB 67ms
67ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Surface-Go-3-FY23HOL?wid=380&hei=213&fit=crop

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1d88db365470e68343381017a1d4174070e7c87871e222d636c28c5bc34fa8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 5542
Server: nginx
Last-Modified: Thu, 06 Oct 2022 22:02:56 GMT
ETag: "593fa00040663425de12e93310136cb4"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 2397
Expires: Sun, 01 Jan 2023 11:36:47 GMT

GET
H/1.1 200
OK Content-Card-Xbox-Series-X-S-FY23HOL
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 3 KB
4 KB 74ms
74ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Xbox-Series-X-S-FY23HOL?wid=380&hei=213&fit=crop

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

749eb6c06fd1b0a377f718800f79a49a04b7ad6a2d39943bc1702759bc634ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 3328
Server: nginx
Last-Modified: Mon, 17 Oct 2022 16:21:26 GMT
ETag: "95d2ff765383e6fddf7f0c063185487c"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 3564
Expires: Sun, 01 Jan 2023 10:46:35 GMT

GET
H/1.1 200
OK tags Show response
fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/ Frame BEF0 22 KB
10 KB 509ms
307ms Document
text/html 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/tags?session_id=2a194572-082e-43d4-b52a-b0df342069c6
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-greenid.min.ACSHASH44a811225ab0a12502f646d624dede72.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e125b50fd47e81bef7de6b75fa53321ab7744254e7bc90f7b0cf220c4401748

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9634
Content-Type: text/html
Date: Sun, 01 Jan 2023 08:22:58 GMT
Server: nginx
Vary: Accept-Encoding
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30

GET
H2 200 ms.shared.analytics.mectrl-3.2.6.gbl.min.js Show response
js.monitor.azure.com/scripts/c/ 88 KB
41 KB 529ms
75ms Script
text/javascript 13.107.237.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.237.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.2.6
last-modified: Thu, 18 Aug 2022 21:40:45 GMT
vary: Accept-Encoding
x-azure-ref: 20230101T082258Z-av43xb2r111ubctr5uzc4zk358000000090000000000w9mt
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 53aa39ae-b01e-0065-1f46-135da3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK Highlight-Surface-Pro-9-All-Colors-FY23HOL:VP1-539x440
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 26 KB
27 KB 66ms
65ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-Surface-Pro-9-All-Colors-FY23HOL:VP1-539x440

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1ec8d6f3feba3f0c273f67ef954a3bdad2e5919994d56ad8bccf7ad5e15307a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 4613
Server: nginx
Last-Modified: Sun, 01 Jan 2023 05:19:52 GMT
ETag: "d1c6f4f150754ab1ebb926de3e43d5cd"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 26763
Expires: Sun, 01 Jan 2023 15:20:09 GMT

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/ 177 KB
48 KB 423ms
68ms Script
application/javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf469f5d35c6b4fc5e7401cfdb21c25f22a6a6345abff761a53b290e3c017fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 15 Dec 2022 20:37:22 GMT
content-encoding: br
etag: W/"1d91108168c6fa1"
vary: Accept-Encoding
x-azure-ref: 20230101T082258Z-dec61gd3qp72fb638x3q4fb95w000000012g000000010cbd
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
x-ua-compatible: IE=edge

GET
H/1.1 200
OK Content-Card-Surface-Headphones-Black-Earbuds-Glacier-FY23HOL
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 4 KB
4 KB 65ms
64ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Surface-Headphones-Black-Earbuds-Glacier-FY23HOL?wid=380&hei=213&fit=crop

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2770b88156f09f73d0db0433b58e07b218a3904a195923492c77d265372edc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 3401
Server: nginx
Last-Modified: Sat, 22 Oct 2022 07:08:27 GMT
ETag: "67895a09942a0259bb8b7e7bfff89948"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 3658
Expires: Sun, 01 Jan 2023 10:46:35 GMT

GET
H/1.1 200
OK Highlight-Xbox-Elite-Controller-Black-FY23HOL.png:VP5-1596x600
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 23 KB
24 KB 66ms
65ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-Xbox-Elite-Controller-Black-FY23HOL.png:VP5-1596x600

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4057cd9eeec4d4c2ea93581d87c6919ed498f8e26a4e8a0f6fba99e8b46aea01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 30920
Server: nginx
Last-Modified: Sun, 01 Jan 2023 08:00:17 GMT
ETag: "91fa48811f0ae1fdbe778235461f801a"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 23958
Expires: Sun, 01 Jan 2023 18:01:09 GMT

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK Clear.PNG Show response
fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/Images/ Frame BEF0 0
837 B 85ms
85ms XHR
text/html 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/Images/Clear.PNG?ctx=jscb1.0&session_id=2a194572-082e-43d4-b52a-b0df342069c6&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC&esi=YnVhPU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2Jm9zPVdpbjMyJmxwcm9jPTQmb2w9dHJ1ZSZydHQ9MCZjaHJtPXRydWUmcHJvc3ViPTIwMDMwMTA3JmV2YWw9MzMmYXBwdj01LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYmcHI9MSZzcj0xNjAweDEyMDAmc2NkPTI0JmFzcj0xNjAweDEyMDAmdHo9MCZkc3Q9MCZ0em89MCZibD1lbi1VUyZtdGg9YTg4MmFiY2RjNzdkZGZkZjllYTg0MTE0NzA2YjlhN2EmbXRuPTQmcG49MyZwaD0zNzE0ZTA2MWY5M2Y5MjkxMzg4ZGI4ZmQ0N2M3NmM3YSZwPXBsdWdpbl9mbGFzaCUzRGZhbHNlJTI2cGx1Z2luX3dpbmRvd3NfbWVkaWFfcGxheWVyJTNEZmFsc2UlMjZwbHVnaW5fYWRvYmVfYWNyb2JhdCUzRGZhbHNlJTI2cGx1Z2luX3NpbHZlcmxpZ2h0JTNEZmFsc2UlMjZwbHVnaW5fcXVpY2t0aW1lJTNEZmFsc2UlMjZwbHVnaW5fc2hvY2t3YXZlJTNEZmFsc2UlMjZwbHVnaW5fcmVhbHBsYXllciUzRGZhbHNlJTI2cGx1Z2luX3ZsY19wbGF5ZXIlM0RmYWxzZSUyNnBsdWdpbl9kZXZhbHZyJTNEZmFsc2UlMjZwbHVnaW5fc3ZnX3ZpZXdlciUzRGZhbHNlJTI2cGx1Z2luX2phdmElM0RmYWxzZSZsaD1odHRwcyUzQSUyRiUyRmZwdC5taWNyb3NvZnQuY29tLm9mZmljZS5wb2N0ZXN0LmJsdWVvcmlnaW5wb2MubXlzaG4ubmV0JTJGdGFncyUzRnNlc3Npb25faWQlM0QyYTE5NDU3Mi0wODJlLTQzZDQtYjUyYS1iMGRmMzQyMDY5YzYmZHI9aHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbS5vZmZpY2UucG9jdGVzdC5ibHVlb3JpZ2lucG9jLm15c2huLm5ldCUyRiZ3PThEQUVCRDE2NDE2NDAxMiZpZD05N2JlMDVkZC0zNjA4LTQ5Y2YtOTliNS03ZDcxYzUzMTJiNjcmYT0mYz02YjE1NzNkYTBiNDA2ZjA3MDY5ZWVlNDc1ZTUwYjU4NA==&eci=eyJ1dmRyIjoiSW50ZWwgSW5jLiIsInVyZHIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ2ZHIiOiJXZWJLaXQiLCJyZHIiOiJXZWJLaXQgV2ViR0wiLCJpZHVoIjoiOTY2ZmYwZjBhMDQ1NjE4ZDE5NGFmZTgyN2ViNjFkNWUifQ==
Requested by: Host: fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/tags?session_id=2a194572-082e-43d4-b52a-b0df342069c6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/tags?session_id=2a194572-082e-43d4-b52a-b0df342069c6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 20

GET
H/1.1 200
OK Clear.HTML Show response
fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net/ Frame 4D24 3 KB
2 KB 314ms
85ms Document
text/html 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net/Clear.HTML?ctx=Ls1.0&session_id=2a194572-082e-43d4-b52a-b0df342069c6&id=97be05dd-3608-49cf-99b5-7d71c5312b67&w=8DAEBD164164012&tkt=H3ihr9e92IdW6yd1ZgQ9S0kvtvZRuOxcpRCTIW%252fmvgxWa6Xkol8FwucPzYl8al50J0qSf57jqUTVcSeQxDLY%252buo7StZWQ%252bnjvafLuvhr3qeWhI%252f2FuFynaUuWv7kP%252fBE86U%252fFnoFf1%252bA%252f%252fdOQnmogAejA57r54UNPrxtMJRoMM6L53v8MmKwDo%252bZWJx7zdO5x8s7eAU0zuwmm6%252bLE2YZdurf%252bX3SYU2%252f84gPBCJxhJsNzyuhbqP0hHf9CpXycwrN7jTVh3duFydMCt6cwqVokMzDxuikSZu2OJm5%252bgk8kTVKpxKG9dn13KUY3tMUcQz0&CustomerId=02C58649-E822-405B-B6C3-17A7509D2FCC
Requested by: Host: fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/tags?session_id=2a194572-082e-43d4-b52a-b0df342069c6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 26537fa05c06cfa66db7b266041e87fc0d71180492da577fcc84193fe988d318

Request headers

Referer: https://fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1436
Content-Type: text/html
Date: Sun, 01 Jan 2023 08:22:59 GMT
Server: nginx
Vary: Accept-Encoding
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30

GET
H/1.1 200
OK me.srf Show response
login.live.com.office.poctest.blueoriginpoc.myshn.net/ Frame 68BD 12 KB
6 KB 577ms
388ms Document
text/html 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com.office.poctest.blueoriginpoc.myshn.net/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net&uaid=d04e6945-6131-4e29-21e1-af9d865b5132&partnerId=mshomepage

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/meBoot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

42653ece52356e7a2e9c90f1febc81671d0ffdbc9e4e848ed770cdccd104c770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4846
Content-Type: text/html; charset=utf-8
Date: Sun, 01 Jan 2023 08:22:59 GMT
Expires: Sun, 01 Jan 2023 08:21:59 GMT
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BY1PEPF00004199 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-XSS-Protection: 1; mode=block
x-ms-request-id: c69d8548-fd14-42b5-9f9a-88dba39c93a8
x-ms-route-info: R3_BAY

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/ 98 KB
22 KB 42ms
40ms Script
application/javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSHomePage&market=en-us&uhf=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4138cee0dc9879fa5cf0e2bae14be75ec3affbbcf11c95735e870ffd0642d145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 15 Dec 2022 20:37:30 GMT
content-encoding: br
etag: W/"1d911081b52e8ad"
vary: Accept-Encoding
x-azure-ref: 20230101T082259Z-dec61gd3qp72fb638x3q4fb95w000000012g000000010cd3
content-type: application/javascript
access-control-allow-origin: *
x-cache: TCP_HIT
x-ua-compatible: IE=edge

POST
H/1.1 403
No events are from an allowed domain. / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 57 B
598 B 320ms
80ms XHR
application/json 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1672561379339
accept-language: en-US,en;q=0.9
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
apikey: aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 01 Jan 2023 08:22:59 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Expose-Headers: Collector-Error
Access-Control-Allow-Credentials: true
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Content-Length: 57

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 344ms
74ms Preflight 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 01 Jan 2023 08:22:58 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK embed-partnerscripts.ACSHASHd42874795074a1d69edaa5a5b6bbf84c.min.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 1 KB
1 KB 78ms
76ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/embed-partnerscripts.ACSHASHd42874795074a1d69edaa5a5b6bbf84c.min.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/embed-thirdparty.min.ACSHASHebf52f3d1547aaaa48ca65496e01fd9a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

798b370bfb4caf2fab6e01414cbd518a84102101ec8b5f42bebb62a03d2c02c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 22
Date: Sun, 01 Jan 2023 08:22:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 2
X-Vhost: publish_microsoft_s
ms-commit-id: aad9f57
TLS_version: tls1.2
Connection: keep-alive
ms-cv: jfJBfVRpSaC65SnP.0
Content-Length: 623
Last-Modified: Wed, 29 Sep 2021 17:44:37 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H2 200 05d32363-d534-4d93-9b65-cde674775e71.js Show response
cdnssl.clicktale.net/www32/ptc/ 395 KB
74 KB 297ms
84ms Script
application/javascript 2600:9000:23ca:6200:c:7c62:1240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnssl.clicktale.net/www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/embed-thirdparty.min.ACSHASHebf52f3d1547aaaa48ca65496e01fd9a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6200:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69af3327a413449ec6b32c4c7dc3ed8dfd2d4118c9c5f209fd380af9d0a0c77a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 14:37:07 GMT
content-encoding: br
via: 1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-version-id: G_FjBNvlnFVNhOw.rFwxmhexY.EvdYFB
x-amz-cf-pop: JFK50-P2
age: 0
x-cache: Hit from cloudfront
content-length: 75217
last-modified: Mon, 26 Dec 2022 14:34:33 GMT
server: AmazonS3
etag: "c6e5ea1939723248ca1f956a886ec88d"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: IBFfawichOl8yUL1k3jHDEEITBwT2qOtKdf9GaUJUM-ogvQ18BoyCg==

GET
H/1.1 200
OK v24.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-thirdparty/ 359 KB
83 KB 176ms
175ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/clientlib-thirdparty/v24.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/embed-thirdparty.min.ACSHASHebf52f3d1547aaaa48ca65496e01fd9a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9f5bc4dee21e7edf0f634b2fc53eb7853b9b8443506d1fa007d3b72ddf3c63b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 74
Date: Sun, 01 Jan 2023 08:22:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 0
X-Vhost: publish_microsoft_s
ms-commit-id: 771f270
TLS_version: tls1.2
Connection: keep-alive
ms-cv: ybeZr2RoSweRvext.0
Content-Length: 84178
Last-Modified: Mon, 14 Nov 2022 18:55:04 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK cartcount Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/store/buy/ Frame 6BE6 2 B
977 B 79ms
78ms Document
text/html 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/store/buy/cartcount

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=51006
Connection: keep-alive
Content-Length: 2
Content-Type: text/html
Date: Sun, 01 Jan 2023 08:22:59 GMT
Expires: Sun, 01 Jan 2023 22:33:05 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
TLS_version: tls1.2
X-RTag: Str
X-Region: Exp3
X-Robots-Tag: none
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30

GET
H2 200 RE4xdax
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 3 KB
3 KB 77ms
77ms Image
image/png 2600:1400:d::17db:5d11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2600:1400:d::17db:5d11 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:59 GMT
last-modified: Fri, 02 Dec 2022 21:00:28 GMT
x-resizerversion: 1.0
x-source-length: 3094
x-datacenter: eastus
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=218448
x-activityid: 479a68c6-c6d2-405e-a43d-6859b9e02398
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE4xdax
timing-allow-origin: *
content-length: 3094
expires: Tue, 03 Jan 2023 21:03:47 GMT

GET
H/1.1 200
OK Highlight-PC-GamePass-Light-FY23HOL:VP5-1920x600
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 39 KB
40 KB 123ms
123ms Image
image/jpeg 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-PC-GamePass-Light-FY23HOL:VP5-1920x600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0dd3b4adb91490146dba6d38710e3ef2ffcffc9049bd992409644334db385c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: -2403
Server: nginx
Last-Modified: Sun, 01 Jan 2023 08:02:58 GMT
ETag: "d139a6b78ab273436bf2d14da038fd02"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 40199
Expires: Sun, 01 Jan 2023 18:03:17 GMT

GET
H/1.1 200
OK visitor.ACSHASHa8d964dfb2a9c82f0b538a7b74dbd6be.min.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 58 KB
20 KB 145ms
145ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/visitor.ACSHASHa8d964dfb2a9c82f0b538a7b74dbd6be.min.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASH3007ee72081412fbd8b665a01afb7cad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d6fc58ed12db572e8abf53dbe893f255cc0cdaed200f4ffca52a5c2938edd7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher1eastus2
X-EdgeConnect-Origin-MEX-Latency: 43
Date: Sun, 01 Jan 2023 08:22:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-EdgeConnect-MidMile-RTT: 0
X-Vhost: publish_microsoft_s
ms-commit-id: aad9f57
TLS_version: tls1.2
Connection: keep-alive
ms-cv: 5/siwAnFQNaTxm8y.0
Content-Length: 19802
Last-Modified: Thu, 10 Jun 2021 16:53:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK experimentation.ACSHASH895e2a12062f1ee44d7d72d266904bde.min.js Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/ 97 KB
33 KB 154ms
154ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/experimentation.ACSHASH895e2a12062f1ee44d7d72d266904bde.min.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/clientlibs/exp-cookiecomp/v1.min.ACSHASH3007ee72081412fbd8b665a01afb7cad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f0f1e5b8018fdc583b77fba8bd14a54b2885f1cfe12110ceaf4bad8b2bef5ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Dispatcher: dispatcher2eastus2
Date: Sun, 01 Jan 2023 08:22:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-RTag: AEM_PROD_Static
X-Vhost: publish_microsoft_s
ms-commit-id: b5af9a5
TLS_version: tls1.2
Connection: keep-alive
ms-cv: socUFZZtSZmyCqAL.0
Content-Length: 32794
Last-Modified: Wed, 13 Apr 2022 17:40:28 GMT
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H/1.1 200
OK Content-Card-Surface-Pro-9-LIfestyle-M2
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 14 KB
15 KB 124ms
124ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Surface-Pro-9-LIfestyle-M2?wid=380&hei=213&fit=crop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3418e8af69ef657855141e8618c27888a71fa0d623cfb5d847516a1cb91da1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 9865
Server: nginx
Last-Modified: Wed, 12 Oct 2022 17:38:51 GMT
ETag: "1fbf94c1f3c06be32a4d1a617efce85c"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 14468
Expires: Sun, 01 Jan 2023 12:58:22 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 7 KB
3 KB 249ms
62ms XHR
application/json 3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1672561379595

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

1cc1a53e8d33934dca7d5c5c7b8b86bf2f0a696270c8120bd03dda9b1db668a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v044-0a0317766.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: lXKJNOXNR5g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2037
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 A1133099-331c-4cdf-89b0-06dc20e168021.js Show response
d.impactradius-event.com/ 42 KB
14 KB 124ms
35ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1133099-331c-4cdf-89b0-06dc20e168021.js
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 740c4a4051ece66927a66587ea88f4bdba013758321fa6074e50189b10dc2dc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:12 GMT
content-encoding: gzip
age: 47
x-guploader-uploadid: ADPycdtRfHA30FirDq5xOFc154iF3KbzUQ2BJl2-QuaR9bfNaJI6_1KK5Z7idBc1_Egl2Xc30dHVH2U0xZS1Mu1-It9YbKH4nR7H
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13352
last-modified: Tue, 15 Nov 2022 19:11:09 GMT
server: UploadServer
etag: "f7d1ba466a9ff70c5d2970ee88d0f1a2"
vary: Accept-Encoding
x-goog-generation: 1668539469177243
x-goog-hash: crc32c=IpT4tA==, md5=99G6Rmqf9wxdKXDuiNDxog==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13352
accept-ranges: bytes
expires: Sun, 01 Jan 2023 08:27:12 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 260ms
82ms Script
application/javascript 23.36.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5S71GC247CAE4T3VM1G&lib=ttq
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6620f2de5b537e943731bc098d7db22d450c538c7d494bfc613c0b17c13848c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 3cc71db
date: Sun, 01 Jan 2023 08:22:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-1-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
content-length: 1150
pragma: no-cache
server: nginx
x-tt-logid: 20230101082259211CCB17B7B6F7EE1884
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.36.1.12
x-tt-trace-host: 016db96f4a9ed650deae557ce1d8f0e1e5df7cf321e1f933e008498507176e5421295602ef86f0aba352a07522d5a93bcdbc9f1a5f9577fbc55070d7dc058519e8cbdecabc9e59153bcb462ca20ed81b4811c69370cd8828c5ee7bfb70d82ab067
expires: Sun, 01 Jan 2023 08:22:59 GMT

GET
H/1.1 200
OK bat.js Show response
bat.bing.com.office.poctest.blueoriginpoc.myshn.net/ 38 KB
12 KB 296ms
100ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com.office.poctest.blueoriginpoc.myshn.net/bat.js

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6743d8c1034db24089b572e1af976462fce8ab6bcc29b655375a6a42ec4cad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Cache: CONFIG_NOCACHE
Connection: keep-alive
Content-Length: 11492
Last-Modified: Mon, 05 Dec 2022 17:15:50 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 373B2AA5BCF648CF8643643DEB76529C Ref B: BLUEDGE1520 Ref C: 2023-01-01T08:22:59Z
ETag: "027e538cd8d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=1800
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Accept-Ranges: bytes
X-Robots-Tag: none

GET
H2 200 tr
www.facebook.com/ 0
185 B 221ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1770559986549030&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1672561379708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 01 Jan 2023 08:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
31 B 222ms
70ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=undefined&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1672561379708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 01 Jan 2023 08:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
31 B 221ms
69ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1770559986549030&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1672561379708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 01 Jan 2023 08:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
31 B 224ms
72ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=undefined&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1672561379708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 01 Jan 2023 08:22:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=7850&fmt=gif
https://dc.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D7850%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQKfOoFKD6sYxwAAAYVsbUwyODXNmzcsTzkfk4uqrzvMMHxo_4eB5zKrRqalpxP6FdvVtco

43 B
572 B

211ms
124ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQKfOoFKD6sYxwAAAYVsbUwyODXNmzcsTzkfk4uqrzvMMHxo_4eB5zKrRqalpxP6FdvVtco
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:23:00 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D6A0F08FD4524A509E8F276775A39D64 Ref B: MIA301000101021 Ref C: 2023-01-01T08:23:00Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAXxL4r1wH5DLWS9g5JmcQ==

Redirect headers

date: Sun, 01 Jan 2023 08:23:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8D31E89933BF440195EF49A6938058ED Ref B: MIAEDGE1618 Ref C: 2023-01-01T08:23:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=7850&fmt=gif&cookiesTest=true&liSync=true&e_ipv6=AQKfOoFKD6sYxwAAAYVsbUwyODXNmzcsTzkfk4uqrzvMMHxo_4eB5zKrRqalpxP6FdvVtco
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxL4rxhNLlkMQZaSEgiw==

GET
H2 200 ats
ats.everesttech.net/ats/ 807 B
1 KB 247ms
60ms Image
image/jpeg 54.235.82.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ats.everesttech.net/ats/ats?cmd=RT&AdvertiserID=4249&platform=TUMRI&ActionID=20114&ActionName=Microsoft_Store_RT_Pixel&ut1=&ut2=en&ut3=us&cachebuster=344449160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.82.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-82-200.compute-1.amazonaws.com
Software: /
Resource Hash: bcabe44a7797883fd909b8d723ae3c02dde4b22c9389ec56177d8654fab574ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Sun, 01 Jan 2023 08:22:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Sun Jan 01 08:22:59 UTC 2023

GET
H2

200

/
www.google.com/pagead/1p-user-list/923371515/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory
https://www.google.com/pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory&is_vtc=1&random=2415517078

42 B
548 B

232ms
83ms

Image
image/gif

2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory&is_vtc=1&random=2415517078

Protocol

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:22:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&data=ecomm_pagetype%3Dcategory&is_vtc=1&random=2415517078
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK gldn-CP-Microsoft-Teams-Commercial
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 6 KB
7 KB 69ms
68ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/gldn-CP-Microsoft-Teams-Commercial?wid=380&hei=213&fit=crop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3095cb457866110870497897636885da352d558c58525449a1216111a866bf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:22:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 6022
Server: nginx
Last-Modified: Tue, 12 Oct 2021 07:09:51 GMT
ETag: "f40e375d1af27a391f5f2013b27ba755"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 6496
Expires: Sun, 01 Jan 2023 12:54:08 GMT

GET
H/1.1 200
OK dest5.html Show response
mscom.demdex.net/ Frame 7158 7 KB
3 KB 255ms
59ms Document
text/html 23.23.215.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mscom.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/visitor.ACSHASHa8d964dfb2a9c82f0b538a7b74dbd6be.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.215.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-215-102.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v044-0e7fa9c0c.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: H2sSU7EHRFY=
content-encoding: gzip
date: Sun, 1 Jan 2023 08:23:00 GMT
last-modified: Fri, 28 Oct 2022 11:07:54 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
msftenterprise.sc.omtrdc.net/ 2 B
295 B 201ms
62ms XHR
application/x-javascript 63.140.38.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://msftenterprise.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=02300552371791243643225985990487544522&ts=1672561379903

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.104 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-104.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 01 Jan 2023 08:23:00 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y7FC5AAAALGzawN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02582319366975169313197907280371022789
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7FC5AAAALGzawN-

42 B
940 B

64ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7FC5AAAALGzawN-

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-092f3364d.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ybCmGs3hR38=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7FC5AAAALGzawN-
Date: Sun, 01 Jan 2023 08:23:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK JIC-DPS-CP01
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 9 KB
10 KB 68ms
68ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/JIC-DPS-CP01?wid=380&hei=213&fit=crop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dcd2828e7633dfd37bab156fd11ee51028301fdd595a816667fc10b7d8e751f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 6997
Server: nginx
Last-Modified: Fri, 16 Jul 2021 07:03:54 GMT
ETag: "583f9f84e1d996f1f0f98b089a5d3b0e"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 9266
Expires: Sun, 01 Jan 2023 17:13:53 GMT

GET
H/1.1 200
OK MeControl_eEFMK9J_NaBil4idk6lEtw2.js Show response
logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net/16.000/content/js/ Frame 68BD 17 KB
7 KB 307ms
108ms Script
application/x-javascript 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net/16.000/content/js/MeControl_eEFMK9J_NaBil4idk6lEtw2.js
Requested by: Host: login.live.com.office.poctest.blueoriginpoc.myshn.net
URL: https://login.live.com.office.poctest.blueoriginpoc.myshn.net/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net&uaid=d04e6945-6131-4e29-21e1-af9d865b5132&partnerId=mshomepage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 748e32c09b98cdc3030e8fce9ce803679b23c0d81546027bc82a1e9f3a9d5f4c

Request headers

Referer: https://login.live.com.office.poctest.blueoriginpoc.myshn.net/
Origin: https://login.live.com.office.poctest.blueoriginpoc.myshn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sun, 01 Jan 2023 08:23:00 GMT
Content-Encoding: gzip
X-Azure-Ref-OriginShield: 0eKmwYwAAAADWTCwjYE7TQoR5cwtL1yqPRVdSMzBFREdFMDYxOQBkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
Content-MD5: xeHNIuwtwtDb4YPuNBDlVw==
X-Cache: TCP_HIT
Connection: keep-alive
Content-Length: 6044
x-ms-lease-status: unlocked
Last-Modified: Thu, 01 Dec 2022 06:23:18 GMT
Server: nginx
ETag: 0x8DAD36489DF254D
X-Azure-Ref: 05EKxYwAAAAAbZx/FYu6mQomHDcqduTp8UEhMMzBFREdFMDMxMgBkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: e57e8f78-301e-0008-1a79-1b6f62000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none

GET
H2 200 main.MWI1MTgwZGZmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 234 KB
67 KB 69ms
68ms Script
application/javascript 23.36.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5S71GC247CAE4T3VM1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0fe31dc85bbc0cc8d5509e81691e22af1a6ff6d6297e2c66591caf31b37fb5ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 3cc71f4
date: Sun, 01 Jan 2023 08:23:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221220170125D0FD861C53320CC40D0A
vary: Accept-Encoding
x-cache: TCP_HIT from a23-36-1-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e998e622e3081e20d9c315dbe429d7fbad79a5626efc3c9706d616ec460c521c5f48d1b9295a8d00cdb6744cb29879bd298787ebfe78233ff2a820079a530b9b93bb6826ffb554c6605e1081729bfe5a53e2c7dccc1ae3c6580f8e1e9b6cab49
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=7
content-length: 68147

GET
H/1.1 200
OK 4000034.js Show response
bat.bing.com.office.poctest.blueoriginpoc.myshn.net/p/action/ 4 KB
2 KB 86ms
85ms Script
application/javascript 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com.office.poctest.blueoriginpoc.myshn.net/p/action/4000034.js

Requested by

Host: bat.bing.com.office.poctest.blueoriginpoc.myshn.net
URL: https://bat.bing.com.office.poctest.blueoriginpoc.myshn.net/bat.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3c908314988bfecb4c01fde8689a60969a9943dba02733b912962cc021e5b08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: 5F9F9AAE37EB4B038C28FD213E9D5883 Ref B: BLUEDGE0213 Ref C: 2023-01-01T08:23:00Z
Vary: Accept-Encoding
X-Cache: CONFIG_NOCACHE
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=60
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 1213

GET
H/1.1 204
No Content 0
bat.bing.com.office.poctest.blueoriginpoc.myshn.net/action/ 0
670 B 147ms
70ms Image
text/plain 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com.office.poctest.blueoriginpoc.myshn.net/action/0?ti=4000034&Ver=2&mid=7d5cf0b7-8f5c-4b70-92b4-a38805258233&sid=80ba742089ad11eda199d7dacc2360ce&vid=80baa59089ad11edbc6a87451fcefb40&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Microsoft%20%E2%80%93%20Cloud,%20Computers,%20Apps%20%26%20Gaming&p=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F&r=&lt=3224&pt=1672561376112,,,,,606,606,606,606,606,,607,1383,1385,1390,2247,2252,2267,3217,3217,3224&pn=0,0&evt=pageLoad&sv=1&rn=866544

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Server: nginx
X-MSEdge-Ref: Ref A: 5D8EE58360474039861171C61801AF7E Ref B: BLUEDGE0213 Ref C: 2023-01-01T08:23:00Z
X-Cache: CONFIG_NOCACHE
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content 0
bat.bing.com.office.poctest.blueoriginpoc.myshn.net/action/ 0
670 B 218ms
69ms Image
text/plain 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Server: nginx
X-MSEdge-Ref: Ref A: 30EBF4330F9A464EBB939EA096D6F900 Ref B: BLUEDGE0213 Ref C: 2023-01-01T08:23:00Z
X-Cache: CONFIG_NOCACHE
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Content-Card-Brand-Hybrid-Work
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 4 KB
4 KB 68ms
66ms Image
image/webp 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Content-Card-Brand-Hybrid-Work?wid=380&hei=213&fit=crop

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b61ce1c86cbbca4c05a1cd3d6768b540dd7296d9516dab691b3b6cc113080ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 6392
Server: nginx
Last-Modified: Thu, 17 Feb 2022 17:00:34 GMT
ETag: "75bcb7a94efbb0331a4b244d1bfb5cd7"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 3622
Expires: Sun, 01 Jan 2023 12:36:19 GMT

POST
H/1.1 200
OK delivery Show response
target.microsoft.com.office.poctest.blueoriginpoc.myshn.net/rest/v1/ 45 KB
12 KB 319ms
116ms XHR
application/json 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://target.microsoft.com.office.poctest.blueoriginpoc.myshn.net/rest/v1/delivery?client=microsoftmscompoc&sessionId=b0113ecac2104a0fb7a37d1016001378&version=2.4.0
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-139-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: abe2fc15c881faf11bf727beab4e3a788d288ed400da4f0e51c2362155207e02

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
Timing-Allow-Origin: *
X-Robots-Tag: none
Content-Length: 11549
X-Request-ID: 5201398639ba9594607f1081b695f00b

GET
H2 200 4000034 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 181ms
63ms Script
application/x-javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4000034
Requested by: Host: bat.bing.com.office.poctest.blueoriginpoc.myshn.net
URL: https://bat.bing.com.office.poctest.blueoriginpoc.myshn.net/p/action/4000034.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b5fc8192fc9b0a599a0648e3d67c7257a8975954279f79481d94fab78bddb6e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sun, 01 Jan 2023 08:22:59 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 05EKxYwAAAADoiSHpgg9DTqXJrTpzAubfTUlBRURHRTIyMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=d46863b1-42e4-4f00-baec-cc509e289364&ddsuuid=02582319366975169313197907280371022789
dpm.demdex.net/ Frame 7158
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=02582319366975169313197907280371022789&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d02582319366975...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=d46863b1-42e4-4f00-baec-cc509e289364&ddsuuid=02582319366975169313197907280371022789

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=d46863b1-42e4-4f00-baec-cc509e289364&ddsuuid=02582319366975169313197907280371022789

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-00a2e08e9.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: LqVxSwX0Q+A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Server: MT3 277 3f0ad7a master ord-pixel-x11 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=d46863b1-42e4-4f00-baec-cc509e289364&ddsuuid=02582319366975169313197907280371022789
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 01 Jan 2023 08:22:59 GMT

GET
H2 200 identify_13839.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 73ms
73ms Script
application/javascript 23.36.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_13839.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 3cc723d
date: Sun, 01 Jan 2023 08:23:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221220165952501B5BDD846E0FF27616
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-1-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01baea9890eecf9331abd53295dbb6ef13408f613f71836001ac18e0c96b552ccf7ca038abda2c888b44f3cc4dfe80cc41d5266aada7093cacdb048a8621a6f9837e53ab9912f7d39bacc3fe4ecfd2cbc60ec15ebb918bbcc18552015b41d04c9b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30780

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
546 B 91ms
90ms Ping
text/plain 23.36.1.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:00 GMT
x-akamai-request-id: 3cc7257
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202301010823001FB952949399B4FE5CFB
x-cache: TCP_MISS from a23-36-1-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.36.1.12
x-tt-trace-host: 016db96f4a9ed650deae557ce1d8f0e1e5df7cf321e1f933e008498507176e5421295602ef86f0aba352a07522d5a93bcdcc74f3809030cf711e768910051336e8e0db6f448c3dc9df6c4459430f3a316654d9e1de4677e76314fcbd984c659535
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=4, origin; dur=22
content-length: 0
expires: Sun, 01 Jan 2023 08:23:00 GMT

GET
H/1.1 200
OK Highlight-Surface-NFL-Seahawks-Tyler-Lockett:VP5-1596x600
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 49 KB
49 KB 70ms
69ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-Surface-NFL-Seahawks-Tyler-Lockett:VP5-1596x600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c3acfc73f546ddf268439695f0e554bf5f2242dd2a723b06bad53da8925b17f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 99875
Server: nginx
Last-Modified: Sun, 01 Jan 2023 03:02:31 GMT
ETag: "222a9016effc6d97526a20e235ec3fe4"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 50031
Expires: Sun, 01 Jan 2023 13:03:15 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7037110854060084727
dpm.demdex.net/ Frame 7158
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037110854060084727

42 B
940 B

63ms
62ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037110854060084727

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0cbe1f9b6.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FhqxcLtKS+g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6853959b-89d6-4c67-9649-12cc086ed42f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037110854060084727
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.7.1/ 55 KB
19 KB 37ms
35ms Script
application/javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4000034
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:22:59 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0bNSwYwAAAAB6/spZANClTI5I+lfWz/fVTU5aMjIxMDYwNjEyMDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d913c18f6c839e"
x-azure-ref: 05EKxYwAAAAD1Jg5Xamc2Sp+QvIxgJ9QHTUlBRURHRTIyMDYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&RedC=c.clarity.ms&MXFR=032C95AD790F652E1FF087217D0F6B1A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&MUID=0F6B28C127DF63F90F573A4D26AE62EB

42 B
442 B

65ms
65ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&MUID=0F6B28C127DF63F90F573A4D26AE62EB
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:00 GMT
last-modified: Tue, 13 Dec 2022 22:41:45 GMT
server: Microsoft-IIS/10.0
etag: "fccf6a1444fd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 085FC292A9BF4083A2C1D09F06153D70 Ref B: MIA301000108049 Ref C: 2023-01-01T08:23:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4377B3EB7BC41C0B068EC25D058AE56&MUID=0F6B28C127DF63F90F573A4D26AE62EB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK Highlight-Microsoft-Childrens-Village-Donovan-Mitchell:VP5-1596x600
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/ 42 KB
43 KB 125ms
124ms Image
image/avif 54.226.139.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net/is/image/microsoftcorp/Highlight-Microsoft-Childrens-Village-Donovan-Mitchell:VP5-1596x600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.226.139.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-139-207.compute-1.amazonaws.com

Software

nginx /

Resource Hash

45e64c9f69599bfb76fcea59ecb564d5f6c25bee4fa0a09a815a033890374142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 08:23:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
-X-Adobe-Smart-Imaging: 102477
Server: nginx
Last-Modified: Sun, 01 Jan 2023 07:59:12 GMT
ETag: "74422d381554f5ad709cb7acbdee80d3"
Content-Type: image/avif
Access-Control-Allow-Origin: *
Connection: keep-alive
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Content-Length: 43420
Expires: Sun, 01 Jan 2023 17:59:32 GMT

GET
H2 401 mecache Show response
mem.gfx.ms/me/ Frame 3751 739 B
1 KB 107ms
107ms Document
text/html 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/me/mecache?partner=mshomepage&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22343.3/en-US/meBoot.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=7200
content-length: 739
content-type: text/html; charset=utf-8
date: Sun, 01 Jan 2023 08:23:00 GMT
expires: Sun, 01 Jan 2023 10:23:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20230101T082300Z-htqpgf7ut95k93yy20bz0c7wyg0000000920000000009u61
x-cache: TCP_MISS
x-content-type-options: nosniff
x-ua-compatible: IE=edge

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 76ms
76ms Preflight 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 01 Jan 2023 08:22:59 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 403
No events are from an allowed domain. / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 69 B
610 B 161ms
160ms XHR
application/json 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

ce8a46da21479c8a3ab03ef9526e66a6b011ceb5cd373c48a9dfd755f7e758af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1672561380505
accept-language: en-US,en;q=0.9
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
apikey: aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 01 Jan 2023 08:22:59 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Expose-Headers: Collector-Error
Access-Control-Allow-Credentials: true
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Content-Length: 69

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=ac4f1031c647b24325755c9fd0854635813f3cc53226f842406cd7739790188eb0da87c991749652
dpm.demdex.net/ Frame 7158
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=02582319366975169313197907280371022789
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDI1ODIzMTkzNjY5NzUxNjkzMTMxOTc5MDcyODAzNzEwMjI3ODkQABoNCOSFxZ0GEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ac4f1031c647b24325755c9fd0854635813f3cc53226f842406cd7739790188eb0da87c991749652

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=ac4f1031c647b24325755c9fd0854635813f3cc53226f842406cd7739790188eb0da87c991749652

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0bdb6d4a6.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lETkbS86RDA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 01 Jan 2023 08:23:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=ac4f1031c647b24325755c9fd0854635813f3cc53226f842406cd7739790188eb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
193 B 188ms
56ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
date: Sun, 01 Jan 2023 08:22:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H/1.1 200
OK rank Show response
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/casexpservice/personalizerwrapperapi/v01/ 229 B
1002 B 264ms
262ms XHR
application/json 54.243.131.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/casexpservice/personalizerwrapperapi/v01/rank?personalizerId=16982-PersonalizerWAPI

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.243.131.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-131-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cdcd8bfdb379c1c242be59c5817f6a376f6b0d444a74fe92fab8e9ccfc0ae2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

traceparent: 00-435239933f7241cabb557f89836e2761-969527c775bd42c1-01
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
tenant: store
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/en-us/
X-Requested-With: XMLHttpRequest
Request-Id: |435239933f7241cabb557f89836e2761.969527c775bd42c1
mscv: Ta9La47GTcC1yOhM.0
Request-Context: appId=cid-v1:appId

Response headers

X-EdgeConnect-Origin-MEX-Latency: 146
Date: Sun, 01 Jan 2023 08:23:00 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400; includeSubDomains
X-RTag: RT
X-EdgeConnect-MidMile-RTT: 16
TLS_version: tls1.2
CommitID: 6d9be7b
Connection: keep-alive
Content-Length: 144
Request-Context: appId=cid-v1:aad1b1f3-911e-444a-99fd-6bc51c098122
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Azure-Ref: 05EKxYwAAAAAC25oKC2IHQo2N6avjnj53Q0hJMzBFREdFMDYwOAA4YzA3YWMxNy0zNjI4LTQ5MjktYjliOS03MmEzYWEyMTZkNTk=
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Cache-Control: max-age=0, no-cache, no-store
X-SkyHigh-Version: BuildNumber=4, BuildDate=2022-08-16 05:30
X-Robots-Tag: none
Expires: Sun, 01 Jan 2023 08:23:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESECNp3hsRDEyu5ZsMe78qBkk&google_cver=1
dpm.demdex.net/ Frame 7158
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI1ODIzMTkzNjY5NzUxNjkzMTMxOTc5MDcyODAzNzEwMjI3ODk=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECNp3hsRDEyu5ZsMe78qBkk&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

61ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECNp3hsRDEyu5ZsMe78qBkk&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-09641ad5d.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ws72QGVpR8Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECNp3hsRDEyu5ZsMe78qBkk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-
dpm.demdex.net/ Frame 7158
Redirect Chain

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

42 B
940 B

76ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-07b9e2a3a.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CeklPbeZQ9A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672561381.083851,VS0,VE28
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=992&dpuuid=a80ac11jme5a
dpm.demdex.net/ Frame 7158
Redirect Chain

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=02582319366975169313197907280371022789
https://dpm.demdex.net/ibs:dpid=992&dpuuid=a80ac11jme5a

42 B
940 B

76ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=992&dpuuid=a80ac11jme5a

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-06b02935a.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8kVE5tYoRLM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://dpm.demdex.net/ibs:dpid=992&dpuuid=a80ac11jme5a
cache-control: no-cache
cf-ray: 7829d9b72c629ad2-MIA
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 7158 43 B
394 B 231ms
72ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=02582319366975169313197907280371022789&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 01 Jan 2023 08:23:00 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 05a2935ef0b346a1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6913cc599578b004c4b2f9458170c985eb31112a180fbfc62c103562a0ba930f
content-length: 43

GET
H/1.1

200
OK

ibs:dpid=1121&dpuuid=997336237027792449
dpm.demdex.net/ Frame 7158
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=7085
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=997336237027792449

42 B
940 B

61ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=997336237027792449

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0bfb71767.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lTgbEWQJS1Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=1121&dpuuid=997336237027792449
Date: Sun, 01 Jan 2023 08:23:01 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=007323d3-8b18-4640-a8a6-fc24415b389e
dpm.demdex.net/ Frame 7158
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com.office.poctest.blueoriginpoc.myshn.net&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=007323d3-8b18-4640-a8a6-fc24415b389e

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=007323d3-8b18-4640-a8a6-fc24415b389e

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0b7157621.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: u940c4OvQZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=007323d3-8b18-4640-a8a6-fc24415b389e
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=bTyE7m89g-p2OYTuaT_L7246guZ2bYK6Ojtwtgrw
dpm.demdex.net/ Frame 7158
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bTyE7m89g-p2OYTuaT_L7246guZ2bYK6Ojtwtgrw

42 B
940 B

61ms
60ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bTyE7m89g-p2OYTuaT_L7246guZ2bYK6Ojtwtgrw

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-092f3364d.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0sfLxdLISDw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bTyE7m89g-p2OYTuaT_L7246guZ2bYK6Ojtwtgrw
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=0F6B28C127DF63F90F573A4D26AE62EB
dpm.demdex.net/ Frame 7158
Redirect Chain

https://c.bing.com/c.gif?uid=02582319366975169313197907280371022789&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0F6B28C127DF63F90F573A4D26AE62EB

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0F6B28C127DF63F90F573A4D26AE62EB

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-04df37608.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3k7ZD0xGSHI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 912DE3EB95B94A448958DB47D68E66CA Ref B: MIA301000108049 Ref C: 2023-01-01T08:23:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0F6B28C127DF63F90F573A4D26AE62EB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=5479107FBD7E94&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 7158
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5479107FBD7E94&gdpr=0&gdpr_consent=

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5479107FBD7E94&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-03f71dd4e.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: c1zYobVlSF8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:01 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app106.ash11
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5479107FBD7E94&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sun, 01 Jan 2023 08:23:01 GMT

POST
H/1.1 403
No events are from an allowed domain. / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 67 B
608 B 158ms
157ms XHR
application/json 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
URL: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/etc.clientlibs/microsoft/components/structure/page/clientlibs/custom-oneds.min.ACSHASH3df9445fb29aee24c829388a1150e984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e1ea548bdfc92ed0f4efdce97119b5bcbe91acea94d5a1636475c2315b92a5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1672561381510
accept-language: en-US,en;q=0.9
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/
apikey: aacbcf0ee7614738b1ea4f99c23f2e82-63b77ecc-8c62-4513-aa1f-a12a5ed8c015-6865
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 01 Jan 2023 08:23:00 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Expose-Headers: Collector-Error
Access-Control-Allow-Credentials: true
Collector-Error: No events are from an allowed domain.
Access-Control-Allow-Headers: Collector-Error
Content-Length: 67

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 119ms
118ms Preflight 20.44.10.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.44.10.122 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Sun, 01 Jan 2023 08:23:00 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 7158
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=02582319366975169313197907280371022789&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=02582319366975169313197907280371022789&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
954 B

60ms
59ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0c797dc38.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3jLRpFhFSNo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:01 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 534
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7829d9bc39009ab3-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 7158
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=02582319366975169313197907280371022789&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lxup8KtE2pExayKLnEVkR8MGXpS_w6kfDDI-~A

42 B
940 B

62ms
62ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lxup8KtE2pExayKLnEVkR8MGXpS_w6kfDDI-~A

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-04f54982d.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CI6wEg70SBI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 01 Jan 2023 08:23:01 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lxup8KtE2pExayKLnEVkR8MGXpS_w6kfDDI-~A
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=53196&dpuuid=Q7258477811886955612
dpm.demdex.net/ Frame 7158
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7258477811886955612&uid=Q7258477811886955612&ref=%2Feucm%2Fp%2Fadpq
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7258477811886955612

42 B
940 B

61ms
60ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7258477811886955612

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0bfb71767.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dbRK+B2HRM4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Sun, 01 Jan 2023 08:23:02 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7258477811886955612
Content-Type: text/html
Cache-Control: max-age=42645
Connection: keep-alive
Content-Length: 154

GET
H/1.1

200
OK

ibs:dpid=38117&dpuuid=bf2f84bd-7e6d-4835-a930-1d51954bddd8
dpm.demdex.net/ Frame 7158
Redirect Chain

https://jadserve.postrelease.com/dmp/7?vk=02582319366975169313197907280371022789&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
https://dpm.demdex.net/ibs:dpid=38117&dpuuid=bf2f84bd-7e6d-4835-a930-1d51954bddd8

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=38117&dpuuid=bf2f84bd-7e6d-4835-a930-1d51954bddd8

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-04fe65d63.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TUslPc0vTUY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=38117&dpuuid=bf2f84bd-7e6d-4835-a930-1d51954bddd8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=57282&dpuuid=3C8E2C349C2BEDE678A65DCF62FBB606
dpm.demdex.net/ Frame 7158
Redirect Chain

https://ds.reson8.com/adb-ext.gif?puid=02582319366975169313197907280371022789
https://dpm.demdex.net/ibs:dpid=57282&dpuuid=3C8E2C349C2BEDE678A65DCF62FBB606

42 B
940 B

62ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=57282&dpuuid=3C8E2C349C2BEDE678A65DCF62FBB606

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0d1e01729.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: j2B5I6upRq8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location: https://dpm.demdex.net/ibs:dpid=57282&dpuuid=3C8E2C349C2BEDE678A65DCF62FBB606
cache-control: max-age=0, no-cache, no-store
cf-ray: 7829d9be4d3e0971-MIA
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=49276&dpuuid=aa58ffd9-5f6e-4cc5-a3da-ec3e9fb0364f
dpm.demdex.net/ Frame 7158
Redirect Chain

https://bttrack.com/dmp/adobe/user?dd_uuid=02582319366975169313197907280371022789
https://dpm.demdex.net/ibs:dpid=49276&dpuuid=aa58ffd9-5f6e-4cc5-a3da-ec3e9fb0364f

42 B
940 B

61ms
61ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=49276&dpuuid=aa58ffd9-5f6e-4cc5-a3da-ec3e9fb0364f

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0aaaba77a.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fREqpMbySGw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-servername: Track004-iad
pragma: no-cache
date: Sun, 01 Jan 2023 08:22:33 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: //dpm.demdex.net/ibs:dpid=49276&dpuuid=aa58ffd9-5f6e-4cc5-a3da-ec3e9fb0364f
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 206
expires: -1

GET
H/1.1

200
OK

ibs:dpid=72352&dpuuid=4663278335337858257483&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 7158
Redirect Chain

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=4663278335337858257483&gdpr=0&gdpr_consent=

42 B
940 B

61ms
60ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=72352&dpuuid=4663278335337858257483&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-06b02935a.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qEhIz+lMRxQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=72352&dpuuid=4663278335337858257483&gdpr=0&gdpr_consent=
date: Sun, 01 Jan 2023 08:23:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 CookieSyncAdobe
rtb.adentifi.com/ Frame 7158 0
285 B 192ms
58ms Image
text/plain 34.193.14.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.14.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-14-46.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:23:02 GMT

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=a33c06f97d45d1c43678cb1170f5c647
dpm.demdex.net/ Frame 7158
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02582319366975169313197907280371022789?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02582319366975169313197907280371022789?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a33c06f97d45d1c43678cb1170f5c647

42 B
940 B

62ms
62ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a33c06f97d45d1c43678cb1170f5c647

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0f925046b.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1OKLg9TdRWU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a33c06f97d45d1c43678cb1170f5c647
cache-control: no-cache
x-server: 10.40.14.180
content-length: 0
expires: 0

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-
dpm.demdex.net/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

42 B
940 B

63ms
63ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-063f932c0.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9G8E/R1nRPA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.566254,VS0,VE0
x-cache: HIT
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=Y7FC5AAAALGzawN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

/
rtd-tm.everesttech.net/migrate_et3/ Frame 7158
Redirect Chain

https://rtd.tubemogul.com/migrate_et3/
https://rtd-tm.everesttech.net/migrate_et3/

0
58 B

61ms
61ms

Image
text/plain

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtd-tm.everesttech.net/migrate_et3/
Protocol: H2
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672561383.687007,VS0,VE28
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-served-by: cache-mia11359-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.652139,VS0,VE0
x-cache: HIT
location: https://rtd-tm.everesttech.net/migrate_et3/
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTdGQzVBQUFBTEd6YXdOLQ==

170 B
188 B

204ms
77ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTdGQzVBQUFBTEd6YXdOLQ==

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.758945,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTdGQzVBQUFBTEd6YXdOLQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y7FC5AAAALGzawN-&expires=90

42 B
752 B

603ms
64ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y7FC5AAAALGzawN-&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 382e2818ca015d35b02cd449aa60881d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.860844,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y7FC5AAAALGzawN-&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN-
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN-&C=1

43 B
766 B

65ms
65ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN-&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y7FC5AAAALGzawN-&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y7FC5AAAALGzawN-

43 B
1 KB

74ms
73ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y7FC5AAAALGzawN-

Protocol

HTTP/1.1

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:03 GMT
AN-X-Request-Uuid: 63726638-b14d-4d99-b0e2-b6dd5767dea3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 38.132.118.71; 38.132.118.71; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.074781,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y7FC5AAAALGzawN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y7FC5AAAALGzawN-
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y7FC5AAAALGzawN-

43 B
61 B

88ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y7FC5AAAALGzawN-
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y7FC5AAAALGzawN-
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7FC5AAAALGzawN-

1 B
450 B

180ms
57ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7FC5AAAALGzawN-
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 01 Jan 2023 08:23:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.277476,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7FC5AAAALGzawN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

partner
sync.search.spotxchange.com/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1&__user_check__=1&sync_id=82d799de-89ad-11ed-8a04-1b8585150103

43 B
419 B

66ms
65ms

Image
image/gif

192.35.249.137
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1&__user_check__=1&sync_id=82d799de-89ad-11ed-8a04-1b8585150103
Protocol: H2
Server: 192.35.249.137 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:23:03 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 256
content-length: 43

Redirect headers

date: Sun, 01 Jan 2023 08:23:03 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: /partner?adv_id=6409&uid=Y7FC5AAAALGzawN-&img=1&__user_check__=1&sync_id=82d799de-89ad-11ed-8a04-1b8585150103
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 540
content-length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 7158
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y7FC5AAAALGzawN-&t=2592000&o=0

43 B
71 B

152ms
82ms

Image
image/gif

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y7FC5AAAALGzawN-&t=2592000&o=0

Protocol

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 00:23:03 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: Bwu5va9IhP6El/u8QCNm5bp4++yTtEyDqifDntUew/mJg/ffVIueeBeU09SULrYjNdeo4Ll6uMMUKgACMzB9TQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Sun, 01 Jan 2023 00:23:03 PST

Redirect headers

x-served-by: cache-mia11374-MIA
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672561383.485293,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y7FC5AAAALGzawN-&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 7158 43 B
378 B 158ms
65ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 32
pragma: no-cache
date: Sun, 01 Jan 2023 08:23:03 GMT
via: 1.1 varnish
x-served-by: cache-mia11340-MIA
server: nginx
x-timer: S1672561384.685592,VS0,VE32
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7158
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=q3LHAW1RQ9iavsqGeVbJ9A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=02582319366975169313197907280371022789

43 B
479 B

65ms
65ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=02582319366975169313197907280371022789

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Jan 2023 08:23:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 43KSRCX5953CKEP82FST
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-2-v044-0476d7f41.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Scm8GbB9SOY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=02582319366975169313197907280371022789
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=390122&dpuuid=jWCIg3BSQrB86xWNfMVdFiaEdkc
dpm.demdex.net/ Frame 7158
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adobe
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=jWCIg3BSQrB86xWNfMVdFiaEdkc

42 B
940 B

64ms
64ms

Image
image/gif

3.226.229.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=390122&dpuuid=jWCIg3BSQrB86xWNfMVdFiaEdkc

Protocol

HTTP/1.1

Server

3.226.229.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-229-46.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mscom.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0145e4383.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: amqmHqPQT7g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=390122&dpuuid=jWCIg3BSQrB86xWNfMVdFiaEdkc
Date: Sun, 01 Jan 2023 08:23:04 GMT
Connection: keep-alive
Content-Length: 100
Content-Type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: AEMDC Value: eastus2
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 10:45:37	Name: akacd_OneRF Value: 1680337376~rv=92~id=e69fc7f62c442b27bc7f466edc687044
.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: SHN-VH-session Value: cb538dd2-9103-4c62-9051-beeaed6fa8a5\|1672563177828
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 17:21:37	Name: MicrosoftApplicationsTelemetryDeviceId Value: d54c636f-4982-4ec4-907d-d41a76b2f3ae
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 08:36:03	Name: ai_session Value: Qqm8hYjpj+AK8Xvw/WKaQX\|1672561378325\|1672561378325
.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 17:21:37	Name: MUID Value: 97be05dd360849cf99b57d71c5312b67
.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: fptctx2 Value: H3ihr9e92IdW6yd1ZgQ9S0kvtvZRuOxcpRCTIW%252fmvgxWa6Xkol8FwucPzYl8al50J0qSf57jqUTVcSeQxDLY%252bgZjUebx8jJT%252f1thTww9yDEEYDLtz2%252feeWSLws4Up%252fNYYeAXYWjZVZxdc%252buu6dqkjmYH0L%252fzDVwM6sD%252byYhuS0opJJxMzutfZsYtPnqB6fbOvRN25JQL2IKER%252fyckRIJ2yDeLFaJoYmBoLhxXmVUvltRD0f8HIOSY5sWNaUqAYf6RCZf61HcQL9RmPy11yvMqdrUJH8O7HnEMn8RcfboHXXB5U0j%252f9As5a7RQycOWjy6Bpa6cOMaQXT6Sj5XwwpYQw%253d%253d
.myshn.net/	1970-01-20 08:37:27	Name: MSCC Value: NR
.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 08:36:08	Name: ak_bmsc Value: AA170387A41748C653B477A65E604674~000000000000000000000000000000~YAAQnE/eFyI3XxaFAQAAe0htbBKyCXUsTPw+4bnk/JljcE+cWetowZa90o2ggjZ2pD6WciTavIcRJ30AtyIUUtlhxDe4EDXB9oj0f7NltmU8fqtzFlq8j5SMwsALO4jDXcoXKbUDEIMMiyOLIhNP0RPn/c/XBCb0GoQ2jboQARoJC+vTVkmo863/SnIJsepi9NGtd4JVVIJQ1723uJG/39O6IojPVlZCNEyuCklHanzXCBWZl8FSELIZj4U5AvVS/BxKmjidcjuYuITsb0Thloz5u/q98BE/zfdi5EWJ0lFb5j9CXVbqcrJALHu6txI5yIJu4k/+/MqJ9yHQhdO8oXCDrxAmIQjRmcRwLFRfqXWXqNnFcDP6wdM8Tm+nJw==
.myshn.net/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 12:55:13	Name: demdex Value: 02582319366975169313197907280371022789
.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg Value: 1
.login.live.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: uaid Value: d04e694561314e2921e1af9d865b5132
.login.live.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1672561379&co=1
.myshn.net/	1969-12-31 23:59:59	Name: IR_gbd Value: myshn.net
.myshn.net/	1969-12-31 23:59:59	Name: IR_7593 Value: 1672561379935%7C0%7C1672561379935%7C%7C
.linkedin.com/	1970-01-20 10:45:37	Name: li_sugr Value: ecdde1cb-c535-427c-bf82-c91581db722c
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:21:37	Name: bcookie Value: "v=2&631b4598-9f1e-455b-8690-3e74ed3116e6"
.linkedin.com/	1970-01-20 08:37:27	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2775:u=1:x=1:i=1672561379:t=1672647779:v=2:sig=AQGo6mebUfXMOWJz9y7T15IUnBw8Kx7w"
.tiktok.com/	1970-01-20 17:57:37	Name: _ttp Value: 2JiWRzpo2KRP4otQNXhNKG94I1N
.bing.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 17:57:37	Name: MUID Value: 05118AE3ECFF6B7E1E52986FEDED6A19
bat.bing.com.office.poctest.blueoriginpoc.myshn.net/	1969-12-31 23:59:59	Name: Priority Value: High
.bat.bing.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 08:46:06	Name: MR Value: 0
.myshn.net/	1970-01-20 08:37:27	Name: _uetsid Value: 80ba742089ad11eda199d7dacc2360ce
.myshn.net/	1970-01-20 17:57:37	Name: _uetvid Value: 80baa59089ad11edbc6a87451fcefb40
.everesttech.net/	1970-01-20 17:21:37	Name: everest_g_v2 Value: g_surferid~Y7FC5AAAALGzawN-
.linkedin.com/	1970-01-20 09:19:13	Name: UserMatchHistory Value: AQJoyrYU7joAzAAAAYVsbUrShJgKWGkIn4JCn1utjyIGDHNf6z7vLhfY_N2JPlQpPdW4SIIOdoKa0g
.linkedin.com/	1970-01-20 09:19:13	Name: AnalyticsSyncHistory Value: AQKCsblPoB3RiQAAAYVsbUrSL-5_r5EYyuk468G2f4l4ZDCPvb_JP4CGGDdqn2lPDnRbioymLv2hK6-Xu7Delg
.dpm.demdex.net/	1970-01-20 12:55:13	Name: dpm Value: 02582319366975169313197907280371022789
.microsoft.com.office.poctest.blueoriginpoc.myshn.net/	1970-01-20 18:05:51	Name: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19359%7CMCMID%7C02300552371791243643225985990487544522%7CMCAAMLH-1673166179%7C7%7CMCAAMB-1673166179%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1672568580s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19366%7CvVersion%7C4.4.0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 17:21:37	Name: bscookie Value: "v=1&202301010823004ad35e8c-bb3d-41e1-8d9c-e71f34bf4796AQHdlnuCgM8lcMj30BQ01Z4gMf3B_uS7"
.myshn.net/	1970-01-20 17:57:37	Name: _tt_enable_cookie Value: 1
www.clarity.ms/	1970-01-20 17:21:37	Name: CLID Value: 39566d256d304d2c95e383d03db07984.20230101.20240101
.myshn.net/	1970-01-20 17:57:37	Name: _ttp Value: esI82mF2w3o7msxNE6Xa_NVn8O1
.mathtag.com/	1970-01-20 18:01:56	Name: uuid Value: d46863b1-42e4-4f00-baec-cc509e289364
.myshn.net/	1970-01-20 17:21:37	Name: _clck Value: 1twyl77\|1\|f7w\|0
.myshn.net/	1970-01-20 18:05:48	Name: mbox Value: session#b0113ecac2104a0fb7a37d1016001378#1672563240\|PC#b0113ecac2104a0fb7a37d1016001378.34_0#1706748079
.adnxs.com/	1970-01-20 10:45:37	Name: uuid2 Value: 7037110854060084727
.rlcdn.com/	1970-01-20 17:21:37	Name: rlas3 Value: J4mWDJZBc03OsYGsltlG9QFWXXjpgtUhwUGlLeYlfPc=
.bing.com/	1970-01-20 17:57:37	Name: MUID Value: 0F6B28C127DF63F90F573A4D26AE62EB
.c.bing.com/	1970-01-20 08:46:06	Name: MR Value: 0
.c.bing.com/	1970-01-20 17:57:37	Name: SRM_B Value: 0F6B28C127DF63F90F573A4D26AE62EB
.rlcdn.com/	1970-01-20 10:02:25	Name: pxrc Value: COSFxZ0GEgUI6AcQABIGCPHrARAA
.myshn.net/	1970-01-20 08:37:27	Name: _clsk Value: 1lnenx3\|1672561380750\|1\|0\|k.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:57:37	Name: MUID Value: 0F6B28C127DF63F90F573A4D26AE62EB
.c.clarity.ms/	1970-01-20 08:46:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 08:36:01	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-20 18:12:01	Name: IDE Value: AHWqTUn25XbYYCK83lNKeu7JGDRnYtTuRxw6mNGxlGZGYYZ7j59cYoG6Vx_PoiSJBu8
.media6degrees.com/	1970-01-20 12:55:13	Name: clid Value: 2rnssmd01170a80ac11jme5a0000000101010101101
.media6degrees.com/	1970-01-20 12:55:13	Name: acs Value: 012020k1rnssmdxzt10
.twitter.com/	1970-01-20 18:12:01	Name: personalization_id Value: "v1_f44X9rO6wGxRPJvVJtWkzQ=="
.rfihub.com/	1970-01-20 17:57:37	Name: eud Value: H4sIAAAAAAAA_1vFxGtoZm5kamZobGFoZGwIABsxePAQAAAA
.rfihub.com/	1970-01-20 17:57:37	Name: rud Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzI2NzAyN7c0MjGxFOIz1C0Lyy0t9c6JdIxMCwAAa6dWHSQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzI2NzAyN7c0MjGxFOIz1C0Lyy0t9c6JdIxMCwAAa6dWHSQAAAA
.adsrvr.org/	1970-01-20 17:21:37	Name: TDID Value: 007323d3-8b18-4640-a8a6-fc24415b389e
.adsrvr.org/	1970-01-20 17:21:37	Name: TDCPM Value: CAESEgoDYWFtEgsI-rmg4O32tTsQBRgFIAEoAjILCNis1IyE97U7EAU4AQ..
.quantserve.com/	1970-01-20 10:45:37	Name: d Value: ELQBDAH5J7mvYA
.quantserve.com/	1970-01-20 18:06:15	Name: mc Value: 63b142e5-6b120-055d9-bdea4
.flashtalking.com/	1970-01-20 18:12:01	Name: flashtalkingad1 Value: "GUID=5479107FBD7E94"
.tribalfusion.com/	1970-01-20 10:45:37	Name: ANON_ID Value: aVnr6ipyXagbqiVREF6N64RlvyB8H341dJqGN0Jd16Tu9nv9cjfTUXqNUES7cfPWrfeZdBI97
.yahoo.com/	1970-01-20 17:21:58	Name: A3 Value: d=AQABBOVCsWMCEKPepPdL96uCyLgBJ4hVPq0FEgEBAQGUsmO7YwAAAAAA_eMAAA&S=AQAAAsfYRtDlYEjROjnNKdJYY4U
.owneriq.net/	1970-01-20 18:12:01	Name: si Value: Q7258477811886955612
.owneriq.net/	1970-01-20 08:50:25	Name: p2 Value: adpq
.postrelease.com/	1970-01-20 17:21:37	Name: visitor Value: bf2f84bd-7e6d-4835-a930-1d51954bddd8
.postrelease.com/	1970-01-20 17:21:37	Name: status Value: 1
.reson8.com/	1970-01-20 17:21:37	Name: RCID2 Value: 3C8E2C349C2BEDE678A65DCF62FBB606
.bttrack.com/	1970-01-20 10:45:37	Name: GLOBALID Value: 2uKlc8-sIBd987FnX3vCm5iFfo8CJyv4C3U45XSwJUMOR0ZocPfE0Xu1mx3U5vVTI2r2f2XoxJQC4TM1
.3lift.com/	1970-01-20 10:45:37	Name: tluid Value: 4663278335337858257483
.adentifi.com/	1970-01-20 18:12:01	Name: adtheorent[cuid] Value: cuid_822f9f61-89ad-11ed-92c1-120817463c8f
.crwdcntrl.net/	1970-01-20 15:04:48	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 15:04:48	Name: _cc_id Value: a33c06f97d45d1c43678cb1170f5c647
.adnxs.com/	1970-01-20 10:45:37	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?(b8)Ci!1yIE`_bm.dc%TM/sSj^p'x?l#Cz9VQ@35y!rg+6hAR5M$`nLw0pgROacuWO=t1tj](HstR!wA?%q)3RY.rKK
.openx.net/	1970-01-20 17:21:37	Name: i Value: aa3a08a3-ce00-4f47-ba9c-894ada9ebeb7\|1672561383
.casalemedia.com/	1970-01-20 17:21:37	Name: CMID Value: Y7FC5yrqLbRc4mD1tknrxwAA
.casalemedia.com/	1970-01-20 10:45:37	Name: CMPS Value: 1252
.casalemedia.com/	1970-01-20 10:45:37	Name: CMPRO Value: 1252
.pubmatic.com/	1970-01-20 10:45:37	Name: KRTBCOOKIE_218 Value: 4056-Y7FC5AAAALGzawN-&KRTB&22978-Y7FC5AAAALGzawN-&KRTB&23194-Y7FC5AAAALGzawN-&KRTB&23209-Y7FC5AAAALGzawN-
.pubmatic.com/	1970-01-20 09:19:13	Name: PugT Value: 1672561383
.rubiconproject.com/	1970-01-20 17:21:37	Name: khaos Value: LCD3V314-Q-D8KY
.rubiconproject.com/	1970-01-20 17:21:37	Name: audit Value: 1\|fSerdFMupEUtfrQxlkmpTvYTLLNAD1V2/DVXu1kJowA8fCYmOTvXg8Vkb400YaYMZ2oTjKzfC4Zw0S94mtzOH8KpNY8iiICuy2N1KCI2/Mq5v7qerxd/K7yi/UwXPSb1J+oOecvcOtgtEmqSeSDxemm1SoXrMY+RsqlSNZOaaDQ=
.spotxchange.com/	1970-01-20 09:16:20	Name: audience Value: 82d79986-89ad-11ed-8a04-1b8585150103
.demdex.net/	1970-01-20 12:55:13	Name: dextp Value: 269-1-1672561380200\|358-1-1672561380345\|477-1-1672561380508\|771-1-1672561380631\|782-1-1672561380738\|992-1-1672561380845\|1123-1-1672561380949\|1121-1-1672561381053\|903-1-1672561381157\|1175-1-1672561381267\|1957-1-1672561381387\|3047-1-1672561381489\|22054-1-1672561381594\|30646-1-1672561381697\|53196-1-1672561381801\|38117-1-1672561381906\|57282-1-1672561382009\|49276-1-1672561382113\|72352-1-1672561382217\|81309-1-1672561382321\|121998-1-1672561382425\|144228-1-1672561382529\|144229-1-1672561382633\|144230-1-1672561382739\|144231-1-1672561382841\|144232-1-1672561382946\|144233-1-1672561383049\|144234-1-1672561383153\|144235-1-1672561383258\|144236-1-1672561383361\|144237-1-1672561383465\|147592-1-1672561383573\|139200-1-1672561383677\|390122-1-1672561383781
sync.srv.stackadapt.com/	1970-01-20 17:21:37	Name: sa-user-id Value: s%3A0-8d608883-7052-42b0-7ceb-158d7cc55d16.77fW%2ByHNfiCBgmNCbmWZtKsl9eUpOfyEw5rJakj0tbc
.srv.stackadapt.com/	1970-01-20 17:21:37	Name: sa-user-id-v2 Value: s%3AjWCIg3BSQrB86xWNfMVdFiaEdkc.YfKy7llQLjWAKx6lfYNo4JVybb2VtEp5qAK%2F1yP8q5s
.amazon-adsystem.com/	1970-01-20 15:09:08	Name: ad-id Value: A_ABsTMUdEd6kCpvrL79B9I
.amazon-adsystem.com/	1970-01-20 18:12:01	Name: ad-privacy Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Message: Failed to load resource: the server responded with a status of 403 (No events are from an allowed domain.)
network	error	URL: https://mem.gfx.ms/me/mecache?partner=mshomepage&wreply=https%3A%2F%2Fwww.microsoft.com.office.poctest.blueoriginpoc.myshn.net%2Fen-us%2F Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Message: Failed to load resource: the server responded with a status of 403 (No events are from an allowed domain.)
network	error	URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 Message: Failed to load resource: the server responded with a status of 403 (No events are from an allowed domain.)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
analytics.tiktok.com
analytics.twitter.com
ats.everesttech.net
bat.bing.com.office.poctest.blueoriginpoc.myshn.net
browser.events.data.microsoft.com
bttrack.com
c.bing.com
c.clarity.ms
c.s-microsoft.com
cdn-dynmedia-1.microsoft.com.office.poctest.blueoriginpoc.myshn.net
cdnssl.clicktale.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
d.impactradius-event.com
dc.ads.linkedin.com
dmpsync.3lift.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
fpt.microsoft.com.office.poctest.blueoriginpoc.myshn.net
fpt2.microsoft.com.office.poctest.blueoriginpoc.myshn.net
googleads.g.doubleclick.net
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
img-prod-cms-rt-microsoft-com.akamaized.net
jadserve.postrelease.com
js.monitor.azure.com
k.clarity.ms
login.live.com.office.poctest.blueoriginpoc.myshn.net
logincdn.msauth.net.office.poctest.blueoriginpoc.myshn.net
match.adsrvr.org
mem.gfx.ms
microsoft.com.office.poctest.blueoriginpoc.myshn.net
mscom.demdex.net
msftenterprise.sc.omtrdc.net
p.rfihub.com
pixel.rubiconproject.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
rtb.adentifi.com
rtd-tm.everesttech.net
rtd.tubemogul.com
s.amazon-adsystem.com
s.tribalfusion.com
servedby.flashtalking.com
statics-marketingsites-eus-ms-com.akamaized.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
target.microsoft.com.office.poctest.blueoriginpoc.myshn.net
trc.taboola.com
us-u.openx.net
via.placeholder.com
wcpstatic.microsoft.com.office.poctest.blueoriginpoc.myshn.net
www.clarity.ms
www.facebook.com
www.google.com
www.linkedin.com
www.microsoft.com.office.poctest.blueoriginpoc.myshn.net
104.18.8.110
104.244.42.3
13.107.237.40
13.107.42.14
142.251.40.194
151.101.130.49
151.101.194.49
192.132.33.46
192.35.249.137
192.40.39.223
199.38.167.130
20.110.81.91
20.44.10.122
20.96.88.162
216.200.232.253
23.200.3.25
23.219.95.182
23.23.215.102
23.23.40.21
23.36.1.16
2600:1400:d:594::356e
2600:1400:d::17db:5d11
2600:9000:23ca:6200:c:7c62:1240:93a1
2606:4700:3035::6815:2127
2606:4700::6812:17ea
2606:4700::6812:19ad
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81c::2004
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:4e:1::40
2620:1ec:c11::200
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::300
3.226.229.46
34.193.14.46
35.186.249.72
35.190.60.146
35.244.159.8
35.71.131.137
35.71.139.29
44.210.217.65
52.46.130.91
54.226.139.207
54.227.74.209
54.235.82.200
54.243.131.162
54.85.128.169
63.140.38.104
68.67.179.166
69.173.151.100
76.13.32.147
8.28.7.83
96.6.31.207
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
06ca1fdd7823716444e36b7f1a43eb32aa76179ec0592542eab5bc9ad1ae11ee
0776a8d556c597b202331e992bdabe65be587f468595214c7eaac639736687f1
080ea6ddcf2661a39bd01791928461ba12ca1b0f7508791e4ef80a62405f4365
09013e113c9b9329fb10385dc2bad7cbf8d3d0ba288d322fb56da3bb43ec4184
0a3cd31a85d5a252d532bba8d547aaf6187ccb465b7357b3b1f6e00ac62ad847
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dd3b4adb91490146dba6d38710e3ef2ffcffc9049bd992409644334db385c8f
0fe31dc85bbc0cc8d5509e81691e22af1a6ff6d6297e2c66591caf31b37fb5ae
10bca8c892dc4dabeb614788a7e14e43d1eeb9914633469da43b759efc71a703
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1b353005f5b7942f4d04892b17e9dbe7559d1b9897f4a29c9ce64619039b6f2d
1cc1a53e8d33934dca7d5c5c7b8b86bf2f0a696270c8120bd03dda9b1db668a6
1d88db365470e68343381017a1d4174070e7c87871e222d636c28c5bc34fa8c7
1e125b50fd47e81bef7de6b75fa53321ab7744254e7bc90f7b0cf220c4401748
1ec8d6f3feba3f0c273f67ef954a3bdad2e5919994d56ad8bccf7ad5e15307a3
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
21d44fa63ad828d6b46608dc300e7955a09cbff9084510fa622887d0b9cb6892
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
26537fa05c06cfa66db7b266041e87fc0d71180492da577fcc84193fe988d318
2770b88156f09f73d0db0433b58e07b218a3904a195923492c77d265372edc3f
2fdca28abc02613c6fb27cdd4b6781f2ba5301cec06524d76ab9ee5ee9083c3a
3095cb457866110870497897636885da352d558c58525449a1216111a866bf7f
31964343541ff587ccc71f4f1747b2aaaa07941566961b0dfdfcc39aa708310f
3418e8af69ef657855141e8618c27888a71fa0d623cfb5d847516a1cb91da1da
389377dda2f9b7a9ef203764c0e8d2a7b22f02158e98f90a74d4bae3c52cd9d3
3c908314988bfecb4c01fde8689a60969a9943dba02733b912962cc021e5b08e
4057cd9eeec4d4c2ea93581d87c6919ed498f8e26a4e8a0f6fba99e8b46aea01
4138cee0dc9879fa5cf0e2bae14be75ec3affbbcf11c95735e870ffd0642d145
42653ece52356e7a2e9c90f1febc81671d0ffdbc9e4e848ed770cdccd104c770
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e64c9f69599bfb76fcea59ecb564d5f6c25bee4fa0a09a815a033890374142
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
582f97b3f8df55d6de0ed904b36299684c92e613512b72060cf67fc0273ebbbd
624ec25c76efe3f19162a9696c9cbeb1d66417a76bcedb9f621948a9409c63d9
63a8fe97d81d026fc046c5d3fddd8dab1d85cfd7e524c9f0173cf91327d96234
6620f2de5b537e943731bc098d7db22d450c538c7d494bfc613c0b17c13848c8
6743d8c1034db24089b572e1af976462fce8ab6bcc29b655375a6a42ec4cad91
69af3327a413449ec6b32c4c7dc3ed8dfd2d4118c9c5f209fd380af9d0a0c77a
6b55626cad4ee8862ad2573221bb994343dc79c3b7472ec4d33fc1f82b3330e2
6d4e2a663cf792486908a639bb7d5af1a6c664289039d7040a5a8326c12e27a0
6e196bcf2063fd5e67784100cc78932054b99c2ad6a829fa1cdd8beb2d8133f6
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
740c4a4051ece66927a66587ea88f4bdba013758321fa6074e50189b10dc2dc8
748e32c09b98cdc3030e8fce9ce803679b23c0d81546027bc82a1e9f3a9d5f4c
749eb6c06fd1b0a377f718800f79a49a04b7ad6a2d39943bc1702759bc634ff2
753789b72c5d2e49135f24c09140643d2cabbaf1add9c4a2a1f47337b4d28de6
798b370bfb4caf2fab6e01414cbd518a84102101ec8b5f42bebb62a03d2c02c5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
83af1e385fb14102655f33cc258ac7ef1e939a537d22d25dc0ad802f8b5d83b9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac92f485bb461233eb5246121d586ec352b91f52773142647e26b29ff9ce953
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1e64b01e6cedbe068f09b2ed91df0fbea823c248ec854deb2d3422e6fc1184
9d497882d9669c6a952c31eec8ee2d173814492563a9f91d8bfe80ebbfd828a2
9f5bc4dee21e7edf0f634b2fc53eb7853b9b8443506d1fa007d3b72ddf3c63b7
a35c07af4cf51ab56eb3c3dfa7f1377be8172360dcd6a616f90db41071c86624
a77f52bafc2e925e79f9fa182352484e573b4eb4656c9a46d7c071c400e2e7c7
abe2fc15c881faf11bf727beab4e3a788d288ed400da4f0e51c2362155207e02
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15b9a6145a05bcf001bafa4c2eddf77f3601625a78ad6b85adc8bfe852995f1
b51b9243527353696243a6ea257f09eb367bd9ae2e5f913adca8a7caf3a1668b
b5fc8192fc9b0a599a0648e3d67c7257a8975954279f79481d94fab78bddb6e7
b61ce1c86cbbca4c05a1cd3d6768b540dd7296d9516dab691b3b6cc113080ac3
bcabe44a7797883fd909b8d723ae3c02dde4b22c9389ec56177d8654fab574ad
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5
c3acfc73f546ddf268439695f0e554bf5f2242dd2a723b06bad53da8925b17f6
c4abe7d416d41c766d9f68fba4b7d71fadc34da5429a9cbb5fb8e37699e4f043
c7ff31cad30713623fac4cba88bef7375246f8118b7a5fdd8e50ff3e611e9837
ca033a1ae17ddc8cf0ad0dde3aec8157fbfd4a3305d233bd9cb7d560524bc034
cdcd8bfdb379c1c242be59c5817f6a376f6b0d444a74fe92fab8e9ccfc0ae2c8
ce8a46da21479c8a3ab03ef9526e66a6b011ceb5cd373c48a9dfd755f7e758af
cf469f5d35c6b4fc5e7401cfdb21c25f22a6a6345abff761a53b290e3c017fa6
d2f4b85b7f0f668a5127c43b8dd3e08b8959c4436def2f00a62619fb0f887679
d6e8dec9c8136c314474c34a90fd2ac4f7bdeeedb67f0fc68bbc44df77ba9a9e
d6fc58ed12db572e8abf53dbe893f255cc0cdaed200f4ffca52a5c2938edd7d6
d76d1ac714b8979dc902ef8f6b3de25fc320b974816b7d592caa7496cc98e5d5
d7d6d06624d4bdf6935b848df342ce322d02b58d12bf12149df92d557e5e9bc4
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
daf7759fedd9af6c4d7e374b0d056547ae7cb245ec24a1c4acf02932f30dc536
dcd2828e7633dfd37bab156fd11ee51028301fdd595a816667fc10b7d8e751f6
dff412eec93dee7bdc7863c6d08cdadf8b7acd8ff06c587e619b3380292999b3
e1ea548bdfc92ed0f4efdce97119b5bcbe91acea94d5a1636475c2315b92a5de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1e5b8018fdc583b77fba8bd14a54b2885f1cfe12110ceaf4bad8b2bef5ff8
f1d53a884e2fd5e0730d082e026844a7ccdb5748f1aacede6424fd33206c1638
f343d652b1484f6d901474a52613dd7186ff89a513056a15de649f06bbd96124
f7b0bb971c5e8e4cd2aa3d77cc5f9b24e6b74d6e4837dfdc5ee8658ce7a47b30
f8ff71be5a86f13df49880578eaf9cd200edb4cd259fc63bbc7094e6fbc8b7d5
f96518df2d7e3a0df1a4e76d17b0005bf5f170073b432f271072e193acd7124d
fa3fa94c28f7a07e20c72a3b180abb2acecf50053271d57647dfc17906d2f838
fd34a6261aa2ba4b1b371bd2cd91146e77bdbadf10f3950f53f79fe22b28eea1
fe0db16494f87dc9d27022905b95d08bdeac77645807a40a843783ff4d1f15bf

www.microsoft.com.office.poctest.blueoriginpoc.myshn.net Open in urlscan Pro 54.243.131.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

75 %HTTPS

26 %IPv6

46 Domains

67 Subdomains

34 IPs

3 Countries

1383 kBTransfer

4140 kBSize

89 Cookies

41 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.microsoft.com.office.poctest.blueoriginpoc.myshn.net Open in urlscan Pro
54.243.131.162 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

75 %
HTTPS

26 %
IPv6

46
Domains

67
Subdomains

34
IPs

3
Countries

1383 kB
Transfer

4140 kB
Size

89
Cookies

142 HTTP transactions
1 data transactions