Windows Logo Icon Winlogo Big 07

Websites Windows 10 Connects To After a Clean Install

Starting with very first releases of Windows 10, Microsoft was often criticized by a huge number of users, and even by government agencies in certain countries like Netherlands for intensive data collection via the built-in diagnostics and telemetry services. In response, Microsoft has published the list of endpoints Windows 10 connects to after a clean install. Here are the endpoints for the recently released Windows 10 version 1809.

Having this list in their hands, experienced users and administrators may try to block them by configuring the network so connections to those endpoints can't be established. This method can have a negative effect, as it can break some online functionality of the OS if its backend shares a server with a blocked connection endpoint. Besides telemetry servers, Windows 10 connects to a large number of sites for various purposes, including OneDrive, and Outlook services, Microsoft Store, and Windows Update, and so on.

Microsoft has released details of which endpoints Windows 10 1809 connects to following a clean install. It is a huge list.

Windows 10 Family

Destination Protocol Description
.aria.microsoft.com HTTPS Office Telemetry
.dl.delivery.mp.microsoft.com HTTP Enables connections to Windows Update.
.download.windowsupdate.com HTTP Used to download operating system patches and updates.
*.g.akamai.net HTTPS Used to check for updates to maps that have been downloaded for offline use.
.msn.com TLSv1.2/HTTPS Windows Spotlight related traffic
*.Skype.com HTTP/HTTPS Skype related traffic
.smartscreen.microsoft.com HTTPS Windows Defender Smartscreen related traffic
.telecommand.telemetry.microsoft.com HTTPS Used by Windows Error Reporting.
cdn.onenote.net HTTP OneNote related traffic
displaycatalog.mp.microsoft.com HTTPS Used to communicate with Microsoft Store.
emdl.ws.microsoft.com HTTP Windows Update related traffic
geo-prod.do.dsp.mp.microsoft.com TLSv1.2/HTTPS Enables connections to Windows Update.
hwcdn.net HTTP Used by the Highwinds Content Delivery Network to perform Windows updates.
img-prod-cms-rt-microsoft-com.akamaized.net HTTPS Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps).
maps.windows.com HTTPS Related to Maps application.
msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps.
nexusrules.officeapps.live.com HTTPS Office Telemetry
photos.microsoft.com HTTPS Photos App related traffic
prod.do.dsp.mp.microsoft.com TLSv1.2/HTTPS Used for Windows Update downloads of apps and OS updates.
wac.phicdn.net HTTP Windows Update related traffic
windowsupdate.com HTTP Windows Update related traffic
wns.windows.com HTTPS, TLSv1.2 Used for the Windows Push Notification Services (WNS).
wpc.v0cdn.net Windows Telemetry related traffic
auth.gfx.ms/16.000.27934.1/OldConvergedLogin_PCore.js MSA related
evoke-windowsservices-tas.msedge* HTTPS The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office Online. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.
fe2.update.microsoft.com* TLSv1.2/HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3..mp.microsoft.com. TLSv1.2/HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fs.microsoft.com Font Streaming (in ENT traffic)
g.live.com* HTTPS Used by OneDrive
iriscoremetadataprod.blob.core.windows.net HTTPS Windows Telemetry
mscrl.micorosoft.com Certificate Revocation List related traffic.
ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities.
officeclient.microsoft.com HTTPS Office related traffic.
oneclient.sfx.ms* HTTPS Used by OneDrive for Business to download and verify app updates.
purchase.mp.microsoft.com* HTTPS Used to communicate with Microsoft Store.
query.prod.cms.rt.microsoft.com* HTTPS Used to retrieve Windows Spotlight metadata.
ris.api.iris.microsoft.com* TLSv1.2/HTTPS Used to retrieve Windows Spotlight metadata.
ris-prod-atm.trafficmanager.net HTTPS Azure traffic manager
settings.data.microsoft.com* HTTPS Used for Windows apps to dynamically update their configuration.
settings-win.data.microsoft.com* HTTPS Used for Windows apps to dynamically update their configuration.
sls.update.microsoft.com* TLSv1.2/HTTPS Enables connections to Windows Update.
store*.dsx.mp.microsoft.com* HTTPS Used to communicate with Microsoft Store.
storecatalogrevocation.storequality.microsoft.com* HTTPS Used to revoke licenses for malicious apps on the Microsoft Store.
store-images.s-microsoft.com* HTTP Used to get images that are used for Microsoft Store suggestions.
tile-service.weather.microsoft.com* HTTP Used to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.com* TLSv1.2 Used for content regulation.
v10.events.data.microsoft.com HTTPS Diagnostic Data
wdcp.microsoft.* TLSv1.2 Used for Windows Defender when Cloud-based Protection is enabled.
wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com HTTPS Windows Defender related traffic.
www.bing.com* HTTP Used for updates for Cortana, apps, and Live Tiles.

Windows 10 Pro

Destination Protocol Description
*.e-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps.
*.g.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use.
*.s-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps.
.tlu.dl.delivery.mp.microsoft.com/ HTTP Enables connections to Windows Update.
*geo-prod.dodsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update.
arc.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata.
au.download.windowsupdate.com/* HTTP Enables connections to Windows Update.
ctldl.windowsupdate.com/msdownload/update/* HTTP Used to download certificates that are publicly known to be fraudulent.
cy2.licensing.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store.
cy2.settings.data.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store.
dm3p.wns.notify.windows.com.akadns.net HTTPS Used for the Windows Push Notification Services (WNS)
fe3.delivery.dsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
g.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata.
ipv4.login.msa.akadns6.net HTTPS Used for Microsoft accounts to sign in.
location-inference-westus.cloudapp.net HTTPS Used for location data.
modern.watson.data.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting.
ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities.
ris.api.iris.microsoft.com.akadns.net HTTPS Used to retrieve Windows Spotlight metadata.
tile-service.weather.microsoft.com/* HTTP Used to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.com HTTPS Used for content regulation.
vip5.afdorigin-prod-am02.afdogw.com HTTPS Used to serve office 365 experimentation traffic

Windows 10 Education

Destination Protocol Description
*.b.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use.
*.e-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps.
*.g.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use.
*.s-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps.
*.telecommand.telemetry.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting.
.tlu.dl.delivery.mp.microsoft.com HTTP Enables connections to Windows Update.
.windowsupdate.com HTTP Enables connections to Windows Update.
*geo-prod.do.dsp.mp.microsoft.com HTTPS Enables connections to Windows Update.
au.download.windowsupdate.com* HTTP Enables connections to Windows Update.
cdn.onenote.net/livetile/* HTTPS Used for OneNote Live Tile.
client-office365-tas.msedge.net/* HTTPS Used to connect to the Office 365 portal’s shared infrastructure, including Office Online.
config.edge.skype.com/* HTTPS Used to retrieve Skype configuration values.
ctldl.windowsupdate.com/* HTTP Used to download certificates that are publicly known to be fraudulent.
cy2.displaycatalog.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store.
cy2.licensing.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store.
cy2.settings.data.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store.
displaycatalog.mp.microsoft.com/* HTTPS Used to communicate with Microsoft Store.
download.windowsupdate.com/* HTTPS Enables connections to Windows Update.
emdl.ws.microsoft.com/* HTTP Used to download apps from the Microsoft Store.
fe2.update.microsoft.com/* HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.dsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
fe3.delivery.mp.microsoft.com/* HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store.
g.live.com/odclientsettings/* HTTPS Used by OneDrive for Business to download and verify app updates.
g.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata.
ipv4.login.msa.akadns6.net HTTPS Used for Microsoft accounts to sign in.
licensing.mp.microsoft.com/* HTTPS Used for online activation and some app licensing.
maps.windows.com/windows-app-web-link HTTPS Link to Maps application
modern.watson.data.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting.
ocos-office365-s2s.msedge.net/* HTTPS Used to connect to the Office 365 portal's shared infrastructure.
ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities.
oneclient.sfx.ms/* HTTPS Used by OneDrive for Business to download and verify app updates.
settings-win.data.microsoft.com/settings/* HTTPS Used as a way for apps to dynamically update their configuration.
sls.update.microsoft.com/* HTTPS Enables connections to Windows Update.
storecatalogrevocation.storequality.microsoft.com/* HTTPS Used to revoke licenses for malicious apps on the Microsoft Store.
tile-service.weather.microsoft.com/* HTTP Used to download updates to the Weather app Live Tile.
tsfe.trafficshaping.dsp.mp.microsoft.com HTTPS Used for content regulation.
vip5.afdorigin-prod-ch02.afdogw.com HTTPS Used to serve office 365 experimentation traffic.
watson.telemetry.microsoft.com/Telemetry.Request HTTPS Used by Windows Error Reporting.
bing.com/* HTTPS Used for updates for Cortana, apps, and Live Tiles.

On the official web site, you can find the information related to a number of previously released versions of Windows 10, including version 1803 and 1709. Check out the following links:

Also, there are dedicated documents for Enterprise editions of the OS.

That's it

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

3 thoughts on “Websites Windows 10 Connects To After a Clean Install

  1. Cor

    Check out their so called methodology, instead of fetching these lists from source. As someone who monitors every traffic, I’m calling bs on these lists.

    Reply

Leave a Reply

Your email address will not be published.