www.microsoft.com Open in urlscan Pro
2a02:26f0:10e:3b1::356e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.engage.windows.com/?qs=9ef15da4a4a4f731ed00c786828624dc2e45a0cb1e649b4501b83f8f181ae615d0ea05e3f691764b997144d6273f...
Effective URL:
https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIF...
Submission: On September 16 via api (September 16th 2022, 8:28:18 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 41 HTTP transactions. The main IP is 2a02:26f0:10e:3b1::356e, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 277.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on July 8th 2022. Valid for: a year.

This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.92 13.111.45.92	22606 (EXACT-7) (EXACT-7)
1 1	2a02:26f0:ea:... 2a02:26f0:ea:2a4::2c1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a02:26f0:10e... 2a02:26f0:10e:3b1::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a02:26f0:11a... 2a02:26f0:11a::6867:4859	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:ea:... 2a02:26f0:ea:280::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	23.96.225.71 23.96.225.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.3 20.190.159.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	20.189.173.7 20.189.173.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.229.221.185 192.229.221.185	15133 (EDGECAST) (EDGECAST)
41	9

1 13.111.45.92 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.engage.windows.com

click.engage.windows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:2a4::2c1a (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

go.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:10e:3b1::356e (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wcpstatic.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:11a::6867:4859 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ea:280::356e (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.96.225.71 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.189.173.7 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.185 (United States)

ASN15133 (EDGECAST, US)

logincdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	microsoft.com 1 redirects go.microsoft.com — Cisco Umbrella Rank: 255 www.microsoft.com — Cisco Umbrella Rank: 277 wcpstatic.microsoft.com — Cisco Umbrella Rank: 4870 web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1559 browser.events.data.microsoft.com — Cisco Umbrella Rank: 242	371 KB
7	akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1239	2 MB
4	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 3044	63 KB
2	s-microsoft.com c.s-microsoft.com — Cisco Umbrella Rank: 9404	63 KB
1	msauth.net logincdn.msauth.net — Cisco Umbrella Rank: 1753	6 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2377	29 KB
1	live.com login.live.com — Cisco Umbrella Rank: 81	6 KB
1	windows.com 1 redirects click.engage.windows.com — Cisco Umbrella Rank: 386661	234 B
41	8

	Domain	Requested by
11	www.microsoft.com	www.microsoft.com
7	web.vortex.data.microsoft.com	www.microsoft.com mem.gfx.ms
7	img-prod-cms-rt-microsoft-com.akamaized.net	www.microsoft.com
6	browser.events.data.microsoft.com	www.microsoft.com
4	mem.gfx.ms	www.microsoft.com mem.gfx.ms
2	c.s-microsoft.com	www.microsoft.com
1	logincdn.msauth.net	login.live.com
1	js.monitor.azure.com	mem.gfx.ms
1	login.live.com	mem.gfx.ms
1	wcpstatic.microsoft.com	www.microsoft.com
1	go.microsoft.com	1 redirects
1	click.engage.windows.com	1 redirects
41	12

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
aka.ms
rewards.microsoft.com
www.xbox.com
support.microsoft.com
onedrive.live.com
outlook.live.com
www.skype.com
www.onenote.com
dynamics.microsoft.com
powerplatform.microsoft.com
azure.microsoft.com
developer.microsoft.com
docs.microsoft.com
techcommunity.microsoft.com
azuremarketplace.microsoft.com
appsource.microsoft.com
visualstudio.microsoft.com
www.spotify.com
account.microsoft.com
education.microsoft.com
careers.microsoft.com
news.microsoft.com
privacy.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
www.microsoft.com Microsoft RSA TLS CA 01	`2022-07-08` - `2023-07-08`	a year	crt.sh
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-03-10`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2022-08-23` - `2023-08-18`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.vortex.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-07-08` - `2023-07-03`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06	`2022-06-26` - `2023-06-21`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Frame ID: B500E3F6761C37ADA365C4100C380B3E
Requests: 36 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=d522f064-b506-40d1-15f1-85943a936d36&partnerId=msrewards
Frame ID: F14F70137867EBAA6391FE652285120E
Requests: 2 HTTP requests in this frame

Frame: https://www.microsoft.com/store/buy/cartcount
Frame ID: A53BEF7634368383ACDADA410587F4AC
Requests: 1 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=msrewards&wreply=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Frewards%2Fspotify-premium-offer%3Fform%3DMD19WW%26OCID%3DMD19WW%26PUBL%3DWINNEWL%26PROGRAMNAME%3DMULTISPOTIFYPREMIUMACQ202208%26CREA%3DMD19WW%26rtc%3D1
Frame ID: 764A8A823BE2D60BC28CC185649D9EE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get 3 months of Spotify Premium for free with Microsoft Rewards

Page URL History Show full URLs

https://click.engage.windows.com/?qs=9ef15da4a4a4f731ed00c786828624dc2e45a0cb1e649b4501b83f8f181ae615d0ea05e3... HTTP 302
https://go.microsoft.com/fwlink/?LinkId=2206167&clcid=0x409 HTTP 302
https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PRO... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

2471 kB
Transfer

3969 kB
Size

8
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://aka.ms/3rdpartycookies
Title: Third-Party Cookies

Search URL Search Domain Scan URL

URL: https://rewards.microsoft.com/redeem/all
Title: Redeem

Search URL Search Domain Scan URL

URL: https://www.xbox.com/
Title: Xbox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://onedrive.live.com/about/en-us/
Title: OneDrive

Search URL Search Domain Scan URL

URL: https://outlook.live.com/owa/
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.skype.com/en/
Title: Skype

Search URL Search Domain Scan URL

URL: https://www.onenote.com/
Title: OneNote

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/games/store/xbox-game-pass-ultimate/cfq7ttc0khs0?icid=CNavAllXboxGamePassUltimate
Title: Xbox Game Pass Ultimate

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/games/store/pc-game-pass/cfq7ttc0kgq8?icid=CNavAllPCGamePass
Title: PC Game Pass

Search URL Search Domain Scan URL

URL: https://dynamics.microsoft.com/en-us/
Title: Dynamics 365

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com/en-us/
Title: Microsoft Power Platform

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/
Title: Azure

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/learn/
Title: Microsoft Learn

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com/en-us/
Title: Azure Marketplace

Search URL Search Domain Scan URL

URL: https://appsource.microsoft.com/en-us/
Title: AppSource

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://rewards.microsoft.com/signup?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&returnURL=https:%2f%2frewards.microsoft.com%2fredeem%2f000800000123&rtc=1
Title: Join now

Search URL Search Domain Scan URL

URL: https://rewards.microsoft.com/?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&CREA=MD19WW&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&rtc=1
Title: Already a member?

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=530144
Title: Terms

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy

Search URL Search Domain Scan URL

URL: http://www.spotify.com/us/legal/premium-promotional-offer-terms/
Title: Spotify terms

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://education.microsoft.com/
Title: Educator training and development

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/free/students/
Title: Azure for students

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/contactus
Title: Contact Microsoft

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196228
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196227
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.engage.windows.com/?qs=9ef15da4a4a4f731ed00c786828624dc2e45a0cb1e649b4501b83f8f181ae615d0ea05e3f691764b997144d6273f32b06fd2425a7a5dbac32a2fcf2c312d27b9 HTTP 302
https://go.microsoft.com/fwlink/?LinkId=2206167&clcid=0x409 HTTP 302
https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request spotify-premium-offer Show response
www.microsoft.com/en-us/rewards/
Redirect Chain

https://click.engage.windows.com/?qs=9ef15da4a4a4f731ed00c786828624dc2e45a0cb1e649b4501b83f8f181ae615d0ea05e3f691764b997144d6273f32b06fd2425a7a5dbac32a2fcf2c312d27b9
https://go.microsoft.com/fwlink/?LinkId=2206167&clcid=0x409
https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

180 KB
42 KB

318ms
148ms

Document
text/html

2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

603386a27dc0f35ece09431ec78bc12b16ee4e4f0947f8321882432fcf4d32fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control: no-cache, no-store, no-transform
content-encoding: gzip
content-length: 42095
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 20:28:12 GMT
expires: -1
ms-cv: PttTx32xrEiEDA7c.0
ms-operation-id: ca611ebd25d7cc4d9ecce73a5acd88ca
p3p: CP="CAO CONi OTR OUR DEM ONL"
pragma: no-cache
strict-transport-security: max-age=31536000
tls_version: tls1.3
vary: Accept-Encoding
x-activity-id: c89938cc-03e0-4922-b825-652ed5a336b6
x-appversion: 1.0.8276.37632
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-rtag: RT
x-ua-compatible: IE=Edge;chrome=1
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 16 Sep 2022 20:28:12 GMT
Expires: Fri, 16 Sep 2022 20:28:12 GMT
Location: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Pragma: no-cache
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
Server: Kestrel
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Response-Cache-Status: True

GET
H2 200 mwfmdl2-v3.54.woff2
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 22 KB
23 KB 224ms
222ms Font
application/font-woff2 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: e49e1bd018b42b458b403d24dcedadb7
date: Fri, 16 Sep 2022 20:28:12 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 8e4cdbf1-7e63-400f-97a9-f8a4f946e008
tls_version: tls1.3
ms-cv: JUTecvQp0k6Tsa4k.0
content-length: 22904
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Apr 2022 11:19:06 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=17851854
x-appversion: 1.0.8125.42964
expires: Tue, 11 Apr 2023 11:19:06 GMT

GET
H2 200 skiptomain
www.microsoft.com/mwf/css/MWF_20220321_46795984/west-european/default/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyp... 472 KB
47 KB 165ms
164ms Stylesheet
text/css 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/css/MWF_20220321_46795984/west-european/default/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyph/heading/hero/heroitem/highlightfeature/hyperlinkgroup/image/list/pagebehaviors/skiptomain?apiVersion=1.0&include_base=true

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40b98fbbf27089efd01a47fb567d07c1882bf79d939c3134befb20fcf4d80f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: c2f8a0df5579764a9ef9bccc53a410be
date: Fri, 16 Sep 2022 20:28:12 GMT
content-encoding: gzip
vary: Accept-Encoding
x-rtag: RT
x-s2: 2022-08-22T18:50:07
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 0c030248-4e76-4606-8a49-f6fc5275f975
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: Q5ISB7VdIUSePHSD.0
content-length: 47132
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Aug 2022 18:50:05 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-22T05:16:44.0000000Z}
x-s1: 2022-08-22T18:50:07
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=29370113
timing-allow-origin: *
x-appversion: 1.0.8237.38302
expires: Tue, 22 Aug 2023 18:50:05 GMT

GET
H2 200 ef-a24652
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/rewards/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/1a-bb39e7/2e-714819/d7-be137e/3f-e00611/78-a68b8a/5d-033865... 105 KB
15 KB 197ms
195ms Stylesheet
text/css 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/rewards/_scrf/css/themes=default.device=uplevel_web_pc_webkit_chrome/1a-bb39e7/2e-714819/d7-be137e/3f-e00611/78-a68b8a/5d-033865/fa-384a85/ef-a24652?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

277dc9f7b822394dc81bd3d6d2e3e82e751c08ed7f769e9be4c5837b9aec4664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: 0a1fcac89b463245b534df85ac72f77d
date: Fri, 16 Sep 2022 20:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2022-09-08T01:57:47
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 651431d2-fe60-49e3-9ab1-bcbb3fadb6eb
tls_version: tls1.3
x-s1: 2022-09-08T01:57:47
ms-cv: JApNE+2SR0mB0LKQ.0
vary: Accept-Encoding
content-length: 15083
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Sep 2022 01:57:47 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30778227
timing-allow-origin: *
x-appversion: 1.0.8276.37632
expires: Fri, 08 Sep 2023 01:58:39 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/ 87 KB
31 KB 117ms
116ms Script
application/javascript 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/dfa0b592/coreui.statics/externalscripts/jquery/jquery-3.5.1.min.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: ce6caf8ce7383a4b850eaacdbce7a6f6
date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 0faf20db-f5bc-4603-b8dd-500320d76ccf
tls_version: tls1.3
ms-cv: Zq5qScCGoEKe7DyM.0
vary: Accept-Encoding
content-length: 30958
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Apr 2022 03:43:37 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=17824524
x-appversion: 1.0.8125.42964
expires: Tue, 11 Apr 2023 03:43:37 GMT

GET
H2 200 wcp-consent.js Show response
wcpstatic.microsoft.com/mscc/lib/v2/ 273 KB
80 KB 181ms
23ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:28:12 GMT
content-encoding: gzip
vary: Accept-Encoding
content-md5: X1JOIM5h9UISVFS6+GfEew==
age: 33313
x-cache: CONFIG_NOCACHE
content-length: 81726
x-ms-lease-status: unlocked
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
etag: 0x8DA85F6EA62BF74
x-azure-ref: 0XNwkYwAAAAAvSnGENws4SLuNMcYgeA59RlJBMzFFREdFMDkxMwAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dc4daed9-501e-004a-6bbd-c9ea77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 9f-763b80 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/44-f01b50/e1-aed392/3d-e6d518/79-851f4c/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/d1-98d78a/a0-23c4ba/a7-f7a340/... 112 KB
30 KB 231ms
230ms Script
text/javascript 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/44-f01b50/e1-aed392/3d-e6d518/79-851f4c/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/2b-3c7e83/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9/9f-763b80?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a630000dd9825e75797cbb4dbbdc47569d3350193c3e223ae63cc069485192ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: 043ad21418ab9341922a29256962c6b7
date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2022-07-15T09:50:33
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 94074e21-a6f0-4c2f-9605-2815c5f63c58
tls_version: tls1.3
x-s1: 2022-07-15T09:50:33
ms-cv: IJGlWuCGF0qsMrMF.0
vary: Accept-Encoding
content-length: 30124
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jul 2022 09:50:33 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-08T02:50:46.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=26054539
timing-allow-origin: *
x-appversion: 1.0.8223.33923
expires: Sat, 15 Jul 2023 09:50:32 GMT

GET
H2 200 88-66515a Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/1a-fac869/ 1 KB
1 KB 290ms
289ms Script
text/javascript 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/1a-fac869/88-66515a?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ea628bc161c4892d1aa9fbb5b9b60840d4ccfc4d7c3294964ea09a4a39747138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: 5924dc953a87d749a855a6070c83e6dc
date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2022-09-07T20:29:09
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 53072a68-8253-4829-a1c5-d6b61a37a1ed
tls_version: tls1.3
x-s1: 2022-09-07T20:29:09
ms-cv: KdUzKnED3E6heURv.0
vary: Accept-Encoding
content-length: 526
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Sep 2022 20:29:09 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-30T04:54:24.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30758501
timing-allow-origin: *
x-appversion: 1.0.8276.37632
expires: Thu, 07 Sep 2023 20:29:54 GMT

GET
H2 200 15-eecef2 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/ 206 KB
68 KB 290ms
290ms Script
text/javascript 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/15-eecef2?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3788eb50eff15055a5324cb750142185b94d0e560646e358b29a00513776671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: b7cd2d4e9be373449eda17031e33fb6a
date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2022-09-07T20:29:00
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 2c1b87f2-68d9-4c75-87bf-20e8fc85adc5
tls_version: tls1.3
x-s1: 2022-09-07T20:29:00
ms-cv: 3C7eMo4arkiyAa6X.0
vary: Accept-Encoding
content-length: 68840
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Sep 2022 20:29:00 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-08-17T07:25:18.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30758415
timing-allow-origin: *
x-appversion: 1.0.8263.42159
expires: Thu, 07 Sep 2023 20:28:28 GMT

GET
H2 200 skiptomain Show response
www.microsoft.com/mwf/js/MWF_20220321_46795984/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyph/heading/hero/heroitem... 101 KB
26 KB 345ms
345ms Script
application/javascript 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/js/MWF_20220321_46795984/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyph/heading/hero/heroitem/highlightfeature/hyperlinkgroup/image/list/pagebehaviors/skiptomain?apiVersion=1.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cb38e8ac7ef1e54c97d506c98c6db071546f50d058ff5f67f0c853d4a9dd2343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: 2a98319cbb736344867efb173e0cd161
date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: gzip
vary: Accept-Encoding
x-rtag: RT
x-s2: 2022-08-23T03:19:36
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 8eac57e6-1068-4a7e-ac21-36dc0b87cd46
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: gPul4EYWE0av7lCz.0
content-length: 25484
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Aug 2022 03:19:35 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-22T05:16:44.0000000Z}
x-s1: 2022-08-23T03:19:36
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=29400681
timing-allow-origin: *
x-appversion: 1.0.8237.38302
expires: Wed, 23 Aug 2023 03:19:34 GMT

GET
H2 200 meversion Show response
mem.gfx.ms/ 29 KB
10 KB 77ms
22ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=MSRewards&market=en-us&uhf=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b824373f9f531112b2b5b60d2e1b109182f2b4e235d23bb53f1acd1ba3a0393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0v1MkYwAAAADACgPrJPs8R40gTXtVVRvPRlJBMjMxMDUwNDE4MDMxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Fri, 16 Sep 2022 20:28:12 GMT
x-azure-ref: 0XdwkYwAAAAAMdmGZ7gdZTKCro78Fl3Y6RlJBMzFFREdFMDMxMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Fri, 16 Sep 2022 22:11:11 GMT

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 116ms
30ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:28:13 GMT
last-modified: Mon, 12 Sep 2022 23:43:23 GMT
x-datacenter: northeu
x-source-length: 4054
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=98124
x-activityid: 5ca5e80a-72e0-4c01-adda-bd2598c146e8
x-resizerversion: 1.0
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length: 4054
expires: Sat, 17 Sep 2022 23:43:37 GMT

GET
H2 200 RE53oyx
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 975 KB
977 KB 136ms
51ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53oyx?ver=8850&q=0&m=6&h=600&w=1600&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 48434040fcdabf7e95dda03be5c6c550f2ad928d7f87bc9c620ea5266c3c0eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
x-check-cacheable: YES
x-serial: 1600
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=299483
last-modified: Thu, 15 Sep 2022 07:41:05 GMT
content-length: 998113
server: Akamai Image Manager
expires: Tue, 20 Sep 2022 07:39:36 GMT

GET
H2 200 1x1clear.gif
www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/ 43 B
612 B 139ms
138ms Image
image/gif 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/_h/9be151e5/coreui.statics/images/1x1clear.gif

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

ms-operation-id: 0612533146af4f44a21edf53a3951991
date: Fri, 16 Sep 2022 20:28:13 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 48de1dd3-eb7f-4aea-9729-1307924fdf5e
tls_version: tls1.3
ms-cv: PEDCugLlBUij7ecO.0
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Apr 2022 02:36:00 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=17820467
x-appversion: 1.0.8125.42964
expires: Tue, 11 Apr 2023 02:36:00 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 29 KB
30 KB 171ms
36ms Font
font/woff2 2a02:26f0:ea:280::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20220321_46795984/west-european/default/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyph/heading/hero/heroitem/highlightfeature/hyperlinkgroup/image/list/pagebehaviors/skiptomain?apiVersion=1.0&include_base=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:280::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
last-modified: Fri, 10 Jan 2020 19:09:42 GMT
etag: "83cce83e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=82116
accept-ranges: bytes
content-length: 30132
expires: Sat, 17 Sep 2022 19:16:49 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 203ms
75ms Font
font/woff2 2a02:26f0:ea:280::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/mwf/css/MWF_20220321_46795984/west-european/default/alert/areaheading/autosuggest/backtotop/banner/contentplacement/contentplacementitem/contentrichblock/feature/featuregroup/glyph/heading/hero/heroitem/highlightfeature/hyperlinkgroup/image/list/pagebehaviors/skiptomain?apiVersion=1.0&include_base=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:280::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=457499
accept-ranges: bytes
content-length: 34052
expires: Thu, 22 Sep 2022 03:33:12 GMT

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/ 177 KB
33 KB 65ms
24ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSRewards&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

716a6777b928b70ff02141994cc4821244d4acb4e969c8d58b3c83d59c96cc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 29 Aug 2022 21:27:20 GMT
x-azure-ref-originshield: 04MYkYwAAAADxsgTfhneBS4Pa2luO9jcGRlJBMjMxMDUwNDE4MDQ1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag: "1d8bc28cb1d0675"
x-azure-ref: 0XdwkYwAAAACUHOav8n9WQ5pOUBXr4Yw3RlJBMzFFREdFMDMxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 16 Sep 2022 20:28:12 GMT
x-ua-compatible: IE=edge

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 545ms
127ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-09-16T20%3A28%3A13.223Z%27&appId=%27JS%3AMeControl%27&cV=%27MN49zTc4qUlXFHw4.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=279&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%270e78d8ca-2efb-41bf-8fc2-0639e965bbc1%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A397.6000003814697%2C%22perfDuration%22%3A278.5%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msrewards%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msrewards%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Frewards%2Fspotify-premium-offer%3Fform%3D**%26OCID%3D**%26PUBL%3D**%26PROGRAMNAME%3D**%26CREA%3D**%26rtc%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:28:12 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: wiqeYiHf+02Eij7yKOPo8Q.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 RE54BRm
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 9 KB
9 KB 51ms
50ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE54BRm?ver=55d6&q=90&m=6&h=204&w=363&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d5397973cd5d4d63924780d3453dc8fb01f90a2cebf1b09f5a883b4f7e61bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
x-check-cacheable: YES
x-serial: 1571
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=301505
last-modified: Thu, 15 Sep 2022 08:12:14 GMT
content-length: 9180
server: Akamai Image Manager
expires: Tue, 20 Sep 2022 08:13:18 GMT

GET
H2 200 RE53maK
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 24 KB
24 KB 52ms
52ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53maK?ver=a38e&q=90&m=6&h=291&w=517&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: febd972fa72291b1c34d8a5d1a189f616bbe4b69ec4eeba36daf9b83744fda34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
last-modified: Thu, 15 Sep 2022 07:30:58 GMT
server: Akamai Image Manager
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=299041
content-length: 24094
expires: Tue, 20 Sep 2022 07:32:14 GMT

GET
H2 200 RE53oyj
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 24 KB
24 KB 53ms
53ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53oyj?ver=314b&q=90&m=6&h=291&w=517&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 383d44adc9bba536a2ce514a5ed2c083e693b009833436254f822db70e41f984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
x-check-cacheable: YES
x-serial: 877
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=281987
last-modified: Thu, 15 Sep 2022 02:47:30 GMT
content-length: 24719
server: Akamai Image Manager
expires: Tue, 20 Sep 2022 02:48:00 GMT

GET
H2 200 RE53oyn
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 25 KB
25 KB 51ms
50ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53oyn?ver=c22f&q=90&m=6&h=291&w=517&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e68bd3949b43dc13227ee7310f55d84d87c650c92a917808acb54c189a19517d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
x-check-cacheable: YES
x-serial: 258
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=103684
last-modified: Tue, 13 Sep 2022 01:17:00 GMT
content-length: 25375
server: Akamai Image Manager
expires: Sun, 18 Sep 2022 01:16:17 GMT

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 506ms
126ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-09-16T20%3A28%3A13.316Z%27&appId=%27JS%3AMeControl%27&cV=%27MN49zTc4qUlXFHw4.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=85&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%270e78d8ca-2efb-41bf-8fc2-0639e965bbc1%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A89.19999885559082%2C%22perfDuration%22%3A84.5%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msrewards%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msrewards%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Frewards%2Fspotify-premium-offer%3Fform%3D**%26OCID%3D**%26PUBL%3D**%26PROGRAMNAME%3D**%26CREA%3D**%26rtc%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:28:13 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: 1/h8iIAoRUS2lyl3TeN59w.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 502ms
127ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-09-16T20%3A28%3A13.321Z%27&appId=%27JS%3AMeControl%27&cV=%27MN49zTc4qUlXFHw4.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msrewards%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=97.5&*details=%27loadV1%27

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:28:13 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: mbBqq5GD4EK/EuohaCqZBQ.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 506ms
125ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-09-16T20%3A28%3A13.336Z%27&appId=%27JS%3AMeControl%27&cV=%27MN49zTc4qUlXFHw4.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msrewards%27&*controlVersion=%2710.22228.4%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=111.70000076293945&*details=%27Web%20header%27

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:28:13 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: 9dGZ2aZIlUaOurKzu94fYA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 RE53maH
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 866 KB
868 KB 50ms
50ms Image
image/png 2a02:26f0:11a::6867:4859
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE53maH?ver=9ba5&q=60&m=6&h=600&w=1600&b=%23FFFFFFFF&l=f&o=t&aim=true
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4859 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cad2d06b1ddc43878cb35f7f6565f2a740952d4d21d34de40fee79def281bde4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
last-modified: Thu, 15 Sep 2022 08:15:50 GMT
server: Akamai Image Manager
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=301743
content-length: 886835
expires: Tue, 20 Sep 2022 08:17:16 GMT

GET
H/1.1 200
OK me.srf Show response
login.live.com/ Frame F14F 12 KB
6 KB 2368ms
2163ms Document
text/html 20.190.159.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=d522f064-b506-40d1-15f1-85943a936d36&partnerId=msrewards

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.159.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba0a5d202e59e9cb1d04885cf69d2fcbd197fdd422df139742c661fd7e1f6200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 4857
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 20:28:13 GMT
Expires: Fri, 16 Sep 2022 20:27:14 GMT
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02PF3733CDCE9 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-XSS-Protection: 1; mode=block
x-ms-request-id: 35fe5430-64f1-4a8b-997b-62c4f4048e03
x-ms-route-info: R3_BL2

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/ 100 KB
16 KB 23ms
21ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSRewards&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a727ef0bf0d95b1313f862599ed70d595b9a70f4f2b1c1dbaa56f2f5f543838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 29 Aug 2022 21:27:26 GMT
x-azure-ref-originshield: 0ZookYwAAAAAicjovIcVxQbknt1oEQC0mRlJBMjMxMDUwNDE3MDMxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag: "1d8bc28ceb2c507"
x-azure-ref: 0XdwkYwAAAACnEtiNDnrnRLciedJKetCPRlJBMzFFREdFMDMxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 16 Sep 2022 20:28:13 GMT
x-ua-compatible: IE=edge

GET
H2 200 cartcount Show response
www.microsoft.com/store/buy/ Frame A53B 1 KB
1 KB 64ms
64ms Document
text/html 2a02:26f0:10e:3b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/store/buy/cartcount

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/44-f01b50/e1-aed392/3d-e6d518/79-851f4c/e6-6b0cce/38-612ec2/ed-0fe1b2/8f-f92bc5/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/2b-3c7e83/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9/9f-763b80?ver=2.0&_cf=02242021_3231

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:3b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

68d929a10c3cd609b936b50a541533994b044b38558a33530ff45d1b420cc07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/rewards/spotify-premium-offer?form=MD19WW&OCID=MD19WW&PUBL=WINNEWL&PROGRAMNAME=MULTISPOTIFYPREMIUMACQ202208&CREA=MD19WW&rtc=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
cache-control: max-age=72090
content-encoding: gzip
content-length: 489
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 20:28:13 GMT
expires: Sat, 17 Sep 2022 16:29:43 GMT
ms-cv: LMPdFY0hHUSAwcqr.0
ms-operation-id: fa54bca38719014fa214085fbce37522
p3p: CP="CAO CONi OTR OUR DEM ONL"
pragma: no-cache
strict-transport-security: max-age=31536000
tls_version: tls1.3
vary: Accept-Encoding
x-activity-id: b874b115-7625-4d7c-9d26-511bf0c1af1e
x-appversion: 1.0.8261.38029
x-az: {did:9a8cd53207774949b337f7edab013e9f, rid: 10, sn: storeexp-neu-prod, dt: 2022-08-27T21:49:18.6038204Z, bt: 2022-08-14T21:07:38.0000000Z}
x-content-type-options: nosniff
x-rtag: Str
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
392 B 128ms
127ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-09-16T20%3A28%3A13.902Z%27&appId=%27JS%3AMeControl%27&cV=%27MN49zTc4qUlXFHw4.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=25&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22228.4%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%270e78d8ca-2efb-41bf-8fc2-0639e965bbc1%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A50.60000038146973%2C%22perfDuration%22%3A24.599998474121094%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msrewards%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22228.4%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msrewards%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22authAppUpsellUrl%22%3A%22%22%2C%22cache%22%3Atrue%2C%22cacheRetention%22%3A%7B%22picRetention%22%3A604800000%2C%22authAppRetention%22%3A94670856000%7D%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Frewards%2Fspotify-premium-offer%3Fform%3D**%26OCID%3D**%26PUBL%3D**%26PROGRAMNAME%3D**%26CREA%3D**%26rtc%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:28:13 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: mJUPozvh20uTGAcIOHdRXA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 ms.shared.analytics-3.1.11.gbl.min.js Show response
js.monitor.azure.com/scripts/c/ 80 KB
29 KB 198ms
22ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSRewards&market=en-us&uhf=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:28:13 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.1.11
last-modified: Wed, 02 Mar 2022 00:34:01 GMT
x-azure-ref-originshield: 0RUsiYwAAAABgx7Sybh5fQIkG44+CLP9bRlJBMjMxMDUwNDE3MDQ3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: DIZ9SGzozvDW8TjfsqXTcw==
etag: 0x8D9FBE45937B34A
x-azure-ref: 0XtwkYwAAAACDzkuZP284Tqd1/evtxt0bRlJBMzFFREdFMDMyMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 018446fd-f01e-0041-309d-c7b091000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable, no-transform
x-ms-version: 2009-09-19

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 127ms
127ms Ping
application/json 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meCore.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.microsoft.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 2670ms
171ms Preflight 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Fri, 16 Sep 2022 20:28:16 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
594 B 691ms
515ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/15-eecef2?ver=2.0&_cf=02242021_3231

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

867f9d2ca0b174282fc43e8ecb7df64044d317fc1f76bfdedae7c6afcbe42ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1663360094216
accept-language: de-DE,de;q=0.9
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: 9bd3f49038c84914b8106b783249aa47-a2db38b9-dee0-46c5-9573-0ef5fe4ae54b-7208
Referer: https://www.microsoft.com/
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 16 Sep 2022 20:28:17 GMT
time-delta-millis: 2939
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 153

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 200 B
640 B 909ms
345ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1663360096160&time-delta-to-apply-millis=use-collector-delta&w=0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/15-eecef2?ver=2.0&_cf=02242021_3231

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

52c12c7fb496839be0f311ff8c23ab5ec04e623eb78ab518fccf507aec39af97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.microsoft.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 16 Sep 2022 20:28:16 GMT
time-delta-millis: 651
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 200

GET
H2 200 MeControl_Y-iUdrBOJz49KZVkG49w1Q2.js Show response
logincdn.msauth.net/16.000/content/js/ Frame F14F 17 KB
6 KB 138ms
21ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msauth.net/16.000/content/js/MeControl_Y-iUdrBOJz49KZVkG49w1Q2.js
Requested by: Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=d522f064-b506-40d1-15f1-85943a936d36&partnerId=msrewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB9) /
Resource Hash: 9f15265fb0fb319ee1b818a66a40ad8128551eaf91fe8e70e13b51032d552a7f

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:28:16 GMT
content-encoding: gzip
content-md5: XOvjgamUXNTR6M2Gx8ha7g==
age: 154870
x-cache: HIT
content-length: 6043
x-ms-lease-status: unlocked
last-modified: Wed, 24 Aug 2022 15:50:24 GMT
server: ECAcc (frc/4CB9)
etag: 0x8DA85E85B8714BC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8c3c9dd2-501e-0089-19a2-c8ffe2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 mecache Show response
mem.gfx.ms/me/ Frame 764A 4 KB
4 KB 134ms
133ms Document
text/html 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/me/mecache?partner=msrewards&wreply=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Frewards%2Fspotify-premium-offer%3Fform%3DMD19WW%26OCID%3DMD19WW%26PUBL%3DWINNEWL%26PROGRAMNAME%3DMULTISPOTIFYPREMIUMACQ202208%26CREA%3DMD19WW%26rtc%3D1

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4d1c1c962e061990d6883ecc1102765fe590cd10c018f4d220da638a7de2c5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 3610
content-security-policy: frame-ancestors https://www.microsoft.com;
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 20:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 0YNwkYwAAAAA2r7c8OLMZR53pcSWUPlK0RlJBMzFFREdFMDMxMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref-originshield: 0YNwkYwAAAAAWd/yq00EFTqtr2ZNzozFdRlJBMjMxMDUwNDE3MDA5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache: PRIVATE_NOSTORE
x-content-type-options: nosniff
x-ua-compatible: IE=edge

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 125ms
124ms Ping
application/json 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22228.4/en-US/meCore.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.microsoft.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 172ms
172ms Preflight 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Fri, 16 Sep 2022 20:28:17 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
593 B 173ms
172ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/15-eecef2?ver=2.0&_cf=02242021_3231

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

ded3c4f37ffcf82f5a39d37526bf4ed4fab4145a462cc8f3df65d22e2920c482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1663360097588
accept-language: de-DE,de;q=0.9
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
time-delta-to-apply-millis: 2939
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: 9bd3f49038c84914b8106b783249aa47-a2db38b9-dee0-46c5-9573-0ef5fe4ae54b-7208
Referer: https://www.microsoft.com/
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 16 Sep 2022 20:28:17 GMT
time-delta-millis: 254
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 153

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 196 B
635 B 174ms
174ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/rewards/_scrf/js/themes=default/88-3d3ba4/15-eecef2?ver=2.0&_cf=02242021_3231

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

3d8121af0a4b05c7496d2975603f9ce2ba533e008c6eadf2947796816935cf25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.microsoft.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 16 Sep 2022 20:28:18 GMT
time-delta-millis: 82
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 196

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.microsoft.com/	1970-01-20 14:48:16	Name: MicrosoftApplicationsTelemetryDeviceId Value: a03053df-4eb7-43d6-92cc-bd511c84b7b5
www.microsoft.com/	1970-01-20 06:02:41	Name: ai_session Value: 4tfrrBXkMhGxyxgPzT76Mn\|1663360093205\|1663360093205
.microsoft.com/	1970-01-20 14:48:16	Name: MC1 Value: GUID=1864c81695f14c0bb5215de66c23533b&HASH=1864&LV=202209&V=4&LU=1663360093771
.microsoft.com/	1970-01-20 06:02:41	Name: MS0 Value: bada17f3c83b47b9850aa98474d6bb92
.microsoft.com/	1970-01-20 06:02:47	Name: ak_bmsc Value: 4ADFFEA091DF86A8681D7A9392BA3514~000000000000000000000000000000~YAAQZQoQAhgpjP+CAQAA5878RxGv+4p8/YtHj8SEVqZxCgTnrtj0+5W2svRCrSIWXRgjp4m03vfzwQ+fDREV9ZAk8VvS11qOdE931y2CZH89CZsPwLToYexkwWD3b9W29zrZRWxEXXpgGbtpxyIDPuHAvI/qlOGnkXRGazz3LP3Fn1yT0ieWeLLjRgc2oM3pDVffYJClqt+tf6R71hC+J29QUyBqLttclUgdGE6wLKCVxuTMnpHcJ2bnhThfRdmxSWZDScr/HnvawtYy5B1u61ACHcWP0qQAswZdw01VlUi6gkX5RyjaQHA3Uaq+FmUv647DGhNS7lDS8y0OndbquG1Ey8lba+pyTEbK6ZuqNapWDkRkfpQZK46/g2APoas32pePAVqgX8BpFBjJK9JIx6zD/9Hy3L8=
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: d522f064b50640d115f185943a936d36
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1663360094&co=1
www.microsoft.com/	1970-01-20 14:48:16	Name: MSFPC Value: GUID=1864c81695f14c0bb5215de66c23533b&HASH=1864&LV=202209&V=4&LU=1663360093771

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.s-microsoft.com
click.engage.windows.com
go.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
logincdn.msauth.net
mem.gfx.ms
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
13.111.45.92
192.229.221.185
20.189.173.7
20.190.159.3
23.96.225.71
2620:1ec:46::44
2a02:26f0:10e:3b1::356e
2a02:26f0:11a::6867:4859
2a02:26f0:ea:280::356e
2a02:26f0:ea:2a4::2c1a
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
277dc9f7b822394dc81bd3d6d2e3e82e751c08ed7f769e9be4c5837b9aec4664
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
383d44adc9bba536a2ce514a5ed2c083e693b009833436254f822db70e41f984
3d8121af0a4b05c7496d2975603f9ce2ba533e008c6eadf2947796816935cf25
40b98fbbf27089efd01a47fb567d07c1882bf79d939c3134befb20fcf4d80f58
48434040fcdabf7e95dda03be5c6c550f2ad928d7f87bc9c620ea5266c3c0eb4
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
52c12c7fb496839be0f311ff8c23ab5ec04e623eb78ab518fccf507aec39af97
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a
603386a27dc0f35ece09431ec78bc12b16ee4e4f0947f8321882432fcf4d32fb
68d929a10c3cd609b936b50a541533994b044b38558a33530ff45d1b420cc07e
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
716a6777b928b70ff02141994cc4821244d4acb4e969c8d58b3c83d59c96cc51
867f9d2ca0b174282fc43e8ecb7df64044d317fc1f76bfdedae7c6afcbe42ada
8a727ef0bf0d95b1313f862599ed70d595b9a70f4f2b1c1dbaa56f2f5f543838
9f15265fb0fb319ee1b818a66a40ad8128551eaf91fe8e70e13b51032d552a7f
a630000dd9825e75797cbb4dbbdc47569d3350193c3e223ae63cc069485192ee
b824373f9f531112b2b5b60d2e1b109182f2b4e235d23bb53f1acd1ba3a0393c
ba0a5d202e59e9cb1d04885cf69d2fcbd197fdd422df139742c661fd7e1f6200
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cad2d06b1ddc43878cb35f7f6565f2a740952d4d21d34de40fee79def281bde4
cb38e8ac7ef1e54c97d506c98c6db071546f50d058ff5f67f0c853d4a9dd2343
d5397973cd5d4d63924780d3453dc8fb01f90a2cebf1b09f5a883b4f7e61bb14
ded3c4f37ffcf82f5a39d37526bf4ed4fab4145a462cc8f3df65d22e2920c482
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
e3788eb50eff15055a5324cb750142185b94d0e560646e358b29a00513776671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68bd3949b43dc13227ee7310f55d84d87c650c92a917808acb54c189a19517d
ea628bc161c4892d1aa9fbb5b9b60840d4ccfc4d7c3294964ea09a4a39747138
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f4d1c1c962e061990d6883ecc1102765fe590cd10c018f4d220da638a7de2c5e
febd972fa72291b1c34d8a5d1a189f616bbe4b69ec4eeba36daf9b83744fda34

www.microsoft.com Open in urlscan Pro 2a02:26f0:10e:3b1::356e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

9 IPs

3 Countries

2471 kBTransfer

3969 kBSize

8 Cookies

40 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.microsoft.com Open in urlscan Pro
2a02:26f0:10e:3b1::356e Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

2471 kB
Transfer

3969 kB
Size

8
Cookies

41 HTTP transactions
1 data transactions