Starting with very first releases of Windows 10, Microsoft was often criticized by a huge number of users, and even by government agencies in certain countries like Netherlands for intensive data collection via the built-in diagnostics and telemetry services. In response, Microsoft has published the list of endpoints Windows 10 connects to after a clean install. Here are the endpoints for the recently released Windows 10 version 1809.
Having this list in their hands, experienced users and administrators may try to block them by configuring the network so connections to those endpoints can't be established. This method can have a negative effect, as it can break some online functionality of the OS if its backend shares a server with a blocked connection endpoint. Besides telemetry servers, Windows 10 connects to a large number of sites for various purposes, including OneDrive, and Outlook services, Microsoft Store, and Windows Update, and so on.
Microsoft has released details of which endpoints Windows 10 1809 connects to following a clean install. It is a huge list.
Windows 10 Family
| Destination | Protocol | Description |
|---|---|---|
| .aria.microsoft.com | HTTPS | Office Telemetry |
| .dl.delivery.mp.microsoft.com | HTTP | Enables connections to Windows Update. |
| .download.windowsupdate.com | HTTP | Used to download operating system patches and updates. |
| *.g.akamai.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. |
| .msn.com | TLSv1.2/HTTPS | Windows Spotlight related traffic |
| *.Skype.com | HTTP/HTTPS | Skype related traffic |
| .smartscreen.microsoft.com | HTTPS | Windows Defender Smartscreen related traffic |
| .telecommand.telemetry.microsoft.com | HTTPS | Used by Windows Error Reporting. |
| cdn.onenote.net | HTTP | OneNote related traffic |
| displaycatalog.mp.microsoft.com | HTTPS | Used to communicate with Microsoft Store. |
| emdl.ws.microsoft.com | HTTP | Windows Update related traffic |
| geo-prod.do.dsp.mp.microsoft.com | TLSv1.2/HTTPS | Enables connections to Windows Update. |
| hwcdn.net | HTTP | Used by the Highwinds Content Delivery Network to perform Windows updates. |
| img-prod-cms-rt-microsoft-com.akamaized.net | HTTPS | Used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). |
| maps.windows.com | HTTPS | Related to Maps application. |
| msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| nexusrules.officeapps.live.com | HTTPS | Office Telemetry |
| photos.microsoft.com | HTTPS | Photos App related traffic |
| prod.do.dsp.mp.microsoft.com | TLSv1.2/HTTPS | Used for Windows Update downloads of apps and OS updates. |
| wac.phicdn.net | HTTP | Windows Update related traffic |
| windowsupdate.com | HTTP | Windows Update related traffic |
| wns.windows.com | HTTPS, TLSv1.2 | Used for the Windows Push Notification Services (WNS). |
| wpc.v0cdn.net | Windows Telemetry related traffic | |
| auth.gfx.ms/16.000.27934.1/OldConvergedLogin_PCore.js | MSA related | |
| evoke-windowsservices-tas.msedge* | HTTPS | The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office Online. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them. |
| fe2.update.microsoft.com* | TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| fe3..mp.microsoft.com. | TLSv1.2/HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| fs.microsoft.com | Font Streaming (in ENT traffic) | |
| g.live.com* | HTTPS | Used by OneDrive |
| iriscoremetadataprod.blob.core.windows.net | HTTPS | Windows Telemetry |
| mscrl.micorosoft.com | Certificate Revocation List related traffic. | |
| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
| officeclient.microsoft.com | HTTPS | Office related traffic. |
| oneclient.sfx.ms* | HTTPS | Used by OneDrive for Business to download and verify app updates. |
| purchase.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. |
| query.prod.cms.rt.microsoft.com* | HTTPS | Used to retrieve Windows Spotlight metadata. |
| ris.api.iris.microsoft.com* | TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata. |
| ris-prod-atm.trafficmanager.net | HTTPS | Azure traffic manager |
| settings.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration. |
| settings-win.data.microsoft.com* | HTTPS | Used for Windows apps to dynamically update their configuration. |
| sls.update.microsoft.com* | TLSv1.2/HTTPS | Enables connections to Windows Update. |
| store*.dsx.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. |
| storecatalogrevocation.storequality.microsoft.com* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. |
| store-images.s-microsoft.com* | HTTP | Used to get images that are used for Microsoft Store suggestions. |
| tile-service.weather.microsoft.com* | HTTP | Used to download updates to the Weather app Live Tile. |
| tsfe.trafficshaping.dsp.mp.microsoft.com* | TLSv1.2 | Used for content regulation. |
| v10.events.data.microsoft.com | HTTPS | Diagnostic Data |
| wdcp.microsoft.* | TLSv1.2 | Used for Windows Defender when Cloud-based Protection is enabled. |
| wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com | HTTPS | Windows Defender related traffic. |
| www.bing.com* | HTTP | Used for updates for Cortana, apps, and Live Tiles. |
Windows 10 Pro
| Destination | Protocol | Description |
|---|---|---|
| *.e-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| *.g.akamaiedge.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. |
| *.s-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| .tlu.dl.delivery.mp.microsoft.com/ | HTTP | Enables connections to Windows Update. |
| *geo-prod.dodsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update. |
| arc.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. |
| au.download.windowsupdate.com/* | HTTP | Enables connections to Windows Update. |
| ctldl.windowsupdate.com/msdownload/update/* | HTTP | Used to download certificates that are publicly known to be fraudulent. |
| cy2.licensing.md.mp.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. |
| cy2.settings.data.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. |
| dm3p.wns.notify.windows.com.akadns.net | HTTPS | Used for the Windows Push Notification Services (WNS) |
| fe3.delivery.dsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| g.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. |
| ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. |
| location-inference-westus.cloudapp.net | HTTPS | Used for location data. |
| modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
| ris.api.iris.microsoft.com.akadns.net | HTTPS | Used to retrieve Windows Spotlight metadata. |
| tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. |
| tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. |
| vip5.afdorigin-prod-am02.afdogw.com | HTTPS | Used to serve office 365 experimentation traffic |
Windows 10 Education
| Destination | Protocol | Description |
|---|---|---|
| *.b.akamaiedge.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. |
| *.e-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| *.g.akamaiedge.net | HTTPS | Used to check for updates to maps that have been downloaded for offline use. |
| *.s-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. |
| *.telecommand.telemetry.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
| .tlu.dl.delivery.mp.microsoft.com | HTTP | Enables connections to Windows Update. |
| .windowsupdate.com | HTTP | Enables connections to Windows Update. |
| *geo-prod.do.dsp.mp.microsoft.com | HTTPS | Enables connections to Windows Update. |
| au.download.windowsupdate.com* | HTTP | Enables connections to Windows Update. |
| cdn.onenote.net/livetile/* | HTTPS | Used for OneNote Live Tile. |
| client-office365-tas.msedge.net/* | HTTPS | Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. |
| config.edge.skype.com/* | HTTPS | Used to retrieve Skype configuration values. |
| ctldl.windowsupdate.com/* | HTTP | Used to download certificates that are publicly known to be fraudulent. |
| cy2.displaycatalog.md.mp.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. |
| cy2.licensing.md.mp.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. |
| cy2.settings.data.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. |
| displaycatalog.mp.microsoft.com/* | HTTPS | Used to communicate with Microsoft Store. |
| download.windowsupdate.com/* | HTTPS | Enables connections to Windows Update. |
| emdl.ws.microsoft.com/* | HTTP | Used to download apps from the Microsoft Store. |
| fe2.update.microsoft.com/* | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| fe3.delivery.dsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| fe3.delivery.mp.microsoft.com/* | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. |
| g.live.com/odclientsettings/* | HTTPS | Used by OneDrive for Business to download and verify app updates. |
| g.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. |
| ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. |
| licensing.mp.microsoft.com/* | HTTPS | Used for online activation and some app licensing. |
| maps.windows.com/windows-app-web-link | HTTPS | Link to Maps application |
| modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. |
| ocos-office365-s2s.msedge.net/* | HTTPS | Used to connect to the Office 365 portal's shared infrastructure. |
| ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. |
| oneclient.sfx.ms/* | HTTPS | Used by OneDrive for Business to download and verify app updates. |
| settings-win.data.microsoft.com/settings/* | HTTPS | Used as a way for apps to dynamically update their configuration. |
| sls.update.microsoft.com/* | HTTPS | Enables connections to Windows Update. |
| storecatalogrevocation.storequality.microsoft.com/* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. |
| tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. |
| tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. |
| vip5.afdorigin-prod-ch02.afdogw.com | HTTPS | Used to serve office 365 experimentation traffic. |
| watson.telemetry.microsoft.com/Telemetry.Request | HTTPS | Used by Windows Error Reporting. |
| bing.com/* | HTTPS | Used for updates for Cortana, apps, and Live Tiles. |
On the official web site, you can find the information related to a number of previously released versions of Windows 10, including version 1803 and 1709. Check out the following links:
- Windows 10, version 1809, connection endpoints for non-Enterprise editions
- Windows 10, version 1803, connection endpoints for non-Enterprise editions
- Windows 10, version 1709, connection endpoints for non-Enterprise editions
Also, there are dedicated documents for Enterprise editions of the OS.
- Connection endpoints for Windows 10, version 1809
- Connection endpoints for Windows 10, version 1803
- Connection endpoints for Windows 10, version 1709
That's it
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Check out their so called methodology, instead of fetching these lists from source. As someone who monitors every traffic, I’m calling bs on these lists.
Thanks Sergey! Does winaero stop the above via disable telemetry setting?
it should.