urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
131.253.33.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?o...
Effective URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?o...
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 6 countries across 30 domains to perform 315 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1164.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 131.253.33.203 8075 (MICROSOFT...)
67 104.104.52.11 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2a00:1288:80:... 203220 (YAHOO-DEB)
5 204.79.197.203 8068 (MICROSOFT...)
41 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 32 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 13.32.121.72 16509 (AMAZON-02)
11 20.50.73.9 8075 (MICROSOFT...)
1 152.195.51.15 15133 (EDGECAST)
1 212.82.100.182 34010 (YAHOO-IRD)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
39 151.101.65.44 54113 (FASTLY)
1 3 34.233.224.198 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
3 18.156.0.31 16509 (AMAZON-02)
1 1 40.126.31.69 8075 (MICROSOFT...)
3 2620:1ec:bdf::45 8068 (MICROSOFT...)
5 52.211.200.66 16509 (AMAZON-02)
2 35.157.246.167 16509 (AMAZON-02)
2 18.214.246.74 14618 (AMAZON-AES)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
5 40.77.226.250 8075 (MICROSOFT...)
2 52.29.133.154 16509 (AMAZON-02)
2 2 142.250.186.102 15169 (GOOGLE)
1 52.29.167.104 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 141.226.228.48 200478 (TABOOLA-AS)
3 9 2.18.234.233 ()
1 2 185.86.137.113 ()
4 2001:4de0:ac1... ()
2 142.250.185.194 ()
1 209.54.180.144 ()
315 42
30    131.253.33.203 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net
www.msn.com
srtb.msn.com
67    104.104.52.11 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-11.deploy.static.akamaitechnologies.com
assets.msn.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
8    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
jill.fc.yahoo.com
jac.yahoosandbox.com
26.at.atwola.com
5    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
api.msn.com
41    2a02:26f0:3500:7::17d8:4dd2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.msn.com
32    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
www.bing.com
2    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
11    20.50.73.9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.msn.com
1    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
39    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
am-api.taboola.com
images.archive-digger.com
15.taboola.com
imprammp.taboola.com
wf.taboola.com
3    34.233.224.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-224-198.compute-1.amazonaws.com
www138.civicscience.com
www.civicscience.com
1    2600:9000:223f:5200:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
1    40.126.31.69 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
3    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
5    52.211.200.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
api.viglink.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
2    18.214.246.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-246-74.compute-1.amazonaws.com
www.civicscience.com
4    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
cdn.js7k.com
5    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
2    52.29.133.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-133-154.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.yahoo.com
prod-m-node-3113.ssp.advertising.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
1    52.29.167.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
d.agkn.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
9    2.18.234.233 (None, )

ASN- ()
ads.stickyadstv.com
2    185.86.137.113 (None, )

ASN- ()
www8.smartadserver.com
4    2001:4de0:ac19::1:b:3a (None, )

ASN- ()
cdn.stickyadstv.com
2    142.250.185.194 (None, )

ASN- ()
cm.g.doubleclick.net
1    209.54.180.144 (None, )

ASN- ()
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
115 msn.com
www.msn.com — Cisco Umbrella Rank: 1164
assets.msn.com — Cisco Umbrella Rank: 182
api.msn.com — Cisco Umbrella Rank: 113
c.msn.com — Cisco Umbrella Rank: 552
browser.events.data.msn.com — Cisco Umbrella Rank: 829
srtb.msn.com — Cisco Umbrella Rank: 787
2 MB
41 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 362
130 KB
32 bing.com
c.bing.com — Cisco Umbrella Rank: 234
www.bing.com — Cisco Umbrella Rank: 93
573 KB
28 taboola.com
vidstat.taboola.com — Cisco Umbrella Rank: 1976
am-api.taboola.com — Cisco Umbrella Rank: 15440
15.taboola.com — Cisco Umbrella Rank: 1961
imprammp.taboola.com — Cisco Umbrella Rank: 11958
am-match.taboola.com — Cisco Umbrella Rank: 12336
wf.taboola.com — Cisco Umbrella Rank: 2441
am-vid-events.taboola.com — Cisco Umbrella Rank: 11698
331 KB
14 archive-digger.com
images.archive-digger.com
150 KB
13 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
286 KB
11 yahoo.com
jill.fc.yahoo.com — Cisco Umbrella Rank: 2411
tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 2379
cms.analytics.yahoo.com — Cisco Umbrella Rank: 883
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 826
web.ssp.yahoo.com — Cisco Umbrella Rank: 2382
prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 16254
21 KB
9 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net
43 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
34 KB
6 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 4106
api.viglink.com — Cisco Umbrella Rank: 4473
31 KB
5 microsoft.com
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1613
3 KB
5 civicscience.com
www138.civicscience.com — Cisco Umbrella Rank: 5674
www.civicscience.com — Cisco Umbrella Rank: 5647
624 B
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
53 KB
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 3602
54 KB
3 yahoosandbox.com
jac.yahoosandbox.com — Cisco Umbrella Rank: 3807
119 KB
2 smartadserver.com
www8.smartadserver.com
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 4
15 B
2 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 843
33 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 420
151 KB
2 atwola.com
26.at.atwola.com — Cisco Umbrella Rank: 105887
340 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1307
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
717 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1133
api.btloader.com — Cisco Umbrella Rank: 1274
5 KB
1 amazon-adsystem.com
s.amazon-adsystem.com
556 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 advertising.com
prod-m-node-3113.ssp.advertising.com — Cisco Umbrella Rank: 17602
175 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 550
648 B
1 live.com
login.live.com — Cisco Umbrella Rank: 85
933 B
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
36 KB
315 30
Domain Requested by
67 assets.msn.com www.msn.com
assets.msn.com
web.ssp.yahoo.com
41 img-s-msn-com.akamaized.net assets.msn.com
31 www.bing.com assets.msn.com
26 srtb.msn.com assets.msn.com
14 images.archive-digger.com
14 am-api.taboola.com
11 browser.events.data.msn.com assets.msn.com
9 ads.stickyadstv.com 3 redirects vidstat.taboola.com
cdn.stickyadstv.com
8 vidstat.taboola.com assets.msn.com
15.taboola.com
vidstat.taboola.com
5 googleads.g.doubleclick.net www.msn.com
web.ssp.yahoo.com
googleads.g.doubleclick.net
5 web.vortex.data.microsoft.com mem.gfx.ms
5 api.viglink.com cdn.viglink.com
5 api.msn.com assets.msn.com
4 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
4 tpc.googlesyndication.com googleads.g.doubleclick.net
4 www.civicscience.com www138.civicscience.com
4 www.msn.com www.msn.com
assets.msn.com
3 www.gstatic.com googleads.g.doubleclick.net
3 pagead2.googlesyndication.com web.ssp.yahoo.com
googleads.g.doubleclick.net
www.googletagservices.com
3 mem.gfx.ms assets.msn.com
mem.gfx.ms
3 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
web.ssp.yahoo.com
3 jac.yahoosandbox.com jill.fc.yahoo.com
jac.yahoosandbox.com
3 jill.fc.yahoo.com assets.msn.com
jac.yahoosandbox.com
2 cm.g.doubleclick.net
2 www8.smartadserver.com 1 redirects
2 am-match.taboola.com vidstat.taboola.com
2 www.google.com 1 redirects googleads.g.doubleclick.net
2 ad.doubleclick.net 2 redirects
2 cdn.js7k.com web.ssp.yahoo.com
2 s.yimg.com
2 26.at.atwola.com www.msn.com
2 web.ssp.yahoo.com www.msn.com
2 ad-delivery.net
2 sb.scorecardresearch.com 1 redirects
2 c.msn.com 1 redirects
1 s.amazon-adsystem.com
1 am-vid-events.taboola.com
1 wf.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 15.taboola.com vidstat.taboola.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 prod-m-node-3113.ssp.advertising.com web.ssp.yahoo.com
1 d.agkn.com
1 prod-m-node-3113.ssp.yahoo.com web.ssp.yahoo.com
1 login.live.com 1 redirects
1 api.btloader.com btloader.com
1 d2zqfs55y95cft.cloudfront.net
1 www138.civicscience.com 1 redirects
1 cdn.viglink.com assets.msn.com
1 cms.analytics.yahoo.com
1 tag.idsync.analytics.yahoo.com jac.yahoosandbox.com
1 c.bing.com 1 redirects
1 btloader.com assets.msn.com
315 55

This site contains links to these domains. Also see Links.

Domain
login.live.com
www.techradar.com
www.bleepingcomputer.com
popup.taboola.com
go.microsoft.com
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 01		 2021-09-22 -
2022-09-22		 a year crt.sh
assets.msn.com
Microsoft RSA TLS CA 02		 2021-09-23 -
2022-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
secure.ace.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-08 -
2022-05-25		 6 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2022-03-02 -
2023-02-25		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-21 -
2022-05-11		 2 months crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-02-23 -
2022-05-24		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 01		 2022-02-15 -
2023-02-10		 a year crt.sh
viglink.com
Amazon		 2021-11-13 -
2022-12-11		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2022-03-30 -
2022-06-29		 3 months crt.sh
*.civicscience.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-09 -
2022-05-10		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-14 -
2022-05-04		 2 months crt.sh
*.archive-digger.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-28 -
2022-12-31		 9 months crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 01		 2022-04-03 -
2023-04-03		 a year crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-02 -
2022-05-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh

This page contains 13 frames:

Primary Page: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Frame ID: D4089AC4717E067E6023859681513988
Requests: 258 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: AAEAC82CF6729E921F127271CCC7D20A
Requests: 2 HTTP requests in this frame

Frame: https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Frame ID: 3D3BB30A72B080DB6B497D4A921E236D
Requests: 1 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: B6196EBC0C7E2131AE20CE2A35677FFC
Requests: 17 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 9DD44879FEEBEED5477DC9D65E72A1C0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Frame ID: 1F89360FCFA880AA4071EA6C879BD9A8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FFF9700091E8AB1C5672797551ADCC45
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
Frame ID: ABD1B2A872417F433D097E28CC70CEDD
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=6269495&dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&cmcv=&pix=undefined&cb=1649787783746&uv=3158&tms=1649787783746&abt=206725b_vA!adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vA!Noapp22_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm&ft=0&unm=MSN_WIDGET&aure=false&cirid=918D2C9C9F2523538691561992697&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 87AFC6877FE1813E6901249F3B6775CC
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 14945FEA9847669AB63371BE7F4A8B0A
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 9289E8DC8BE294C83FEE409F5BDC0DFF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 88EB2A3D7FEB18DCAFBE3C24ABC319BA
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A8AA8AD1C43E5E80857CC11A3839492F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qbot malware found smuggled inside Windows Installer packagesmsn_logo

Page URL History Show full URLs

  1. http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-p... HTTP 307
    https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

315
Requests

95 %
HTTPS

42 %
IPv6

30
Domains

55
Subdomains

42
IPs

6
Countries

4324 kB
Transfer

12873 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz HTTP 307
    https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=d20768c48fb94922929cebcfc2cf129c&activityId=d20768c48fb94922929cebcfc2cf129c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0 HTTP 302
  • https://c.bing.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=d20768c48fb94922929cebcfc2cf129c&activityId=d20768c48fb94922929cebcfc2cf129c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=186FF82B55E54ED9AE7C599B875CA08C&RedC=c.msn.com&MXFR=29023373D5846CCD10B122F7D4B36DD0 HTTP 302
  • https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=d20768c48fb94922929cebcfc2cf129c&activityId=d20768c48fb94922929cebcfc2cf129c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=186FF82B55E54ED9AE7C599B875CA08C&MUID=29023373D5846CCD10B122F7D4B36DD0
Request Chain 25
  • https://sb.scorecardresearch.com/b?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
Request Chain 34
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 74
  • https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM%26ocid%3DPeregrine%26pwo%3Dhttps%253A%252F%252Fwww.msn.com%26secure%3Dtrue HTTP 302
  • https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Request Chain 187
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-04-12+18%3A22%3A59;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CM-3wbSSj_cCFZfddwodSawH2g;sz=1x1;ord=2022-04-12+18%3A22%3A59;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
  • https://d.agkn.com/pixel/10690/?che=763036777&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
Request Chain 270
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 304
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_consent=&schain=1.0,1!taboola.com,1324684,1,-1367313065,msn-edge-us_river,msn.com&us_privacy=1--- HTTP 302
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1324684%2C1%2C-1367313065%2Cmsn-edge-us_river%2Cmsn.com&us_privacy=1---&cklb=1
Request Chain 308
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7d215d24d9a167ca854118ab80deb3db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2a73_7085784581915398978 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
Request Chain 311
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7d215d24d9a167ca854118ab80deb3db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l12b1_7085784581915400346 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
Request Chain 316
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Request Chain 317
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 319
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Request Chain 321
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=

315 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ar-AAW83WP
www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/
Redirect Chain
  • http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
  • https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
24 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
06004c77b60b4ac92cc7c9e542dcc7739953f5c996c13a2e48513b1bab931635
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods
HEAD,GET,OPTIONS
cache-control
no-store, no-cache
content-security-policy
block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 18:22:56 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-fabric-cluster
pmeprodneu
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: D20768C48FB94922929CEBCFC2CF129C Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:57Z
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Non-Authoritative-Reason
HSTS
vendors.257f65bf01aa2d3ba051.js
assets.msn.com/bundles/v1/views/latest/ 		283 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b899c96f6bd8de4ddc433b15a8c6e0dbfa81bc346d1f32fde1b52acdd6864327

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
QfPWyN3y7DCfxA1Nb9sc0g==
server-timing
15
content-length
85608
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50DABC76D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d8529aa9-c01e-0074-36de-4a5390000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5882
microsoft.a379e9d9132a4c4f494a.js
assets.msn.com/bundles/v1/views/latest/ 		387 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
054da3e71adbd20784a49844f803131f28b80679b1448eb070ee255498171edc

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ifEg7t63TTDQvPd8NIscyQ==
server-timing
15
content-length
105358
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50DE915B1
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
cb40622e-201e-0086-07de-4aa0c1000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d58a5
common.e2e3aad9bbc39d7b2314.js
assets.msn.com/bundles/v1/views/latest/ 		835 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
07952001ef2d38d6b78acce58cdd217806d1934990613b684fff570493fe51c2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
0EcA4delzhlMAChvu5jTiQ==
server-timing
15
content-length
234198
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:09:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C105F66F92F
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
006542e3-901e-0001-65f9-4d269a000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d58ae
experience.b08f5edeb11bdea43079.js
assets.msn.com/bundles/v1/views/latest/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ef08b374b98dd05adf277f227f8af9c2f6a8ebcbdb365c3957b05b310eb1154

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
m3ifTWz/8+AQt6snsX0Diw==
server-timing
15
content-length
38135
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1067ED5ADA
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
f86fcfda-101e-0061-66f9-4d64b8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d58a9
web-worker.0ea543821ed818f62c38.js
www.msn.com/bundles/v1/views/latest/ 		108 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/bundles/v1/views/latest/web-worker.0ea543821ed818f62c38.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6a106879082345d475326c840dfbe62f90ce4e4e6bbe10e016e53d502ddddbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:56 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ARvhynHV88S/OETlBqBQ4A==
x-cache
TCP_HIT
server-timing
18
content-length
32033
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 78164564F0E1497C9EA6E85BC64DB64F Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:57Z
etag
0x8DA18F52605E0D2
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id
adc35d6a-801e-00a0-48de-4acbfe000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
84.53.185.157
x-ms-version
2009-09-19
akamai-request-id
10498fee
x-cid
7
x-ccc
US
eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
16
content-length
29088
last-modified
Thu, 01 Oct 2020 00:43:17 GMT
server
AkamaiNetStorage
etag
"6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
104.104.52.7
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
2b1d5a25
access-control-allow-credentials
true
/
www.msn.com/resolver/api/resolve/v3/config/ 		118 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20220411.376&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22100%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22ocid%22:%22iehp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s1-cryptc%22,%22prg-1sw-accu10c%22,%22prg-1sw-acmng%22,%22prg-1sw-acrlt%22,%22prg-1sw-c-refcnt%22,%22prg-1sw-cfbdg%22,%22prg-1sw-curr3%22,%22prg-1sw-gevte%22,%22prg-1sw-grevtt%22,%22prg-1sw-hdukr%22,%22prg-1sw-ms-cloud%22,%22prg-1sw-mscloudn%22,%22prg-1sw-multif2%22,%22prg-1sw-nen3di%22,%22prg-1sw-newsskipc%22,%22prg-1sw-pbpf1%22,%22prg-1sw-pr2fuzal%22,%22prg-1sw-pr2sdfuz%22,%22prg-1sw-pr2sdfze%22,%22prg-1sw-prsdfuz%22,%22prg-1sw-psfy21%22,%22prg-1sw-rih-revamp1%22,%22prg-1sw-rndw%22,%22prg-1sw-sp5mats%22,%22prg-1sw-sphnmsncf%22,%22prg-1sw-sphnmsnncf%22,%22prg-1sw-splog%22,%22prg-1sw-ugrth2%22,%22prg-1sw-xapc%22,%22prg-adspeek%22,%22prg-apilog%22,%22prg-contslct-t1a%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-ms-cloud%22,%22prg-ndauthrf2%22,%22prg-nodualauth%22,%22prg-psovhigh6%22,%22prg-rsum-t2%22,%22prg-serv-beacct%22,%22prg-sh-adcn%22,%22prg-sh-cadp2%22,%22prg-sh-synadnc%22,%22prg-sh-synadpc%22,%22prg-upsaip-w1-t%22,%22prg-wea-skipauth%22,%22prg-wf-sky-re%22,%22prg-wpo-pnpc%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Kestrel /
Resource Hash
7e1dacebac327d4678565051a9a021e9040b455ad2621c4eafce2824dd17d6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
etag
"qQKhlLlkUmmwYm5YhUm40KftBfw"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_HIT
content-length
34543
x-crs-env
Production
server
Kestrel
x-msedge-ref
Ref A: 28A2BEC8094B422AABC5A0121D66F8B9 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:57Z
x-crs-buildversion
20220404.5_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
public, max-age=604800, immutable
x-fabric-cluster
pmeprodneu
x-cid
7
x-ccc
US
/
www.msn.com/resolver/api/resolve/v3/config/ 		272 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=CommonHeader&expInstance=default&sharedNs=msn-ns&apptype=views&v=20220411.376&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22100%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22ocid%22:%22iehp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s1-cryptc%22,%22prg-1sw-accu10c%22,%22prg-1sw-acmng%22,%22prg-1sw-acrlt%22,%22prg-1sw-c-refcnt%22,%22prg-1sw-cfbdg%22,%22prg-1sw-curr3%22,%22prg-1sw-gevte%22,%22prg-1sw-grevtt%22,%22prg-1sw-hdukr%22,%22prg-1sw-ms-cloud%22,%22prg-1sw-mscloudn%22,%22prg-1sw-multif2%22,%22prg-1sw-nen3di%22,%22prg-1sw-newsskipc%22,%22prg-1sw-pbpf1%22,%22prg-1sw-pr2fuzal%22,%22prg-1sw-pr2sdfuz%22,%22prg-1sw-pr2sdfze%22,%22prg-1sw-prsdfuz%22,%22prg-1sw-psfy21%22,%22prg-1sw-rih-revamp1%22,%22prg-1sw-rndw%22,%22prg-1sw-sp5mats%22,%22prg-1sw-sphnmsncf%22,%22prg-1sw-sphnmsnncf%22,%22prg-1sw-splog%22,%22prg-1sw-ugrth2%22,%22prg-1sw-xapc%22,%22prg-adspeek%22,%22prg-apilog%22,%22prg-contslct-t1a%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-ms-cloud%22,%22prg-ndauthrf2%22,%22prg-nodualauth%22,%22prg-psovhigh6%22,%22prg-rsum-t2%22,%22prg-serv-beacct%22,%22prg-sh-adcn%22,%22prg-sh-cadp2%22,%22prg-sh-synadnc%22,%22prg-sh-synadpc%22,%22prg-upsaip-w1-t%22,%22prg-wea-skipauth%22,%22prg-wf-sky-re%22,%22prg-wpo-pnpc%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Kestrel /
Resource Hash
736c9943e1073ce9f5c5deaa5bb2541e2f9b2046e066644dcc42e26c5353128d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
etag
"6lGIQzStGJwfyX_2Qxpl53Pgcrk"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_MISS
content-length
56563
x-crs-env
Production
server
Kestrel
x-msedge-ref
Ref A: D42DA60C65984C57BF26D084EA319D36 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:57Z
x-crs-buildversion
20220404.5_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
public, max-age=604800, immutable
x-fabric-cluster
pmeprodneu
x-cid
7
x-ccc
US
viewspage
assets.msn.com/service/news/feed/pages/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=winp1&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&contentId=AAW83WP
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffc30eb03c3a40c22d7fa088e8e8567713c9ffec226e77fc0a3b340e6d77b825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:57 PM
x-msedge-ref
Ref A: 0CDF3C4F123C4F1B9925B5AB7C32550F Ref B: VIEEDGE1515 Ref C: 2022-04-12T18:22:57Z
ddd-strategyexecutionlatency
00:00:00.0649180
server-timing
17
ddd-servername
18D91CCF1BB5
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
65
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
65
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:57 GMT
date
Tue, 12 Apr 2022 18:22:57 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
PageViewCount0;RR:0;XFeed
content-length
4256
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wAAA;
ddd-activityid
700345aa-d04a-4f57-b9d1-65a2c433efb0
ddd-storeexecutionlatency
00:00:00.0648855
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d5a96
article-page.3524a5090e71d2c312be.js
assets.msn.com/bundles/v1/views/latest/ 		326 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a36190bae6654b1f22cfbed41d29271069f4f2d6338cc374be020965d43285b0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
C1mkeBvPVVoAUbFF1mw7pA==
server-timing
16
content-length
91366
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1081A2D070
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
f86fd588-101e-0061-2df9-4d64b8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5b26
base-header.f0e4509fc45345ffc62c.js
assets.msn.com/bundles/v1/views/latest/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/base-header.f0e4509fc45345ffc62c.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f7ba0e8a42a5a05be5e686414b17bf84d5d7ee7b592198627b99b87faece827d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
5l/8gymC9WYYTy3HGCuDng==
server-timing
14
content-length
1313
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5274007E7
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
51da33dd-101e-0019-602b-4bcea9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5b90
AAW83WP
assets.msn.com/content/view/v2/Detail/en-us/ 		8 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/Detail/en-us/AAW83WP
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1defec92beb6fab7405907cf2e49cf87fa9e64cf6c4bfcce9e79cf1b8325bbf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
ddd-usertype
AnonymousMuid
akamai-request-id
2b1d5b94
server-timing
14
content-length
3871
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=1800
akamai-server-ip
104.104.52.7
x-msedge-responseinfo
26
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
26
x-as-suppresssetcookie
1
access-control-allow-credentials
true
header-navigation-logo.c8cc89245661c9c548ac.js
assets.msn.com/bundles/v1/views/latest/ 		130 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/header-navigation-logo.c8cc89245661c9c548ac.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f43b46276227834afda76346240a4276885e66328c05471bc5165cebd1da6a52

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
7cukStmJKlJ+ub54NUHuJw==
server-timing
14
content-length
39342
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F510AC3BA6
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
51da34d9-101e-0019-3f2b-4bcea9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5bb8
pivots-nav.f0d98b0f2e8ab79f9970.js
assets.msn.com/bundles/v1/views/latest/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/pivots-nav.f0d98b0f2e8ab79f9970.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4af51011f2b5302f586c624c6cd57492c527e03ae1dc983c7da4b8ed2b2906e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
dUgHm4iR6l+Dp64jSQ2Nlw==
server-timing
14
content-length
15878
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50A17661C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
7d1ae91d-901e-00ed-742b-4bc7f4000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5bbc
AAd4FLD
assets.msn.com/content/view/v2/provider/en-us/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/provider/en-us/AAd4FLD
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
ddd-usertype
Unknown
akamai-request-id
2b1d5bce
server-timing
14
content-length
738
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=1800
akamai-server-ip
104.104.52.7
x-msedge-responseinfo
1
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
1
x-as-suppresssetcookie
1
access-control-allow-credentials
true
rewards
assets.msn.com/service/news/users/me/ 		563 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/users/me/rewards?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&version=2&muid=29023373D5846CCD10B122F7D4B36DD0&scn=MSNRPSAuth
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b03b6f0f84e9859d676ec3080f7bfddd9a8f63deef4523b2605088806b0b12e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-activityid
1b10838c-1cc3-4754-995e-df8267f5b4d3
ddd-strategyid
News_RewardsReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0430240
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
server-timing
17
content-length
380
x-msedge-responseinfo
43
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
akamai-server-ip
104.104.52.7
x-msedge-ref
Ref A: FD069A106E0D49068241EC0DBAD793EB Ref B: VIEEDGE2920 Ref C: 2022-04-12T18:22:57Z
akamai-request-id
2b1d5bd3
onewebservicelatency
43
x-as-suppresssetcookie
1
access-control-allow-credentials
true
expires
Tue, 12 Apr 2022 18:22:58 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
tag
btloader.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6208086025961472&upapi=true
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaee490ae7ac3af767857d876df43b3ff5bf7833a11eecc2c35de435c0ea947e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray
6fadfd8cecee59e9-MXP
date
Tue, 12 Apr 2022 18:22:58 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 10:19:53 GMT
server
cloudflare
age
149
etag
W/"743c2fa6390ba42f7bbc7a4aed1a88e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhaa0Y%2BQaMICUIskHCfME8VgCqDRKkpZvTwm5r4QztMPCbtwZ9O2e4iXnmDxAlTIFR7KSlURV9jM1dmzEepKlKqlSYqNhTBjxUVQWaA%2FxkaGMMvDyiEgyJvp%2FXzwKtj35N%2BJF51a14HTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
19
content-length
41006
last-modified
Thu, 04 Jul 2019 01:04:35 GMT
server
AkamaiNetStorage
etag
"72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
104.104.52.7
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
2b1d5cc7
access-control-allow-credentials
true
roboto-v20-latin-regular.woff2
assets.msn.com/statics/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/roboto-v20-latin-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
19
content-length
15759
last-modified
Thu, 01 Oct 2020 00:44:24 GMT
server
AkamaiNetStorage
etag
"479970ffb74f2117317f9d24d9e317fe:1601513064.007103"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
104.104.52.7
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
2b1d5ccc
access-control-allow-credentials
true
js
jill.fc.yahoo.com/v1/client/msft/ 		359 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/msft/js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509
vary
Accept-Encoding
content-length
265
x-xss-protection
1; mode=block
x-request-id
27d844ff517243cfe87e3d7ecf86fea0941573
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=900
x-robots-tag
noindex, noarchive, nosnippet, nofollow
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
br
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
04/12/2022 18:22:58,4/12/2022 6:22:58 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0443902
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-servername
61103151A2D6
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E55421B0F2F04BA09EDA48871CCBC75C Ref B: FRAEDGE1221 Ref C: 2022-04-12T18:22:58Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
bf4c56e6-559b-475e-9720-aa37940444bf
ddd-storeexecutionlatency
00:00:00.0442844,00:00:00.0442857
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
44
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
44
access-control-allow-credentials
true
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=36&h=36&q=60&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Fri, 08 Apr 2022 04:35:23 GMT
x-datacenter
northeu
x-source-length
16004
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=36757
x-activityid
6306828a-8cfc-44aa-a451-39988ffdfd21
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=36&h=36&q=60&m=6&f=png&u=t
content-length
1936
expires
Wed, 13 Apr 2022 04:35:35 GMT
c.gif
c.msn.com/
Redirect Chain
  • https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-...
  • https://c.bing.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside...
  • https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-...
42 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=d20768c48fb94922929cebcfc2cf129c&activityId=d20768c48fb94922929cebcfc2cf129c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=186FF82B55E54ED9AE7C599B875CA08C&MUID=29023373D5846CCD10B122F7D4B36DD0
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:57 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19F3635A87A74911B24A36393EC9D47A Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.msn.com/c.gif?rnd=1649787778031&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=d20768c48fb94922929cebcfc2cf129c&activityId=d20768c48fb94922929cebcfc2cf129c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=186FF82B55E54ED9AE7C599B875CA08C&MUID=29023373D5846CCD10B122F7D4B36DD0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-package...
  • https://sb.scorecardresearch.com/b2?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packag...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
T79t7nKhsSPaRBB6nv6Fsu_0wWSor1vztT8qL69_s3XB4SlHRbJHlw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?rn=1649787778032&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
date
Tue, 12 Apr 2022 18:22:58 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
I1lAHfSjExT--SijJOshgFeMSky0HGiuLEB7CT1abcdFK245Tmv_-w==
x-cache
Miss from cloudfront
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787778034&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4ccc1d05a5f05994fb16da0c0c9f28976945f7ae589c774f98f20f8edb898939

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:57 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
286
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
jac.js
jac.yahoosandbox.com/0.14.0/ 		153 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122179
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
X/uWeOvzu7iDWXUdDpq5O0wG+B8BXRI+Lx2vn3Q7bKZEiwOwRpklcL4V1L5d6HdHlAHHD32T46w=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
T22J1NETT50WC8MV
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame AAEA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6309) /
Resource Hash
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8
content-encoding
gzip
content-length
3220
content-type
text/html
date
Tue, 12 Apr 2022 18:22:58 GMT
etag
"324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified
Wed, 18 Aug 2021 13:17:52 GMT
server
ECS (lhb/6309)
vary
Accept-Encoding
x-amz-id-2
krKjah57yXehW2wLW06D7PsvfETacBK6YiDfKUkuWDLKZDvXEGspDWjzZGq0xOlcpnWajEq0rjo=
x-amz-request-id
1VFGWCKT7TCMRAPZ
x-amz-server-side-encryption
AES256
x-cache
HIT
cms
cms.analytics.yahoo.com/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 12 Apr 2022 18:22:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70057
x-guploader-uploadid
ADPycdsh8GYxEsgK5z5qzA4JGMsog7O-yGD2LI2hbU_f91x5eoUCT4GMmUwbhCfVgrJx8LU0CQ9sNf_tS6nikYPvsmc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCJvd41zHcaPdEqJKDpc9r2ONqjyO2siuxbqDJmzX%2FtMmOCrCSC%2BdrwNUVu%2BsWClZIEgXWNa70hLKM4gRK4wipCzR2kPW1Sd7XxOk4JloT07mY2ftIhbT%2Fc0m%2BrRxaImTmRIt4YHxLJBrwjcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fadfd8dfa7e83b2-MXP
expires
Mon, 11 Apr 2022 23:55:21 GMT
px.gif
ad-delivery.net/ 		43 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7211356517958638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 12 Apr 2022 18:22:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70057
x-guploader-uploadid
ADPycdsh8GYxEsgK5z5qzA4JGMsog7O-yGD2LI2hbU_f91x5eoUCT4GMmUwbhCfVgrJx8LU0CQ9sNf_tS6nikYPvsmc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6is7ViuD4u3top7VyMnJ5OGIbs5CAuAG8VzjLxUV34tBZiirnB7aOELX85d3beunNAiyQ%2F7NRDCwGYd%2FlUhobpY77KrOsHV3zQvjNjF1ENSfGhz2dAwbmkyMSZltVL6mBbofH1XtmzE55TCKSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fadfd8dfa8083b2-MXP
expires
Mon, 11 Apr 2022 23:55:21 GMT
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1613580
cf-ray
6fadfd8e7be95a3d-MXP
content-length
28567
x-amz-id-2
aE7PvAIeQ0zxZbpQNDY93wAUgro0nVM3D0X4bKxEMQoClGM1QZ22oWgir5qBrV2MYs8WOTksdJc=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
S1MA6HTFHH5AAQSS
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 19 Apr 2022 18:22:58 GMT
msnTagScript.js
vidstat.taboola.com/msn/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/msn/msnTagScript.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acbbe4a4a0fe7510b6f5b03027213a90eaa8c6cf226e2f9f7b3e1dbd97686b19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront), 1.1 varnish
age
1962420
x-amz-meta-mtime
1645100690
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1645100690
content-encoding
gzip
content-length
5900
x-served-by
cache-hhn4061-HHN
last-modified
Thu, 17 Feb 2022 12:24:51 GMT
server
AmazonS3
x-timer
S1649787778.262348,VS0,VE0
etag
"49e5c3b63121d2e82cb07f4d6a8324ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=18000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
F6DMcN_wJBPVlh3dt0Kw_nUWmdwsnU8Q5MBPUjpdDK4MZN1pSGAGVw==
x-cache-hits
243
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Protocol
H2
Server
2600:9000:223f:5200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 13:04:30 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 17:56:12 GMT
server
AmazonS3
age
19109
etag
W/"a447e05213d4affbde5462797da6e9a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Sms5Jmqbm3ZLoKVV2gVOPHVGG2pNRfke-WjWubfplEfYw4toUYtHaQ==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Tue, 12 Apr 2022 18:22:58 GMT
server
awselb/2.0
content-length
110
content-type
text/html
AAOtxfp.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAOtxfp.img?w=634&h=400&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b924ad39a82784eb8194c5219e78c56beaf373e12d9d82168134d1319993bce5
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 12:09:20 GMT
x-datacenter
northeu
x-source-length
492228
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=409587
x-activityid
58ce5e6d-debb-43fc-ad10-23820053ec2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAOtxfp?w=634&h=400&q=60&m=6&f=jpg&u=t
content-length
39962
expires
Sun, 17 Apr 2022 12:09:25 GMT
breaking-news.20a11f027137ab1f52d4.js
assets.msn.com/bundles/v1/views/latest/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
aq3Xp6OKcMFgkph9Evqiig==
server-timing
15
content-length
3070
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F529EE224E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ea722d3d-c01e-0074-63c0-4d5390000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e5e
modern-right-rail.5986f182bb6e5fdd69b5.js
assets.msn.com/bundles/v1/views/latest/ 		157 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c74c78b4212d6e9496bd73b856ab1c80a69a85acc63df051eae6f5b5334e0110

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
RfgwiTCbTJpw0Z/jO4zRuw==
server-timing
15
content-length
41701
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1081F7E84D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
0065493a-901e-0001-13f9-4d269a000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e63
content-sharing-toolbar.785413a240a2f0e0a2f3.js
assets.msn.com/bundles/v1/views/latest/ 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.785413a240a2f0e0a2f3.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f13b2a0429d2b9b6f339a88926e9d1c8726d9ddb7be4beafe9dc4f84ed92e91e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
hV04xkQgU2tJFry70TwkDA==
server-timing
15
content-length
54137
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5276D52DF
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
cb407170-201e-0086-5cde-4aa0c1000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e67
feedback-link.222152698c1af1199fc1.js
assets.msn.com/bundles/v1/views/latest/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-link.222152698c1af1199fc1.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Y4qdvBWAKVYhe3/K/Z9P/w==
server-timing
15
content-length
3435
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F52A527ADD
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ea701460-c01e-0074-68c0-4d5390000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e6e
one-footer.c88903799420beeb18ce.js
assets.msn.com/bundles/v1/views/latest/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/one-footer.c88903799420beeb18ce.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1f1cd89bc86dad3a473b1b89f83fb4df78604ddf4c5b10d2da3b263844750d24

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
mb098+SvVlwIZiuoPe9LRg==
server-timing
15
content-length
40378
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F520675572
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
c657fbc2-401e-00c4-2bde-4a25d4000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e74
social.4e1c5ea8f3ba1530f009.js
assets.msn.com/bundles/v1/views/latest/ 		474 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social.4e1c5ea8f3ba1530f009.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
47effbf21c3af4550e6906fa5faf81935fc3a8c8d8c4145d9b69dab40157e494

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
0r6Ew9fL9pdixK5zEwzuxg==
server-timing
15
content-length
132538
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50F7743EC
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d8529f05-c01e-0074-72de-4a5390000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e78
toast.aded51fc22bfc9fce234.js
assets.msn.com/bundles/v1/views/latest/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/toast.aded51fc22bfc9fce234.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cfb49753dd3733aa626638d8850d695d44df13c1cc58f5922ee95a1803e0d33e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
f9hSni2rLQYxlCz+jSIi8A==
server-timing
15
content-length
38727
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA169609739962
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
e9810151-201e-007a-577f-48f18d000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e7d
bingWebSSO.905b3a28ff5a99b845e3.js
assets.msn.com/bundles/v1/views/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/bingWebSSO.905b3a28ff5a99b845e3.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3960bab1341fe97dc7d8cb89e4b4e6ab0dbaf256e60993cbbb5ca2d33c4b647c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ynY6sl/AZX7BN+uWcOqB/A==
server-timing
15
content-length
1639
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5151003C6
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
59ee3c99-301e-00cb-3f2b-4baccb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e86
searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
assets.msn.com/bundles/v1/views/latest/ 		184 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bccbdefad6797dd13860d99d3a4879c7345ec7ec982755bfe34dee8639f0302b

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
lHVFw2GFAOv4EcoMAFVh5A==
server-timing
15
content-length
50816
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F51E66EDFB
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d329596f-f01e-0083-47de-4a27cb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e89
msnSettingMenu.843f365bd5b991ed1f4b.js
assets.msn.com/bundles/v1/views/latest/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/msnSettingMenu.843f365bd5b991ed1f4b.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6dfc832ff4bac20a488712ad02af7dcecca7cdc7de58ffa1ca15518f2317ab40

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
xH2ytFPyX5tbR2F0BH6XRw==
server-timing
15
content-length
6559
x-ms-lease-status
unlocked
last-modified
Wed, 30 Mar 2022 23:19:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA12A3C2E14E15
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
f7defce1-001e-002c-7e8d-4468b2000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5e8e
social-subscription-banner.8da7d1d2a24732f096c6.js
assets.msn.com/bundles/v1/views/latest/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-banner.8da7d1d2a24732f096c6.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1a355720643bcde13843f0a20d2301328d828ba2505b25df41f447338f2af84d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
X8Bp2m+PflGi0GypibVSKA==
server-timing
15
content-length
16346
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50CC09F3E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
15daf297-501e-00f1-68de-4a83cf000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5ea6
social-subscription-overlay.931fe9df9e8fdf1d1dc2.js
assets.msn.com/bundles/v1/views/latest/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-overlay.931fe9df9e8fdf1d1dc2.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cb9c9a4aa94639811b9a26c22273d5a7950fec602a3c3df19b557124200c1d8d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
AFLpXtTclQXAdpgk11wLjg==
server-timing
18
content-length
15666
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5172E9D3C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
16952677-b01e-007b-78de-4ada8f000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5ea9
social-subscription-notification.3744bfec3922622ee450.js
assets.msn.com/bundles/v1/views/latest/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-notification.3744bfec3922622ee450.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5eb7a9f9adc35ddb7d8f67c20f4d337c64d6ce894cd6bacd9d8b72f5eb03853c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Xgk0N54F7tKdxYucrZznGg==
server-timing
19
content-length
16015
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50ABEFF70
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d3290c4b-f01e-0083-4dde-4a27cb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5eac
social-support-result.1904108aac2b63e703a0.js
assets.msn.com/bundles/v1/views/latest/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-support-result.1904108aac2b63e703a0.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
42736024c56912c10fd3c7761c9d57f37e5bf5f87f74bfafc763059a2ff632d2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
hAWROxzKewJt4WyURM+uqg==
server-timing
19
content-length
21331
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA169604D6C9CB
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
641c024e-f01e-0053-687f-4813ad000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5eae
views-native-mon.484e6578e33ce87095e7.js
assets.msn.com/bundles/v1/views/latest/ 		362 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/views-native-mon.484e6578e33ce87095e7.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
377f60fa87d345d11b3485794b590184900f0ccc90a20ca6fec401a4649da1ee

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
cnb3a7LsD1XOhoe/AKha9g==
server-timing
20
content-length
83173
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1082175264
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
f86fdde3-101e-0061-24f9-4d64b8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5eb2
libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.abcaa90efa0298124b31.js
assets.msn.com/bundles/v1/views/latest/ 		1 MB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.abcaa90efa0298124b31.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b2e162e74af088df0fe79756114b8724f5d7ce842e43ebf23db53c6757010e2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Gdf3lzWvxA2xTszWoXdsMA==
server-timing
20
content-length
323920
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C10792C236E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
6c43b913-301e-005f-40f9-4de7b4000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5eb4
desktop-feed-views.1af1c40b1c92fd1bdb84.js
assets.msn.com/bundles/v1/views/latest/ 		788 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.1af1c40b1c92fd1bdb84.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
30f5d4a286d6f8f2d6dd5a62e1e52f55f000c3c418796d48c5072332e5a806c4

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
jx/a9FSV+puRedqtWxrIiw==
server-timing
21
content-length
130436
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C106729B393
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
17169d79-b01e-00ff-7df9-4d21d2000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5eb6
upnext-paddle.da8d0af488faebf2f040.js
assets.msn.com/bundles/v1/views/latest/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/upnext-paddle.da8d0af488faebf2f040.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c9d83bc5aae933a6ad1a842c7db73a8c89dfcea8419fd95401fdffb87242050c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
3tbzs0nXl0IGiVWqD3lKKw==
server-timing
22
content-length
11933
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:09:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C105E79B045
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
6c43f54a-301e-005f-44f9-4de7b4000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5ebb
social-tip-promotion.34cb96a46a12938f0710.js
assets.msn.com/bundles/v1/views/latest/ 		66 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-tip-promotion.34cb96a46a12938f0710.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
380a4673a245b7c6dfb8726c2fa2a82440da54cddb456abdf038b649589f9b98

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
d68nW6L48xRhTGbqiAkXFg==
server-timing
22
content-length
16907
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50B0155F3
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d3291820-f01e-0083-0bde-4a27cb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5ebe
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787778239&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
8d022a2329afb7d9da0a0492eceaf6c81229194476ed309da744359810d84b43

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
102
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
AA157JY
assets.msn.com/breakingnews/v1/cms/api/amp/article/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/breakingnews/v1/cms/api/amp/article/AA157JY
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
cd78847f0bdfa8f0a81eb00ae51b2485f7a4e03875ca8d36830f83bdb414c9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

appex-activity-id
6978c6e6-60db-4b32-8278-da6e922ec7a5
content-encoding
gzip
etag
W/"36941"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:0
x-cms-type
article
x-cms-documentid
AA157JY
server-timing
22
ms-cv
7OXpS0HfzU+VGivh0pL8/g.0
content-length
2585
x-trace-context
{"ActivityId":"6978c6e6-60db-4b32-8278-da6e922ec7a5"}
x-cms-version
10889
last-modified
Tue, 12 Apr 2022 17:11:22 GMT
server
Microsoft-HTTPAPI/2.0
date
Tue, 12 Apr 2022 18:22:58 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
12
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=30
akamai-server-ip
104.104.52.7
akamai-request-id
2b1d5ebf
x-cms-documentstoragetier
Cache
x-cms-state
Published
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=RcVvXrCV0S&w=5671737388695552&o=6208086025961472&cv=2.9.157-1-g9c0fea6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6208086025961472&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame AAEA 		13 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://tag.idsync.analytics.yahoo.com
cache-control
no-cache
access-control-allow-credentials
true
feedback-data-connector.07fffa19c38bdc96a8b6.js
assets.msn.com/bundles/v1/views/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-data-connector.07fffa19c38bdc96a8b6.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
WTt3RNTaimxTlMBE8+DOyA==
server-timing
24
content-length
693
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5279A9DE4
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ea70d778-c01e-0074-3fc0-4d5390000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5ef3
feedback-dialog.2a4201b7141780bb80fc.js
assets.msn.com/bundles/v1/views/latest/ 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-dialog.2a4201b7141780bb80fc.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f869867a1bff18643cf3323cad20211e29fb941240b1a68fb8231ba0da4bd28d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
JI3ZESnGd2RlyzYHVY4gig==
server-timing
15
content-length
24165
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50CAB459C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
b7b56289-601e-00ea-3fde-4a16fa000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5f3d
msnhomepagehistory.aspx
www.bing.com/ 		2 B
940 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/msnhomepagehistory.aspx
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:57 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F9E9C8509FC4905931E4E96FB50B88A Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:58Z
x-snr-routing
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
6
expires
-1
social-data-connector.97a5321fe592e425ecbf.js
assets.msn.com/bundles/v1/views/latest/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-data-connector.97a5321fe592e425ecbf.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aca63519ae5b1990c00048e5901c025161073426f2858185da42c784274e8dbb

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
sM0zRc7wyr90rkZMNlTiLg==
server-timing
16
content-length
14805
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1695FCA6AB76
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
dd694331-a01e-0062-807f-4819be000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5f5d
js
jill.fc.yahoo.com/v2/ads/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%22d20768c48fb94922929cebcfc2cf129c%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%2229023373D5846CCD10B122F7D4B36DD0%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_d93b9aa_01%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221649787778357%7C541143836226566340%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22NEWUSEN12%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22dcbe52b96%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
bfb69a567f33224bd398905d838aaf2068d33038367e3b22131b70347823b95d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
2682080b706a1b2d36fc288b26eb2286712800
publisher-carousel.529cb7f86c82c0d77eb8.js
assets.msn.com/bundles/v1/views/latest/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/publisher-carousel.529cb7f86c82c0d77eb8.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e254c1e85858af67585ec49e2f9daaa2e66561f4adb5b9335c74c7d7af7b3afc

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
e3VNXduVtYSBdX6SgWNcFg==
server-timing
15
content-length
13890
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA16960511323B
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
dd6a4ce9-a01e-0062-077f-4819be000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d5fb0
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:22:57 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 02F41B64BA414E7D86828AC727004B42 Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:22:58Z
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
97c3408e-ec14-4783-a659-8ecfac22ecbc
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:2
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
21
ms-cv
NOj+SNnbBEGvy4+tyAQKQQ.0
content-length
4138
x-trace-context
{"ActivityId":"97c3408e-ec14-4783-a659-8ecfac22ecbc"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:22:58 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
0
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
104.104.52.7
akamai-request-id
2b1d602b
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:37:58 GMT
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:22:57 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 9F71969FFA9745B691F34A9188DFCB86 Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:22:58Z
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
97c3408e-ec14-4783-a659-8ecfac22ecbc
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:2
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
21
ms-cv
NOj+SNnbBEGvy4+tyAQKQQ.0
content-length
4138
x-trace-context
{"ActivityId":"97c3408e-ec14-4783-a659-8ecfac22ecbc"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:22:58 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
0
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
104.104.52.7
akamai-request-id
2b1d602c
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:37:58 GMT
auction
srtb.msn.com/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
686d1b573ee42c00494e395b38e3131991f08c5ae89ee361d5b3376d01727525
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
29023373D5846CCD10B122F7D4B36DD0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,onetrustpoplive,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A46E21872B814929889FB802304508C5 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:58Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=367
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
cc97d510a0a9b7e66b664c2f04ab9ab33ddc7e7946e67e62550c0487d280b306
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
29023373D5846CCD10B122F7D4B36DD0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,onetrustpoplive,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 95264BF4C22C4A688DF409A21F3BF7EB Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:58Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=296
timing-allow-origin
https://www.msn.com
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787778444&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c0fdda9dab7a65aef575d02d1c8fde7d7a00ea1796514529f31786958ed56583

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
6
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
viewspage
assets.msn.com/service/news/feed/pages/ 		44 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?market=en-us&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&timeOut=3000&ocid=winp1&fdhead=1s-bing-news,1s-br30min,1s-fcrypt,1s-pagesegservice,1s-winauthservice,1s-winsegservice,prg-1s1-cryptc,prg-1sw-accu10c,prg-1sw-acmng,prg-1sw-acrlt,prg-1sw-cfbdg,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-gevte,prg-1sw-grevtt,prg-1sw-hdukr,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-1sw-multif2,prg-1sw-nen3di,prg-1sw-newsskipc,prg-1sw-pbpf1,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-prsdfuz,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-1sw-rndw,prg-1sw-sp5mats,prg-1sw-sphnmsncf,prg-1sw-sphnmsnncf,prg-1sw-splog,prg-1sw-ugrth2,prg-1sw-xapc,prg-adspeek,prg-apilog,prg-contslct-t1a,prg-hprewflyout-t,prg-ias,prg-ms-cloud,prg-ndauthrf2,prg-nodualauth,prg-psovhigh6,prg-rsum-t2,prg-serv-beacct,prg-sh-adcn,prg-sh-cadp2,prg-sh-synadnc,prg-sh-synadpc,prg-upsaip-w1-t,prg-wea-skipauth,prg-wf-sky-re,prg-wpo-pnpc&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ContentId=AAW83WP&User=m-29023373D5846CCD10B122F7D4B36DD0&$skip=2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ae6f1bd3b4ffde2948bcf5acde3c6d3c0dd9ab8f3479e54a10d5c25029d93fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
vebudumu04302020,prg-1sw-gevte,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 89D7E2B7FCD84256AF9F0DBC2334324A Ref B: MIL30EDGE0905 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.3472602
server-timing
19
ddd-servername
0F104FB50EDF
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=300
x-msedge-responseinfo
347
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
347
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
XFeed;TileID:u0yj;SageUser:0;RR:0;PageViewCount0
content-length
11765
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
1ilc=vebudumu04302020,wfeedsmuid10=prg-1sw-gevte,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wgAA;
ddd-activityid
a5f532bf-60c3-4aa9-9a47-860679fe549b
ddd-storeexecutionlatency
00:00:00.3472282
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d6183
me
assets.msn.com/service/MSN/Feed/ 		71 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/MSN/Feed/me?$top=30&DisableTypeSerialization=true&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&contentType=article,video,slideshow,webcontent&fdhead=msnallexpusers,muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,onetrustpoplive,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361&infopaneCount=10&location=50.1109|8.6795&market=en-us&ocid=windows-windowshp-feeds&queryType=myfeed&responseSchema=cardview&timeOut=1000&user=m-29023373D5846CCD10B122F7D4B36DD0&wrapodata=false
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
689a6adffce2a0d6fb99e6c7ac5a806dca1b94f903f4db6f2e622df212790465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
04/12/2022 18:22:58,4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 418D6E2CB4414A1D8728F2BAD6A5337D Ref B: VIEEDGE1415 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.2120309
ddd-feedfeatures
0101010001010101010000000000000000
ddd-servername
96B284E95E50
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
213
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
213
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:58 GMT
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
MSN_FeedsNoCacheReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
MyFeed;Static:1;PageViewCount0;TSv3:50;0;71;ULatLon50.11:8.68;ColdUserHist_0;SageUser:0;SageUserStatus:0_0_0_0;TileID:u0yj;RR:0
server-timing
17
content-length
19827
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:2wAA;
ddd-activityid
a50cbdee-39ff-4662-a8a2-ec830a0c2c98
ddd-storeexecutionlatency
00:00:00.2100234,00:00:00.2100270
ddd-datastore
MSN_ContentFeedDataStore,MSN_ContentFeedDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d619b
silentpassport
api.msn.com/auth/cookie/ Frame 3D3B
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM...
  • https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
239 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
*.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
content-length
239
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 18:22:58 GMT
ddd-activityid
374242fa-0047-4f10-a2cf-ae43c5b5aea6
ddd-authenticatedwithjwtflow
False
ddd-strategyexecutionlatency
00:00:00.0001069
ddd-usertype
MUID
onewebservicelatency
0
servertoserverauth
False
x-activity-id
A78C0815041D4BFDA7D2392BBA7E2FCE
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
x-msedge-ref
Ref A: A78C0815041D4BFDA7D2392BBA7E2FCE Ref B: FRAEDGE1221 Ref C: 2022-04-12T18:22:58Z
x-msedge-responseinfo
0

Redirect headers

Cache-Control
no-store, no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Apr 2022 18:22:58 GMT
Expires
Tue, 12 Apr 2022 18:21:58 GMT
Location
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL6PPFB69EC362C V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
feecd5a4-9939-45b7-8793-d5aa0c74060a
x-ms-route-info
R3_BL2
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/msnSettingMenu.843f365bd5b991ed1f4b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ac966ca1fd3fc726538c76b248c4e254560596368fc628ce48b8dfb0cdc34ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0blhVYgAAAAAmouFeXM+NQ7BieJFQ/KIyQU1TMDRFREdFMTgxOQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date
Tue, 12 Apr 2022 18:22:58 GMT
x-azure-ref
0gsNVYgAAAAA9CLDj06b+RZsnTn5aXDDXRlJBRURHRTEwMTYAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Tue, 12 Apr 2022 11:39:06 GMT
ping
api.viglink.com/api/ 		316 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.200.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a2d08593a89467435094a328a17bdaca9d19cca6ed10214adcba9da9a2a78667

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 GMT
social-tip-selection.bf25df3e33d211a377ce.js
assets.msn.com/bundles/v1/views/latest/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-tip-selection.bf25df3e33d211a377ce.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
00df3a318c3fd470d38916cafcf87651f3318f23652a8e34ec5790bf96d62921

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
2J7++TwJIAkrGRjkVvCqCg==
server-timing
19
content-length
16755
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1696030B4DEE
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
dd0ad2a4-701e-0077-627f-482e96000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d624e
icon-assets-ShareV2.5504bf6eb86509df3888.js
assets.msn.com/bundles/v1/views/latest/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/icon-assets-ShareV2.5504bf6eb86509df3888.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
h0ebBiYgmw5cCHamNo+Zzg==
server-timing
18
content-length
1359
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5185DC969
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
490d7f60-501e-00f1-011c-4c83cf000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d627a
AAPInH8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPInH8.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
1233469
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429503
x-activityid
6382dcd0-8e9f-46c9-9c08-960ffd097f6b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPInH8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1428
expires
Sun, 17 Apr 2022 17:41:21 GMT
AAW8uPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8uPB.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
366505
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429402
x-activityid
cfe0e549-0c16-49c5-911a-86dcb1e8093c
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8uPB?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
1331
expires
Sun, 17 Apr 2022 17:39:40 GMT
AAREQl4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREQl4.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
eastus
x-source-length
1860193
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429420
x-activityid
31343f23-a69a-4f81-9757-9e2f7aaad0fa
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAREQl4?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1027
expires
Sun, 17 Apr 2022 17:39:58 GMT
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Sun, 03 Apr 2022 16:09:08 GMT
x-datacenter
westus
x-source-length
16004
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=36764
x-activityid
bed87234-bc41-434c-88ff-33af3abaf0eb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length
1264
expires
Wed, 13 Apr 2022 04:35:42 GMT
me
assets.msn.com/service/community/users/ 		198 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/users/me?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb66b1b530d86fed91d62bc369e5fd29999b99ad92703b81580be8a2e3962419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 032602121C004033A516A23D470001A1 Ref B: VIEEDGE1215 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0000862
server-timing
17
ddd-servername
DABC75E87AF4
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
0
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:58 GMT
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
158
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
edcb0ac8-6435-4876-87b4-1948a864a9ec
ddd-storeexecutionlatency
00:00:00.0000596
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d6294
/
assets.msn.com/service/community/urls/ 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/?cmsid=AAW83WP&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa9f1a2e05ecd596dc7cdc24ee1f97f22174cd3028cfb97210f9cf0343757848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 9F85272B38CE4A26828F9DC32C8FA38C Ref B: MIL30EDGE0212 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0023535
server-timing
17
ddd-servername
D652BCEDFCA8
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=60
x-msedge-responseinfo
2
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
2
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
1391
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
7f1d9b46-a65f-4be8-a6bc-bf4648e478e7
ddd-storeexecutionlatency
00:00:00.0023124
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d6296
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
br
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
04/12/2022 18:22:58,4/12/2022 6:22:58 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.1889738
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-servername
70F56D671DA4
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 40404A4C9AF248A3AC162074186F7EB7 Ref B: FRAEDGE1221 Ref C: 2022-04-12T18:22:58Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
423322e3-ef64-4345-a5fa-30c5dcc88b3f
ddd-storeexecutionlatency
00:00:00.1888182,00:00:00.1888202
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
189
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
189
access-control-allow-credentials
true
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
br
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
04/12/2022 18:22:58,4/12/2022 6:22:58 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0090725
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-servername
FB7A32BF6FE5
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 022E9F8820F645958673939469BA5733 Ref B: FRAEDGE1221 Ref C: 2022-04-12T18:22:58Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
715daf83-22bd-4d1c-80a8-5af8ac18106c
ddd-storeexecutionlatency
00:00:00.0089051,00:00:00.0089065
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
9
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
9
access-control-allow-credentials
true
user
assets.msn.com/service/msn/ 		74 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=Peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM,4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 2C2D0994C5E946B9B887A4A001BCBBBA Ref B: VIEEDGE1015 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0573660,00:00:00.0575221
server-timing
17
ddd-servername
BECBAC137585,BECBAC137585
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
57
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
57
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:59 GMT
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Graph_AipUserAndActionReadStrategy,Graph_BestNewsReadStrategy
ddd-usertype
AnonymousMuid
content-length
92
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
16f41ad8-495e-4768-a7cf-2d969ecca627
ddd-storeexecutionlatency
00:00:00.0573416,00:00:00.0575017
ddd-datastore
Graph_UserAndActionAipStore,Graph_BestNewsDataStoreGraph
access-control-allow-credentials
true
akamai-request-id
2b1d6298
Actions
assets.msn.com/service/Graph/ 		75 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/Graph/Actions?%24filter=actionType+eq+%27Save%27+and+targetId+eq+%27AAW83WP%27&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=feeds&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.785413a240a2f0e0a2f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12ef4915d97bfc68be594bcb3a7744ce5707c0b69ea5e5de96d221e4afa249b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
vebudumu04302020,prg-1sw-gevte,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 03E454AC00984563A87FBE795625B7B9 Ref B: VIEEDGE2007 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0019820
server-timing
18
ddd-servername
9BE044F51216
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
2
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
2
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:58 GMT
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Graph_BestNewsReadStrategy
ddd-usertype
AnonymousMuid
content-length
93
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
1ilc=vebudumu04302020,wfeedsmuid10=prg-1sw-gevte,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
f2acb4de-77f8-428b-98b4-fc61ce1423d9
ddd-storeexecutionlatency
00:00:00.0019624
ddd-datastore
Graph_BestNewsDataStoreGraph
access-control-allow-credentials
true
akamai-request-id
2b1d629f
roboto-v20-latin-500.woff2
assets.msn.com/statics/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/roboto-v20-latin-500.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
18
content-length
15895
last-modified
Thu, 01 Oct 2020 00:44:04 GMT
server
AkamaiNetStorage
etag
"020c97dc8e0463259c2f9df929bb0c69:1601513044.306165"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
104.104.52.7
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
2b1d62d3
access-control-allow-credentials
true
jac.js
jac.yahoosandbox.com/0.14.0/ Frame B619 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122179
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
X/uWeOvzu7iDWXUdDpq5O0wG+B8BXRI+Lx2vn3Q7bKZEiwOwRpklcL4V1L5d6HdHlAHHD32T46w=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
T22J1NETT50WC8MV
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
AAPInH8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPInH8.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
1233469
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429503
x-activityid
6382dcd0-8e9f-46c9-9c08-960ffd097f6b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPInH8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1428
expires
Sun, 17 Apr 2022 17:41:21 GMT
AAW8uPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8uPB.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
366505
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429402
x-activityid
cfe0e549-0c16-49c5-911a-86dcb1e8093c
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8uPB?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
1331
expires
Sun, 17 Apr 2022 17:39:40 GMT
AAREQl4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREQl4.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
eastus
x-source-length
1860193
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429420
x-activityid
31343f23-a69a-4f81-9757-9e2f7aaad0fa
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAREQl4?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1027
expires
Sun, 17 Apr 2022 17:39:58 GMT
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
last-modified
Sun, 03 Apr 2022 16:09:08 GMT
x-datacenter
westus
x-source-length
16004
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425736
x-activityid
bed87234-bc41-434c-88ff-33af3abaf0eb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length
1264
expires
Sun, 17 Apr 2022 16:38:34 GMT
domains
api.viglink.com/api/ 		41 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.200.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
95c2996b3c92fea363e0d182b80e172330fb13ff3840ac70fb699aba95818ab1

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame B619 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787778357|541143836226566340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8fc2bce13214d547385999998e27dadcf4b3d7f7787b9692c3849b8efe1d796e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
server
ATS/9.1.0.33
age
1
content-type
application/x-javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length
3106
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779662%7C0%7C225%7CAdId=11043949;BnId=3;ct=645727212;st=4771;adcid=1;itime=787778764;reqtype=5;guid=5m2o9kdh5bgs2&b=3&s=71;;impref=1649787778284806;imprefseq=1714468484211...
26.at.atwola.com/ Frame B619 		1 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779662%7C0%7C225%7CAdId=11043949;BnId=3;ct=645727212;st=4771;adcid=1;itime=787778764;reqtype=5;guid=5m2o9kdh5bgs2&b=3&s=71;;impref=1649787778284806;imprefseq=171446848421112069;imprefts=1649787778;adclntid=1002;pvid=dcbe52b96;kvgrp=dcbe52b96;kvmsft_asid=1649787778357%7C541143836226566340;kvpg=www.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-aaw83wp;kvmn=newusen12;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=d20768c48fb94922929cebcfc2cf129c;kvmsft_muid=29023373D5846CCD10B122F7D4B36DD0;kvmsft_ext_inv_cd=us;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=2865445830.133254695&n=0&s=poll&t=created&d=%7B%22target%22%3A%22dc47b0af-1755-c124-4d1b-758f0eee9014%22%2C%22instance%22%3A%22civsci-id-76398579-AAW83WP%22%2C%22isContainerSeen%22%3Atrue%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1054%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-246-74.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www.civicscience.com/widget/api/2/ 		307 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/bootstrap?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAW83WP&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&mv=5&_=1649787778906&callback=jsonp_1649787778907_63670
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.224.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-224-198.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
f706ef48f78d016dc9babb77ab2c657e2c0ee12b7be6ae2dd683fa503fa503c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
reactions
assets.msn.com/service/community/urls/AAW83WP_en-us/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/AAW83WP_en-us/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b8c1df95b6d2e68380089bd884656bf5203badbd9f53deb467d9a97499e3613

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 0B312F05778940AAAF8A25E382DA8EF9 Ref B: VIEEDGE2806 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0029170
server-timing
23
ddd-servername
56F8F18FCB07
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:58 GMT
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
621
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
d0c6591d-b7bc-4f73-9b40-003f72b6d4a0
ddd-storeexecutionlatency
00:00:00.0028892
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d63b7
/
assets.msn.com/service/community/comments/ 		8 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/comments/?contentId=AAW83WP_en-us&$top=6&$skip=0&$orderby=Rating&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a951fb87a147491c9e4f4025479042bae5e6cebb7bf47ca56e4965268b1ddc8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: A4905C13215144F5AE9C8410C43049EE Ref B: VIEEDGE2008 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0060538
server-timing
23
ddd-servername
B78B55C8E2B2
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
6
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
6
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:58 GMT
date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
2458
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
6038bffd-2917-4ffc-b975-ca0e5e138812
ddd-storeexecutionlatency
00:00:00.0060243
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d63b9
vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa
assets.msn.com/service/community/users/ 		733 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/users/vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67aebdc8fb87bd7f5d1224fe6c2e916f23623dc780f66725fab19f98cd64e264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 6541FBABA42E49B48B2E53E33FDF77C4 Ref B: VIEEDGE1415 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0015872
server-timing
23
ddd-servername
4EA2812779E2
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
1
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
1
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:59 GMT
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
479
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
54c5a6c3-d133-49b1-9321-61dcf7f9aba6
ddd-storeexecutionlatency
00:00:00.0015592
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d63cf
/
assets.msn.com/service/community/follows/ 		79 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8600aaf225573d6eeb458637e79791e0744ddce81d8edce832f6445be848e36c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: 22BA2C2F664F45BBAA87E3292594BF3E Ref B: VIEEDGE1215 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0037579
server-timing
23
ddd-servername
CB135384651B
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:59 GMT
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
93
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
ae13da0c-af52-4248-b338-516576a8b5ce
ddd-storeexecutionlatency
00:00:00.0037272
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d63d2
reactions
assets.msn.com/service/community/urls/AAW83WP_en-us/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/AAW83WP_en-us/reactions?friends=true&$top=2&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5871cc6db78ad7488e253e8a84af131074b8159d46443101a4e272c0793a05c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:58 PM
x-msedge-ref
Ref A: DF0C9F20BFA24262B19118B8E76380A0 Ref B: VIEEDGE1806 Ref C: 2022-04-12T18:22:58Z
ddd-strategyexecutionlatency
00:00:00.0029415
server-timing
23
ddd-servername
A2FE0978FA16
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:59 GMT
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
619
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
cb9f1073-b619-4b76-a93a-b2c17aecbd71
ddd-storeexecutionlatency
00:00:00.0029136
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d63d8
icon-assets-SaveV4.959e5d41d82c739817a8.js
assets.msn.com/bundles/v1/views/latest/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/icon-assets-SaveV4.959e5d41d82c739817a8.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:58 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
k0hvQ8+/uW0EjmQgY51Y6g==
server-timing
18
content-length
725
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F51F579396
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
716c603e-701e-00e3-1d1c-4c65e9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d63e3
served
srtb.msn.com/notify/ 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=eoab&i=1&p=webcompar&l=en-us&d=gemini&b=chrome&a=f0ee8de1-c53a-46ba-802c-15f20eb7945a&ii=1&c=14340076045110485327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 96FAFA03432C4AB68DF890C8A59D305A Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:58Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=eoab&i=2&p=webcompar&l=en-us&d=gemini&b=chrome&a=2ac0e378-f3d2-4b58-bc9f-f057d0959d4b&ii=1&c=13054353559879192705
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A6A00277CE6F4DF681E27B907865A21A Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:58Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
d317f51f9ed5b3fe1a1ae4a5518ed076.jpeg
s.yimg.com/lo/api/res/1.2/MuxnHCDYhl8C1y1REQxsXw--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/627x627/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/MuxnHCDYhl8C1y1REQxsXw--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/627x627/d317f51f9ed5b3fe1a1ae4a5518ed076.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
dd5fd5a2bf9b59be4e383490c3b510199ba3abd7a6496983f84fafbd1c6a6695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
age
108000
cld_latency
439
edge-cache-tag
487720048237099294282692002379353798649,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
MISS
status
200 OK
cld_by
cache-iad-kjyo7100093-IAD
x-served-by
cache-iad-kjyo7100093-IAD
referrer-policy
no-referrer-when-downgrade
x-timer
S1649679780.057753,VS0,VE439
etag
"1298de837ab897d3ecd7e83e4582725c"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-headers
X-Requested-With
x-cache-hits
0
date
Mon, 11 Apr 2022 12:23:00 GMT
x-content-type-options
nosniff
x-cache
MISS
cache-tag
487720048237099294282692002379353798649,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
cld_hits
0
content-length
78536
x-xss-protection
1; mode=block
x-request-id
d9d6beeb21a949108085d8ee1b4f63cd
last-modified
Mon, 11 Apr 2022 12:23:01 GMT
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
cld_id
d9d6beeb21a949108085d8ee1b4f63cd
1641399223627-1510.jpg
s.yimg.com/lo/api/res/1.2/QdowLikY9U4qwJnGUOjt2w--~A/Zmk9Zml0O3c9MzAwO2g9MzAwO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/QdowLikY9U4qwJnGUOjt2w--~A/Zmk9Zml0O3c9MzAwO2g9MzAwO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/1641399223627-1510.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
eb573a7ad09616b4d77475709a374fa97b7f9755bb861e374994d71f03abfcea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 14 Mar 2022 06:43:09 GMT
x-content-type-options
nosniff
age
2547590
cld_latency
1
edge-cache-tag
432760394250453600253887154631756493655,338897315775294552049016027336480009571,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
74816
x-xss-protection
1; mode=block
cld_by
cache-wdc5535-WDC
x-served-by
cache-wdc5535-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 12 Feb 2022 09:17:15 GMT
server
ATS
x-timer
S1647240190.773872,VS0,VE1
etag
"c20b22fa22e27a57c2cca7de3a7e51ef"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
432760394250453600253887154631756493655,338897315775294552049016027336480009571,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits
1
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
br
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
04/12/2022 18:22:59,4/12/2022 6:22:59 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0075134
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-servername
6E2E7C9D6D4B
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 85BE5A2DD6004B9B9E01F844DE13450B Ref B: FRAEDGE1221 Ref C: 2022-04-12T18:22:58Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
82b93591-d775-4ac0-a751-2e1446bc3e17
ddd-storeexecutionlatency
00:00:00.0074232,00:00:00.0074245
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
7
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
7
access-control-allow-credentials
true
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787779004&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6be7096c82fd45e502e374446d2cf70fecb5cd16b54237d0856e4dff9162076c

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
9
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
BBqlEdK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		733 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK.img?w=16&h=16&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dfb5fc9c665b9eff192d9c6a33bf9ecb8aa4654aa8d83685d3ca2be8a546a39c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Mon, 11 Apr 2022 09:39:28 GMT
x-datacenter
westus
x-source-length
18737
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=314143
x-activityid
075529c5-64a3-49ec-8de0-78adb46d08ec
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBqlEdK?w=16&h=16&q=60&m=6&f=jpg&u=t
content-length
733
expires
Sat, 16 Apr 2022 09:38:42 GMT
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7e840e4795f81ec96ae0939a01b68594&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
569e739a31edbda5cf393675ba23d987c47eed5e51a87854b39dd4ec79238f44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C22BC0BBD8A4893835099485CAA833B Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3954
AA36Tom.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA36Tom.img?w=16&h=16&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87306ff222703017f52bdec3f69a6583605e65c484484477313479de06b51f61
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA36Tom
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
331
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA36Tom?w=16&h=16&q=60&m=6&f=jpg&u=t
x-activityid
f252b458-bc16-428a-bf28-4ca3f6b1b233
last-modified
Mon, 11 Apr 2022 16:09:22 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
722
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=337681
timing-allow-origin
*
expires
Sat, 16 Apr 2022 16:11:00 GMT
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.962103b86de6eba5b95469a17d17637e&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb921dd14601dac222f665ecc3b2d0cdd370b18524343bfb1a9944cda681b267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D6DAA1597B2449DAF9855FEB113E2B0 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3943
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		155 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:20 GMT
x-azure-ref-originshield
0Aq5VYgAAAADMSrOSSy0gSY4qJ/lGaBslQU1TMDRFREdFMTgxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809377acb6"
x-azure-ref
0g8NVYgAAAAB+Hn6e5lTNQqH3RwaGKvOLRlJBRURHRTEwMTYAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
x-ua-compatible
IE=edge
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__0dfc0f0d85f293f636077c831089bacd__%7E%7EV1%7E%7E-1440031368213442627%7E%7EKkFkDmM1agq_dYUIkOWhnghHZCQZwXsje1ea6NNMbo4ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqU03tTRWD2mAfkA4gi83wbP6e5H6OKTAhSr9V-16YsNfiPsbyFZCbggk-_dL_moOqi8VKErDcFK1fIXk3gxKEtvOB6N3wboQIStzwzlfHZCVMwmVQO4jXtq97qHrsmC5QcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text&response.session=v2_a8164cded85a60fd29cd117580a5db8e_29023373D5846CCD10B122F7D4B36DD0_1649787778_1649787778_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787779.065524,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=inarticle&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=b1d278ef-0358-4c41-a7b8-947b0cea2e9a&ii=1&c=7150215533493635210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE057A6369234B0ABDCF104A0E3FDE02 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe96875f957da59c1111584af6a708534.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_225%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_2894%2Cy_2676/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_225%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_2894%2Cy_2676/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe96875f957da59c1111584af6a708534.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a8164cded85a60fd29cd117580a5db8e_29023373D5846CCD10B122F7D4B36DD0_1649787778_1649787778_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__0dfc0f0d85f293f636077c831089bacd__%7E%7EV1%7E%7E-1440031368213442627%7E%7EKkFkDmM1agq_dYUIkOWhnghHZCQZwXsje1ea6NNMbo4ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqU03tTRWD2mAfkA4gi83wbP6e5H6OKTAhSr9V-16YsNfiPsbyFZCbggk-_dL_moOqi8VKErDcFK1fIXk3gxKEtvOB6N3wboQIStzwzlfHZCVMwmVQO4jXtq97qHrsmC5QcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b59fe8feeb9ed23f1b5e1581ee4db390f93bec286451627aa06a87ca6fddd13e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
377331
edge-cache-tag
521229353636941353450517753662759153612,626874349113979176805982280634117981627,29ecf9b93bbf306179626feeda1fab70
cache-tag
521229353636941353450517753662759153612,626874349113979176805982280634117981627,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1731
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_225%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_2894%2Cy_2676/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe96875f957da59c1111584af6a708534.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a8164cded85a60fd29cd117580a5db8e_29023373D5846CCD10B122F7D4B36DD0_1649787778_1649787778_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__0dfc0f0d85f293f636077c831089bacd__%7E%7EV1%7E%7E-1440031368213442627%7E%7EKkFkDmM1agq_dYUIkOWhnghHZCQZwXsje1ea6NNMbo4ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqU03tTRWD2mAfkA4gi83wbP6e5H6OKTAhSr9V-16YsNfiPsbyFZCbggk-_dL_moOqi8VKErDcFK1fIXk3gxKEtvOB6N3wboQIStzwzlfHZCVMwmVQO4jXtq97qHrsmC5QcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text%22%7D
content-length
11590
x-request-id
1bdb6c2d687cbc52c4a09e6fe32ed40d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 08 Apr 2022 09:26:39 GMT
server
nginx
x-timer
S1649787779.070093,VS0,VE1
etag
"324d272b7d6354b510bf1839bf7f4d8f"
x-served-by
cache-iad-kcgs7200147-IAD, cache-iad-kcgs7200136-IAD, cache-sna10733-LGB, cache-iad-kcgs7200052-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787779077&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
68896fc9eee1f9e74e87ec5617979a1a617274406b69b9e2ac319894dcae9de3

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
14
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
reactions
assets.msn.com/service/community/comments/6571aef9-036d-493b-bd22-aad88cb3a781/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/comments/6571aef9-036d-493b-bd22-aad88cb3a781/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d4083286e2cddeef53e20193016754c77f644733b27cff887aa450627f66386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:59 PM
x-msedge-ref
Ref A: 3D19F2D263F34C4EAB22A1F553E5867D Ref B: VIEEDGE1015 Ref C: 2022-04-12T18:22:59Z
ddd-strategyexecutionlatency
00:00:00.0032420
server-timing
18
ddd-servername
77C14454D3B4
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:22:59 GMT
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
931
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenl2=prg-1sw-ugrth2,wfeedsmuid1=prg-rsum-t2,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskipc,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhigh6,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
58da918e-9629-417c-b91c-2af19eff11f1
ddd-storeexecutionlatency
00:00:00.0032133
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d64e0
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=2865445830.133254695&n=1&s=poll&t=metatarget&d=%7B%22target%22%3A3815%2C%22instance%22%3A%22civsci-id-76398579-AAW83WP%22%2C%22isContainerSeen%22%3Atrue%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1158%2C%22otarget%22%3A3223%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-246-74.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
social-bar-wc.dfdfca96b23838ad4c6a.js
assets.msn.com/bundles/v1/views/latest/ 		169 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-bar-wc.dfdfca96b23838ad4c6a.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c3752788f9fc691bbcc5f7eef227c66a536b9267e460525b772ad69b6da0db2a

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
8d5dO7zN2gDP2tikm2qccg==
server-timing
22
content-length
46058
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F52834A495
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d328f6e9-f01e-0083-0bde-4a27cb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d6519
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
97c3408e-ec14-4783-a659-8ecfac22ecbc
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:2
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
22
ms-cv
NOj+SNnbBEGvy4+tyAQKQQ.0
content-length
4138
x-trace-context
{"ActivityId":"97c3408e-ec14-4783-a659-8ecfac22ecbc"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:22:59 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
0
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
104.104.52.7
akamai-request-id
2b1d6524
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:37:59 GMT
auction
srtb.msn.com/ 		71 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
d17fc93a3e2b897e36ac1b5e32f912953e175ac73f570e84cbb03129e6022835
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
29023373D5846CCD10B122F7D4B36DD0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,onetrustpoplive,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2A65DBACE1F42AAA7BF627E4CE3F2EC Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=371
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:22:58 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 875F5DBEE0044BE3BA215789DFB991D9 Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:22:59Z
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.439264b809545c9439d4c1dc18d002af&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F553959C5EC940ADB2765A856B3E9DA3 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19157
AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		640 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sun, 10 Apr 2022 04:33:28 GMT
x-datacenter
eastap
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=209469
x-activityid
65701e1a-0856-43b8-b2ad-d422b3494eea
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length
640
expires
Fri, 15 Apr 2022 04:34:08 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.f23e9be41750c90bdf26626613fdfbbd&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A777387AE1E84C2A82018ABAF5AF6C9B Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17030
BBm8qVB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBm8qVB
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
18952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
bb3d7be1-1a69-48e8-8758-4aafce581b0e
last-modified
Mon, 11 Apr 2022 13:30:21 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
820
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=328065
timing-allow-origin
*
expires
Sat, 16 Apr 2022 13:30:44 GMT
th
www.bing.com/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1a5286402c1eeb4e81e58d6b8ede944&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fded1c1aca58118d7ffb5ee78794313d948e7973bb3034440c19ed8a062d8283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FE1E512CC5924AB0A4D5D573F4B4D6D5 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
21877
BBphlIt
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		697 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Mon, 11 Apr 2022 15:47:10 GMT
x-datacenter
eastap
x-source-length
19025
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=336184
x-activityid
f6b57cec-88f3-482f-84ce-ce8d20441ea5
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
content-length
697
expires
Sat, 16 Apr 2022 15:46:03 GMT
th
www.bing.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1d3ba307a31eb4ea6d4ea58a213dee5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D32016E8E7E343798AD4192F0DD56A58 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
18227
AANGpUX
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		523 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 06:38:19 GMT
x-datacenter
westus
x-source-length
2518
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=44112
x-activityid
eef405b5-82cc-4c54-9cd1-ac29d50da056
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
content-length
523
expires
Wed, 13 Apr 2022 06:38:11 GMT
th
www.bing.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.12c9554363fab88471f20946337d2e04&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c282bd0966e3162e4e06d15774582a5cdb22ba408f4a62b9eefbc4825e58670e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 60BA0ADC679048B08464B10839402B8C Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15132
AAQk7ql
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		406 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Mon, 11 Apr 2022 16:32:57 GMT
x-datacenter
northeu
x-source-length
2906
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=338978
x-activityid
e9d31e0f-844b-43ab-ad9e-e48fcf42fe2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
content-length
406
expires
Sat, 16 Apr 2022 16:32:37 GMT
th
www.bing.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.5627e1ffa17097eff051d064d8056d4f&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15897dfb93ad2d1cd1b9f67f46382ad08a0d2c59b0da2275b6977dd5debbf931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DA5313AB74CF4BC1AD814E5E4F3BEAD0 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
21560
AAxspu1
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		469 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sat, 09 Apr 2022 00:36:38 GMT
x-datacenter
eastus
x-source-length
19025
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=108766
x-activityid
4e95cdaf-e478-467b-81f3-e45c8fbb957a
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
content-length
469
expires
Thu, 14 Apr 2022 00:35:45 GMT
th
www.bing.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c52a88296d55451518893916f4116a92&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc4ddcccfb5d9717516c4827c0f202bfac14e18d92b4504928dbc22deef57e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FB546709727C410EAE0A3E5F9A87677B Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
26482
AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		602 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 13:39:08 GMT
x-datacenter
westus
x-source-length
3337
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=69389
x-activityid
aa52a607-af74-4fa4-a300-16450c386569
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length
602
expires
Wed, 13 Apr 2022 13:39:28 GMT
th
www.bing.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.2b42ce13d4934004f933022a39c5f63d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1613d677e53f717118190d4983c6ecfc2f25696435d0d6ce6811e6b47627643c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68C4D06AAAED474BBAB57FC3884D1D02 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
23952
th
www.bing.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.117649a7e863819a19cc46632b686786&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D46C4EA87D4E4BE2AAE91A62FB12B631 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16809
AA9tqjr
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA9tqjr
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
1664
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
aab33792-4ea3-44d4-a1fd-878ba0d366e7
last-modified
Sun, 10 Apr 2022 20:33:28 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
725
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267048
timing-allow-origin
*
expires
Fri, 15 Apr 2022 20:33:47 GMT
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7e840e4795f81ec96ae0939a01b68594&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6838a24ee1be5a9cb9a9c9a421ff1e0a6965067326e45cf1cacf0778069aaba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5F2F627BE629479F8BD722CF09911692 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25412
BBqlEdK
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		594 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 12:26:47 GMT
x-datacenter
eastap
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=65055
x-activityid
1c93fa2f-4f02-46f9-8ca0-151f91d5cb83
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBqlEdK?w=16&h=16&q=100&m=6&f=png&u=t
content-length
594
expires
Wed, 13 Apr 2022 12:27:14 GMT
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.df5392243c90622a1fcb6bc110e41256&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e89f1284e7890f38b73947d7a2df5e325fd490850928152d863671a357fe1d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C5E4C45A3CB4C5CAAC9390BAA4C8EA2 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25378
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.ca58ec9a5ba0ade70fb13f3c0f0f279c&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FAA21629D2D946FC82FA9442106D9B96 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17086
BBph6Sm
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		671 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBph6Sm
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
19025
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
2a5860e1-8073-463b-a48f-6e195ba91250
last-modified
Sun, 10 Apr 2022 07:36:34 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
671
x-resizerversion
1.0
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=220387
timing-allow-origin
*
expires
Fri, 15 Apr 2022 07:36:06 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7c4123719ef20e3102a4b743ac74d136&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a2340b57fdd291118580f3525015bfaeaae7be8775675bf7847925a3b44cb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 04BECF6ED73E471D968CBFB0559DF99B Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17223
AATG1Wy
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		496 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATG1Wy?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a43832c3694bf725f05896990421fe7d596e10538731a539112c174016a206b7
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 12:24:20 GMT
x-datacenter
westus
x-source-length
1808
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=64826
x-activityid
ff5df960-d27f-48c0-bf2f-8d874d467a11
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AATG1Wy?w=16&h=16&q=100&m=6&f=png&u=t
content-length
496
expires
Wed, 13 Apr 2022 12:23:25 GMT
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.43bae281d8dc1d0067ee09b83ee378b8&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a47f2d6080a0aaf2ea65faf66bd0d78e5c79d3b78e6cad3625b2e71373bf5de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC35242C47DB4830A7C6D19CB30F4278 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20378
BBERG9W
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sat, 09 Apr 2022 17:46:04 GMT
x-datacenter
westus
x-source-length
1622
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=170633
x-activityid
308f1e93-df58-40ac-93e9-f8342fe65af6
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
content-length
828
expires
Thu, 14 Apr 2022 17:46:52 GMT
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		100 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:26 GMT
x-azure-ref-originshield
0CqxVYgAAAACnOA+L5ZCLQb0xtbxovOaHQU1TMDRFREdFMTgxNwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809708c940"
x-azure-ref
0g8NVYgAAAAAX/PxLSPu5TYFmUsQiQmoxRlJBRURHRTEwMTYAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:22:58 GMT
x-ua-compatible
IE=edge
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
js
jill.fc.yahoo.com/v2/ads/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%22d20768c48fb94922929cebcfc2cf129c%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%2229023373D5846CCD10B122F7D4B36DD0%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22rectangle1_db97_11%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221649787779253%7C950787257491017000%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22NEWUSEN11%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22dcbe52b96%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A2%2C%22metrics%22%3Afalse%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a0f030a52000bb031b5b6ae5d9116a49c4c6a8827880dbdae8bed67ea17e298f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
28cf3bbdcdc42e1f15b38f536bff1653172802
target
www.civicscience.com/widget/api/2/ 		0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/target?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAW83WP&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&mv=5&_=1649787779268&callback=jsonp_1649787779268_73220
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.224.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-224-198.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
x-powered-by
PHP/7.2.34
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34
domains
api.viglink.com/api/ 		42 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.200.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
1a0c300b3eb47d04a745e446ec68fc2aaf76b50abec8e2d78b9ec806116bce51

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:58 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-12T18%3A22%3A59.031Z%27&appId=%27JS%3AMeControl%27&cV=%27kM3AakczV4dZRjWs.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=52&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%279a814d33-2885-4309-db28-47c0075cef39%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A364.6999969482422%2C%22perfDuration%22%3A52%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnperegrine%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnperegrine%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3D**%26li%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:58 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
ZYs4cT5G2kKNzo4AZj36NQ.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-12T18%3A22%3A59.239Z%27&appId=%27JS%3AMeControl%27&cV=%27kM3AakczV4dZRjWs.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=30&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.21162.3%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%279a814d33-2885-4309-db28-47c0075cef39%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A205.4000015258789%2C%22perfDuration%22%3A30.299999237060547%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnperegrine%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnperegrine%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3D**%26li%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:59 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
kPHhgBfsx0CUnJiJ/bvx/g.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-12T18%3A22%3A59.244Z%27&appId=%27JS%3AMeControl%27&cV=%27kM3AakczV4dZRjWs.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnperegrine%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=212.6999969482422&*details=%27load%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:59 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
/lcg8uVhpUSjbOCqhSx7Pw.0
Content-Type
image/gif
Content-Length
43
Expires
0
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787779297&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
01636b51d4678bafb80f1bb8e5de3b41c7ed107322bda2fccc3c638ba9cd5ba3

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:59 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
13
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		387 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B619 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787778357|541143836226566340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
aBLVLynt4VtpFbIXfhXgTw==
server-timing
20
content-length
980
x-ms-lease-status
unlocked
last-modified
Tue, 12 Apr 2022 12:21:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C7EE82269A0
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c48d8005-601e-0080-5370-4ea97e000000
cache-control
public, max-age=86400
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
akamai-request-id
2b1d66fa
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame B619 		19 B
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58294,55953,58292,58160,55829,55859,57926,55939,56554,58267,58301&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787778357|541143836226566340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
cache-control
no-cache
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame B619 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=986571&grp=%3F%3F%3F&nl=1649787779257&rts=1649787778949&pix=1&et=1&a=db286eea36d54ab2b4b83e3500f06c92&m=aXAtMTAtMjItMTAxLTQ.&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OztkZWQ4NjlmZWI5ZmM0MTQ5YTIxNzMzMmIwOWIzNzE1OTszMTU1OTk1NDsxNjQ5Nzg0NjUwOzswOzswOztwYXNzYmFjay05NDU5Ozsx&uid=y-_LlKzmpE2uq4UIIq_9aBuCmfBIxS%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787778357|541143836226566340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.133.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-133-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Tue, 12 Apr 2022 15:05:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
talon-1.0.40.js
cdn.js7k.com/ix/ Frame B619 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787778357|541143836226566340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 16:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7255
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
16540
x-amz-id-2
RPIj17wRsAx3T/R6ho2Vx2xH+gmAttW3NLIewpOHYPsGR4lX6TTJnXoU3Im6whfiTmSG6RxB/80=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
QVNHFKCNH2DP6G6V
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-12T18%3A22%3A59.300Z%27&appId=%27JS%3AMeControl%27&cV=%27kM3AakczV4dZRjWs.8%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnperegrine%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=269&*details=%27Web%20header%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:58 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
Ek5MNUL/SkmJctQko52FWg.0
Content-Type
image/gif
Content-Length
43
Expires
0
card-actions-wc.fa07e407847934933446.js
assets.msn.com/bundles/v1/views/latest/ 		181 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/card-actions-wc.fa07e407847934933446.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd1e10a375a428c7bac8f6d1d0f976ff20eff193ddd2d3745976a5504c07c4d6

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
7EkwWJykUlOR8z2pAvFDfw==
server-timing
14
content-length
46204
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C107062331D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
6c43c0b0-301e-005f-0bf9-4de7b4000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d6704
reaction-breakdown-dialog.5035534de9353899cb93.js
assets.msn.com/bundles/v1/views/latest/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/reaction-breakdown-dialog.5035534de9353899cb93.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
734988aa63a7b90f9cb5a147b0465e79dcb7ea214bcfccee4468bee8aae69e09

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
wm4qR2AxRF16MMczxhdsPg==
server-timing
17
content-length
25760
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F518DEF48C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
d328f7be-f01e-0083-06de-4a27cb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d675e
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
v0.3.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B619 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094765
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
z8Jjf5/rd/eZ9trCtaDFyg==
server-timing
22
content-length
2092
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 20:55:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA19A22E3E5083
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
5330d018-301e-0047-7a6d-4db555000000
cache-control
public, max-age=86400
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
2b1d67d8
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787779468&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2b57bfdcc2b7ade60b7e1734ee8ed3521c9d0e01e818bedebb335b6f2c3acc46

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:22:59 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
14
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
banner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B619 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/banner.css?v=19094765
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094765
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
g0Qf/KmXtQmVnbpqUM24zw==
server-timing
19
content-length
656
x-ms-lease-status
unlocked
last-modified
Thu, 07 Apr 2022 06:33:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18608B025D5A
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f9bb8a42-b01e-0042-61da-4aa0f4000000
cache-control
public, max-age=86400
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
akamai-request-id
2b1d680e
darkModeBanner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B619 		679 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/darkModeBanner.css?v=19094765
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094765
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
HvnL4/tdYHBxpdrLF3XG4A==
server-timing
19
content-length
304
x-ms-lease-status
unlocked
last-modified
Thu, 07 Apr 2022 06:33:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18608AEBA2EF
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
71ff18c1-a01e-0048-3eda-4a8ab6000000
cache-control
public, max-age=86400
akamai-server-ip
104.104.52.7
x-ms-version
2009-09-19
akamai-request-id
2b1d6815
auction
srtb.msn.com/ Frame B619 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094765
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
6ce9fbb36497aaed178cc819cad03e53899bce8610626a3cc64608e5e66a5e65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 12 Apr 2022 18:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 26464AF8E54E44CCA88F506103EA9158 Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:22:59Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=379
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:22:58 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 84A7A2E6C20341F794ECC1329BA2B43A Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:22:59Z
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__e61c866fa73e06b57c2c0ce3c34d10ab__%7E%7EV1%7E%7E-5964095311520834669%7E%7EQaK2ZPGVq6FEleSXUFEzbxC0tG1ess06wQFrmE8tSOcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AykHRTyK2pr4K2W-lE2j7M7Vo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtVH57BQYqAq9JSPNgxSiS_ef0ur7ggkV1z23pYTO0ifB1AEATMf8WjJ0RKA51GfCy2EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.648108,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=riverdb&i=3&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=81b93e22-4512-4094-a4e5-24ad9cf27734&ii=1&c=5278718427498643855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 39AC400D39134A5382B5ED60911FF394 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__badf501dab1c2e3fae8b5d500628f596__%7E%7EV1%7E%7E370277234479669885%7E%7Et9c0BWNrbrHnnwpvXXAilc0LjRZ2kJz-ilZGpRL74bjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RI0Z105TotBgOdpwml9KhgFl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekzbCw9PAJdv-eMOjM9QKM2gc69kZ52-VwDAR5sRlr5QzAlq5nHcJGcliCEnYlzTQitW0XVsBfiy9I6vcbRINv9g__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.649764,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=4e504bef-daaf-4f90-8b68-9f9d4048b5a5&ii=1&c=7660743193822372692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D6679342C8F4DE1AABE88CCBFAFB05E Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__70510cb38e2865ad6c9a26245d5eb18a__%7E%7EV1%7E%7E-4470016362437527751%7E%7Es7ChmFVy0NB-lV3vUl_2ateUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4Fo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtSrp93iWgeM96ZMUSD8qDaU-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.650982,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=2&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=0f30469b-ebea-4983-8301-fa9e18aec149&ii=1&c=2947547552136036116
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 79CA7D7C1C4840AEA2B0A8B042756273 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__98d01c3c654736b346c1b560add868be__%7E%7EV1%7E%7E3815473515362940484%7E%7EKc8YKf6ePIU4wVsow4WHESYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLKsHLEGKR6GRak5z5-eBR26fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRNPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.651222,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
d.agkn.com/pixel/10690/
Redirect Chain
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-04-12+18%3A22%3A59;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR...
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CM-3wbSSj_cCFZfddwodSawH2g;sz=1x1;ord=2022-04-12+18%3A22%3A59;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_direc...
  • https://d.agkn.com/pixel/10690/?che=763036777&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10690/?che=763036777&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
52.29.167.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:22:59 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://d.agkn.com/pixel/10690/?che=763036777&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=10&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=1dd193af-35b4-4b17-b850-448dc19a0abc&ii=1&c=4226742405765657716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CBD588223C314B8FA70C7AC3BCA20357 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__991cfb092bb5067308e2e4f61a8c5a54__%7E%7EV1%7E%7E-5559282149013872781%7E%7ET7mjLZ1ZwX71afr0hC2kVI6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AytP8lADP-K2hIDjhG5Lw6Bpo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtZPUJ6VktaYcl4rNkqXMEhC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.651479,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=11&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=b7b26af6-bd81-4dca-beca-44e0df7c0edb&ii=1&c=15996307715534348978
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2402B5262854B3ABC724F297ACCC40B Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__16482d6266b0c9e882ffae835780220f__%7E%7EV1%7E%7E507991649930334494%7E%7E-DghgIrB7VeCpBL_KBE94Uxe0gcEDJFpuUCwUPMrDjPTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJO5i1do0mpwGHeasqPYes6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjR-7yTfXisrpjSywBWPhELf7OkjDiWfAgTVxYwQzjKqxBJ3Vjc3de0zIhoJSH_1k7BRMiMsWt_J59zH-ihmwYd_g__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.651559,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=12&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=185fc47d-6d64-4ac5-8a86-5fa147831800&ii=1&c=14468441486467166121
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2325B7E351E44540A480449C81141FE7 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__bce6cd9dadcef5151f98217fd5c1c469__%7E%7EV1%7E%7E4194953484628678655%7E%7EKGr7ytkApXRLI1dMGwx7pm0-6f_1W6j-NBzsaj96ldMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AylpSKsmMBtMvMKyugDldOPFo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtWEBAs25hF_0Kp0YASBIdS-0_yhhXQ9XrZ-IQncaS92U2bMvzz5UiRpyVvjUMeS0DmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.663771,VS0,VE11
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=13&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=4c9df00e-a133-4d8c-bbf3-ffa856eae08c&ii=1&c=15829405836886881961
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2665A0D816D1449BA2DAEE66612B23E5 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__24e89eefd1353a0d6ea11b803947ed7b__%7E%7EV1%7E%7E651514380748400041%7E%7E0TsVy_53n5N-ozReIkAL7oOtzQ2_ieLSL5eoEMigNdQndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AypCfbD-1-iPeOijqwXQDouVo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtQYoyxOrZNVrB-qc8mByMhhOPwidWhWTSePnJ1DBXyxawo7AKb0da4crad9nMoBaQ46zhr_uog6GC70OqLAd6RE__text&response.session=v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.665702,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=river&i=18&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=f6d9648a-78a2-48b9-98cc-1fed1ecfd8f0&ii=1&c=5322182043130591664
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 654B606524D94E4A9F908F13AC59F7FB Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:22:59Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.439264b809545c9439d4c1dc18d002af&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C8F13C726D547449802961081EFDBB0 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19157
AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		640 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sun, 10 Apr 2022 04:33:28 GMT
x-datacenter
eastap
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=209469
x-activityid
65701e1a-0856-43b8-b2ad-d422b3494eea
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length
640
expires
Fri, 15 Apr 2022 04:34:08 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.f23e9be41750c90bdf26626613fdfbbd&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 34D39E1E392046B7968054148B5DC530 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17030
BBm8qVB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBm8qVB
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
18952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
bb3d7be1-1a69-48e8-8758-4aafce581b0e
last-modified
Mon, 11 Apr 2022 13:30:21 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
820
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=328065
timing-allow-origin
*
expires
Sat, 16 Apr 2022 13:30:44 GMT
th
www.bing.com/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1a5286402c1eeb4e81e58d6b8ede944&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fded1c1aca58118d7ffb5ee78794313d948e7973bb3034440c19ed8a062d8283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 16B4E18CF41B4D12964AC462CBCFB34E Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
21877
BBphlIt
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		697 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Mon, 11 Apr 2022 15:47:10 GMT
x-datacenter
eastap
x-source-length
19025
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=336184
x-activityid
f6b57cec-88f3-482f-84ce-ce8d20441ea5
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
content-length
697
expires
Sat, 16 Apr 2022 15:46:03 GMT
th
www.bing.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1d3ba307a31eb4ea6d4ea58a213dee5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1B107D0538ED4ECB9FD2E02D21213C06 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
18227
AANGpUX
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		523 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 06:38:19 GMT
x-datacenter
westus
x-source-length
2518
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=44112
x-activityid
eef405b5-82cc-4c54-9cd1-ac29d50da056
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
content-length
523
expires
Wed, 13 Apr 2022 06:38:11 GMT
th
www.bing.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.12c9554363fab88471f20946337d2e04&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c282bd0966e3162e4e06d15774582a5cdb22ba408f4a62b9eefbc4825e58670e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AF7BE6182A2448A9503A37A7E4255A0 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15132
AAQk7ql
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		406 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Mon, 11 Apr 2022 16:32:57 GMT
x-datacenter
northeu
x-source-length
2906
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=338978
x-activityid
e9d31e0f-844b-43ab-ad9e-e48fcf42fe2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
content-length
406
expires
Sat, 16 Apr 2022 16:32:37 GMT
th
www.bing.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.5627e1ffa17097eff051d064d8056d4f&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15897dfb93ad2d1cd1b9f67f46382ad08a0d2c59b0da2275b6977dd5debbf931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 60AB732FD79B4F5E91C5D004E2030DD5 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
21560
AAxspu1
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		469 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sat, 09 Apr 2022 00:36:38 GMT
x-datacenter
eastus
x-source-length
19025
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=108766
x-activityid
4e95cdaf-e478-467b-81f3-e45c8fbb957a
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
content-length
469
expires
Thu, 14 Apr 2022 00:35:45 GMT
th
www.bing.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c52a88296d55451518893916f4116a92&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc4ddcccfb5d9717516c4827c0f202bfac14e18d92b4504928dbc22deef57e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D1D7E6A3C69E427EAEDF6F9ED6EA38FA Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
26482
AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		602 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 13:39:08 GMT
x-datacenter
westus
x-source-length
3337
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=69389
x-activityid
aa52a607-af74-4fa4-a300-16450c386569
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length
602
expires
Wed, 13 Apr 2022 13:39:28 GMT
th
www.bing.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.2b42ce13d4934004f933022a39c5f63d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1613d677e53f717118190d4983c6ecfc2f25696435d0d6ce6811e6b47627643c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6CD0E9F32B674811A1A51C1BC42E1BDA Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
23952
th
www.bing.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.117649a7e863819a19cc46632b686786&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 74599C64B4954C978A0D10CF5454277B Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16809
AA9tqjr
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA9tqjr
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
1664
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
aab33792-4ea3-44d4-a1fd-878ba0d366e7
last-modified
Sun, 10 Apr 2022 20:33:28 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
725
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267048
timing-allow-origin
*
expires
Fri, 15 Apr 2022 20:33:47 GMT
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7e840e4795f81ec96ae0939a01b68594&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6838a24ee1be5a9cb9a9c9a421ff1e0a6965067326e45cf1cacf0778069aaba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A807F3868FCD4B198C36F60D3EC2CBD8 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25412
BBqlEdK
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		594 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 12:26:47 GMT
x-datacenter
eastap
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=65055
x-activityid
1c93fa2f-4f02-46f9-8ca0-151f91d5cb83
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBqlEdK?w=16&h=16&q=100&m=6&f=png&u=t
content-length
594
expires
Wed, 13 Apr 2022 12:27:14 GMT
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.df5392243c90622a1fcb6bc110e41256&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e89f1284e7890f38b73947d7a2df5e325fd490850928152d863671a357fe1d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4576549D3E9048208EA379C8302D80DD Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25378
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.ca58ec9a5ba0ade70fb13f3c0f0f279c&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BDAADF72D97B47AF9D11EE0F6E9B5E31 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17086
BBph6Sm
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		671 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBph6Sm
date
Tue, 12 Apr 2022 18:22:59 GMT
x-source-length
19025
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
2a5860e1-8073-463b-a48f-6e195ba91250
last-modified
Sun, 10 Apr 2022 07:36:34 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
671
x-resizerversion
1.0
x-datacenter
northeu
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=220387
timing-allow-origin
*
expires
Fri, 15 Apr 2022 07:36:06 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7c4123719ef20e3102a4b743ac74d136&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a2340b57fdd291118580f3525015bfaeaae7be8775675bf7847925a3b44cb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EF49FE4BFD754ABCBBB22CCD39534072 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17223
AATG1Wy
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		496 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATG1Wy?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a43832c3694bf725f05896990421fe7d596e10538731a539112c174016a206b7
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Fri, 08 Apr 2022 12:24:20 GMT
x-datacenter
westus
x-source-length
1808
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=64826
x-activityid
ff5df960-d27f-48c0-bf2f-8d874d467a11
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AATG1Wy?w=16&h=16&q=100&m=6&f=png&u=t
content-length
496
expires
Wed, 13 Apr 2022 12:23:25 GMT
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.43bae281d8dc1d0067ee09b83ee378b8&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a47f2d6080a0aaf2ea65faf66bd0d78e5c79d3b78e6cad3625b2e71373bf5de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A3057991310D4C9BAFB51981391A2848 Ref B: FRAEDGE1506 Ref C: 2022-04-12T18:22:59Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20378
BBERG9W
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:22:59 GMT
last-modified
Sat, 09 Apr 2022 17:46:04 GMT
x-datacenter
westus
x-source-length
1622
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=170633
x-activityid
308f1e93-df58-40ac-93e9-f8342fe65af6
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
content-length
828
expires
Thu, 14 Apr 2022 17:46:52 GMT
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__badf501dab1c2e3fae8b5d500628f596__%7E%7EV1%7E%7E370277234479669885%7E%7Et9c0BWNrbrHnnwpvXXAilc0LjRZ2kJz-ilZGpRL74bjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RI0Z105TotBgOdpwml9KhgFl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekzbCw9PAJdv-eMOjM9QKM2gc69kZ52-VwDAR5sRlr5QzAlq5nHcJGcliCEnYlzTQitW0XVsBfiy9I6vcbRINv9g__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44888dbc834fb18e3bdd3d873b81bc16407059d88c990b89c476b392dec48a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
626659
edge-cache-tag
549217223171186335615949030763468643845,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
549217223171186335615949030763468643845,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
155
expiration
expiry-date="Thu, 05 May 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__badf501dab1c2e3fae8b5d500628f596__%7E%7EV1%7E%7E370277234479669885%7E%7Et9c0BWNrbrHnnwpvXXAilc0LjRZ2kJz-ilZGpRL74bjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RI0Z105TotBgOdpwml9KhgFl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekzbCw9PAJdv-eMOjM9QKM2gc69kZ52-VwDAR5sRlr5QzAlq5nHcJGcliCEnYlzTQitW0XVsBfiy9I6vcbRINv9g__text%22%7D
content-length
8030
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 04 Apr 2022 23:41:12 GMT
server
nginx
x-timer
S1649787780.750312,VS0,VE1
etag
"6035baaa4c0f8b5d5a08910170b43d96"
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kiad7000171-IAD, cache-sna10720-LGB, cache-iad-kcgs7200154-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__70510cb38e2865ad6c9a26245d5eb18a__%7E%7EV1%7E%7E-4470016362437527751%7E%7Es7ChmFVy0NB-lV3vUl_2ateUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4Fo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtSrp93iWgeM96ZMUSD8qDaU-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f31fa627ed978a0d4b90ad8d1daeae39c61a3122abb1dd3b8511c406dca2ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
536667
edge-cache-tag
463544588347677371146472120032560612431,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
463544588347677371146472120032560612431,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
720
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__70510cb38e2865ad6c9a26245d5eb18a__%7E%7EV1%7E%7E-4470016362437527751%7E%7Es7ChmFVy0NB-lV3vUl_2ateUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4Fo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtSrp93iWgeM96ZMUSD8qDaU-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
11122
x-request-id
65e9bbe7e99aa921aca894d326af9869
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 05 Apr 2022 16:19:36 GMT
server
nginx
x-timer
S1649787780.750852,VS0,VE1
etag
"b89e28e240c4ca98f58ee61800701ae2"
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kcgs7200101-IAD, cache-sna10732-LGB, cache-iad-kcgs7200072-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__e61c866fa73e06b57c2c0ce3c34d10ab__%7E%7EV1%7E%7E-5964095311520834669%7E%7EQaK2ZPGVq6FEleSXUFEzbxC0tG1ess06wQFrmE8tSOcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AykHRTyK2pr4K2W-lE2j7M7Vo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtVH57BQYqAq9JSPNgxSiS_ef0ur7ggkV1z23pYTO0ifB1AEATMf8WjJ0RKA51GfCy2EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b768a9f1e6f874bf5b5499d6df0af06c137507a2e56c2e19f98a365b3131e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
1158002
edge-cache-tag
537555113518884005202560548345921778966,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
cache-tag
537555113518884005202560548345921778966,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
439
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__e61c866fa73e06b57c2c0ce3c34d10ab__%7E%7EV1%7E%7E-5964095311520834669%7E%7EQaK2ZPGVq6FEleSXUFEzbxC0tG1ess06wQFrmE8tSOcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AykHRTyK2pr4K2W-lE2j7M7Vo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtVH57BQYqAq9JSPNgxSiS_ef0ur7ggkV1z23pYTO0ifB1AEATMf8WjJ0RKA51GfCy2EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
12344
x-request-id
7cd7a72c79bd99a837ed7381204f26f2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sat, 12 Mar 2022 20:01:59 GMT
server
nginx
x-timer
S1649787780.751008,VS0,VE1
etag
"f31deba66b23645dad4571f8f610af42"
x-served-by
cache-iad-kjyo7100086-IAD, cache-iad-kiad7000032-IAD, cache-chi-kigq8000076-CHI, cache-iad-kiad7000050-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__98d01c3c654736b346c1b560add868be__%7E%7EV1%7E%7E3815473515362940484%7E%7EKc8YKf6ePIU4wVsow4WHESYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLKsHLEGKR6GRak5z5-eBR26fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRNPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb7d8204a2270f1bcb4e044c66e7e24ea3467aa1cde4867f166088039de2860f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
2202182
edge-cache-tag
593609274701617947802974067981124824750,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
593609274701617947802974067981124824750,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
342
expiration
expiry-date="Wed, 13 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__98d01c3c654736b346c1b560add868be__%7E%7EV1%7E%7E3815473515362940484%7E%7EKc8YKf6ePIU4wVsow4WHESYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLKsHLEGKR6GRak5z5-eBR26fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRNPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text%22%7D
content-length
28246
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 13 Mar 2022 03:57:21 GMT
server
nginx
x-timer
S1649787780.764980,VS0,VE1
etag
"4902761eb734846689494918febcfc6d"
x-served-by
cache-bwi5025-BWI, cache-iad-kiad7000090-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		7 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__991cfb092bb5067308e2e4f61a8c5a54__%7E%7EV1%7E%7E-5559282149013872781%7E%7ET7mjLZ1ZwX71afr0hC2kVI6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AytP8lADP-K2hIDjhG5Lw6Bpo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtZPUJ6VktaYcl4rNkqXMEhC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb78650b186d628076b44f193b4b06cac27c7a9c1b5a90b5119bc22522d2ed83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
2195970
edge-cache-tag
329312075848367585652047967524986569467,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
329312075848367585652047967524986569467,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__991cfb092bb5067308e2e4f61a8c5a54__%7E%7EV1%7E%7E-5559282149013872781%7E%7ET7mjLZ1ZwX71afr0hC2kVI6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AytP8lADP-K2hIDjhG5Lw6Bpo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtZPUJ6VktaYcl4rNkqXMEhC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
7374
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 11 Mar 2022 10:17:46 GMT
server
nginx
x-timer
S1649787780.765077,VS0,VE1
etag
"723786994e753cd50dc3080c85f13f6b"
x-served-by
cache-wdc5532-WDC, cache-iad-kjyo7100035-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7f9e14ac926ba616acf278a0934ec88e.png
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		13 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7f9e14ac926ba616acf278a0934ec88e.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__16482d6266b0c9e882ffae835780220f__%7E%7EV1%7E%7E507991649930334494%7E%7E-DghgIrB7VeCpBL_KBE94Uxe0gcEDJFpuUCwUPMrDjPTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJO5i1do0mpwGHeasqPYes6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjR-7yTfXisrpjSywBWPhELf7OkjDiWfAgTVxYwQzjKqxBJ3Vjc3de0zIhoJSH_1k7BRMiMsWt_J59zH-ihmwYd_g__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2a85d058e5ad9855edda1554724f04893c0b28771842bc870f8d0a39a665ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
719468
edge-cache-tag
396232532440726768472493371277752777877,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
396232532440726768472493371277752777877,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
911
x-cache
MISS, MISS, MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7f9e14ac926ba616acf278a0934ec88e.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__16482d6266b0c9e882ffae835780220f__%7E%7EV1%7E%7E507991649930334494%7E%7E-DghgIrB7VeCpBL_KBE94Uxe0gcEDJFpuUCwUPMrDjPTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJO5i1do0mpwGHeasqPYes6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjR-7yTfXisrpjSywBWPhELf7OkjDiWfAgTVxYwQzjKqxBJ3Vjc3de0zIhoJSH_1k7BRMiMsWt_J59zH-ihmwYd_g__text%22%7D
content-length
13656
x-request-id
330a0f7515b9a6bdbbe942b702c75f18
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 04 Apr 2022 09:10:32 GMT
server
nginx
x-timer
S1649787780.765498,VS0,VE1
etag
"a07ce358a3031a1989af214807a44a0a"
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kiad7000098-IAD, cache-chi-kigq8000062-CHI, cache-iad-kiad7000024-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa1750a07071e997867b56f7bed47d4f1.png
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa1750a07071e997867b56f7bed47d4f1.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__bce6cd9dadcef5151f98217fd5c1c469__%7E%7EV1%7E%7E4194953484628678655%7E%7EKGr7ytkApXRLI1dMGwx7pm0-6f_1W6j-NBzsaj96ldMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AylpSKsmMBtMvMKyugDldOPFo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtWEBAs25hF_0Kp0YASBIdS-0_yhhXQ9XrZ-IQncaS92U2bMvzz5UiRpyVvjUMeS0DmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eda7984db34f7aada4ea502f1156a23d7c317879749997043ebe401f379a2f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
3502929
edge-cache-tag
564060396422280727090171892584359238998,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
564060396422280727090171892584359238998,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
90
expiration
expiry-date="Wed, 09 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa1750a07071e997867b56f7bed47d4f1.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__bce6cd9dadcef5151f98217fd5c1c469__%7E%7EV1%7E%7E4194953484628678655%7E%7EKGr7ytkApXRLI1dMGwx7pm0-6f_1W6j-NBzsaj96ldMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AylpSKsmMBtMvMKyugDldOPFo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtWEBAs25hF_0Kp0YASBIdS-0_yhhXQ9XrZ-IQncaS92U2bMvzz5UiRpyVvjUMeS0DmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
12288
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sun, 06 Feb 2022 14:23:50 GMT
server
nginx
x-timer
S1649787780.765269,VS0,VE0
etag
"3d5baf2de1f591c05b93f0b8113d7b96"
x-served-by
cache-bwi5071-BWI, cache-iad-kcgs7200131-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 9
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		15 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__24e89eefd1353a0d6ea11b803947ed7b__%7E%7EV1%7E%7E651514380748400041%7E%7E0TsVy_53n5N-ozReIkAL7oOtzQ2_ieLSL5eoEMigNdQndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AypCfbD-1-iPeOijqwXQDouVo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtQYoyxOrZNVrB-qc8mByMhhOPwidWhWTSePnJ1DBXyxawo7AKb0da4crad9nMoBaQ46zhr_uog6GC70OqLAd6RE__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1471643844af10bdfa9a90620fd5dd7252d0fe1189ca93f40b25d34a98160ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:22:59 GMT
via
1.1 varnish, 1.1 varnish
age
1916628
edge-cache-tag
519801902430894943529349221285060105238,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
519801902430894943529349221285060105238,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
92
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_a36a71c265cad2b16701a48ee182058b_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__24e89eefd1353a0d6ea11b803947ed7b__%7E%7EV1%7E%7E651514380748400041%7E%7E0TsVy_53n5N-ozReIkAL7oOtzQ2_ieLSL5eoEMigNdQndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AypCfbD-1-iPeOijqwXQDouVo3FTpDbOTrlbn432Ypil57eQUCNXICk5goQ_FHamUtQYoyxOrZNVrB-qc8mByMhhOPwidWhWTSePnJ1DBXyxawo7AKb0da4crad9nMoBaQ46zhr_uog6GC70OqLAd6RE__text%22%7D
content-length
15452
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 11 Mar 2022 07:51:46 GMT
server
nginx
x-timer
S1649787780.766403,VS0,VE1
etag
"49aac5ba41fd2ae40312f969d0c6b63e"
x-served-by
cache-iad-kjyo7100075-IAD, cache-iad-kcgs7200153-IAD, cache-sna10750-LGB, cache-iad-kiad7000027-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
/
assets.msn.com/service/community/urls/ 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/?cmsid=AAW8X3I&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72f8b953f6f6388e49730d2367b920f1bf6380a5d1b0781ed228202aceb2f54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,esportshb-ads-c,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-sageswgc1,prg-1sw-ugrth2,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,prg-spr-tc-hist1,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,prg-ads-personal,btie-aiuxv2,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski2,prg-1sw-newsskipc,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-spr-catslot9,prg-spr-sbprnk2,prg-1sw-fdcttlw,prg-psovhigh6,prg-1sw-lsrnkc,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
ddd-storeentrytimeutc
4/12/2022 6:22:59 PM
x-msedge-ref
Ref A: 3CF8E003D4A5492E8DC18A5D936669F5 Ref B: MIL30EDGE0118 Ref C: 2022-04-12T18:22:59Z
ddd-strategyexecutionlatency
00:00:00.0017415
server-timing
19
ddd-servername
A9CBCC8093AD
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=60
x-msedge-responseinfo
1
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
1
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:22:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
1340
akamai-server-ip
104.104.52.7
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt11=muidflt11cf,muidflt13=muidflt13cf,muidflt19=muidflt19cf,mmxios1=mmxios1cf,moneyedge2=moneyedge2cf,starthp2=starthp2cf,moneyhp1=moneyhp1cf,bingcollabhp2=bingcollabhp2cf,pnehz3=pnehz3cf,artgly1=artgly1cf,article4=article4cf,anaheim1=anaheim1cf,msnapp5=msnapp5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr1=esportshb-ads-c,anaheimmuidr5=prg-ndauthrf2,shophp1=shophp1cf,sagenltopic=prg-1sw-sageswgc1,sagenl2=prg-1sw-ugrth2,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-prsdfuz,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,wfeedsmuidshop3=prg-spr-tc-hist1,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphnmsncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather8=weather8cf,msnapp10=msnapp10cf,anaheimmuidads1=prg-ads-personal,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski2,3fl0=prg-1sw-newsskipc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot9,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo1=prg-1sw-fdcttlw,wfeedsmuidwpo2=prg-psovhigh6,wfeedsmuidwpo5=prg-1sw-lsrnkc,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-wpo-pnpc,3mbu=prg-1sw-accu10c,prong2wpo2=prg-1sw-pr2fuzal,3mi0=prg-1sw-hdukr,3miu=prg-apilog,3nf7=prg-sh-cadp2,3nhv=prg-upsaip-w1-t,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-xapc,3p16=prg-1sw-psfy21,3p3d=prg-1sw-rih-revamp1,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlt,3pjv=prg-serv-beacct,3poj=prg-1sw-multif2,3pwy=2e5cb361
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
aefb0f38-e49b-4e5f-883d-c28fee3de91d
ddd-storeexecutionlatency
00:00:00.0017143
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
2b1d69e2
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 9DD4 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122180
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
X/uWeOvzu7iDWXUdDpq5O0wG+B8BXRI+Lx2vn3Q7bKZEiwOwRpklcL4V1L5d6HdHlAHHD32T46w=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
T22J1NETT50WC8MV
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
adServe.do
web.ssp.yahoo.com/admax/ Frame 9DD4 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7be125dccc06cf72d47ff189f1b29b6473a9b2119318a2f72a525d4a75ef8633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
server
ATS/9.1.0.33
age
1
content-type
application/x-javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length
8747
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779659%7C0%7C170%7CAdId=11043949;BnId=4;ct=646892902;st=4335;adcid=1;itime=787779970;reqtype=5;guid=5m2o9kdh5bgs2&b=3&s=71;;impref=1649787779285054;imprefseq=5407178313275...
26.at.atwola.com/ Frame 9DD4 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779659%7C0%7C170%7CAdId=11043949;BnId=4;ct=646892902;st=4335;adcid=1;itime=787779970;reqtype=5;guid=5m2o9kdh5bgs2&b=3&s=71;;impref=1649787779285054;imprefseq=54071783132759216;imprefts=1649787779;adclntid=1002;pvid=dcbe52b96;kvgrp=dcbe52b96;kvmsft_asid=1649787779253%7C950787257491017000;kvpg=www.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-aaw83wp;kvmn=newusen11;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=d20768c48fb94922929cebcfc2cf129c;kvmsft_muid=29023373D5846CCD10B122F7D4B36DD0;kvmsft_ext_inv_cd=us;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F62eb27b2a6b62f71d28dbf432da341f6.jpeg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame B619 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F62eb27b2a6b62f71d28dbf432da341f6.jpeg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E-7024125400786611621%7E%7EvEpCjHx78eVH_uypuOQDZmbc-hXBLfLnCKvee_DwU2zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQZ4a6mmx10IQsd2kfeJTLN3WfGxmbeJhJlm5_iMRJ6h-s00V_9X1VrZR5fqOIfClGPp7kfo4pMCFKv1X7Xpiw1-I-xvIVkJuCCT790v-ag6qc4KUbQ4JxHDW3P1oTkXoSbR6GmD5dMf64K2ggCA4suHffknJSmgNBa64uLX4M24KNwoMNUAFOtmFZF85v4yMkQ__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b444bdf3fe9ed89238d011a7b7d1dc2753b3273abdb9522c5c6128b1801d287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:00 GMT
via
1.1 varnish, 1.1 varnish
age
472276
edge-cache-tag
585106981026255565993155159562296121096,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
cache-tag
585106981026255565993155159562296121096,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
377
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F62eb27b2a6b62f71d28dbf432da341f6.jpeg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E-7024125400786611621%7E%7EvEpCjHx78eVH_uypuOQDZmbc-hXBLfLnCKvee_DwU2zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQZ4a6mmx10IQsd2kfeJTLN3WfGxmbeJhJlm5_iMRJ6h-s00V_9X1VrZR5fqOIfClGPp7kfo4pMCFKv1X7Xpiw1-I-xvIVkJuCCT790v-ag6qc4KUbQ4JxHDW3P1oTkXoSbR6GmD5dMf64K2ggCA4suHffknJSmgNBa64uLX4M24KNwoMNUAFOtmFZF85v4yMkQ__text%22%7D
content-length
5662
x-request-id
08c0e8a22050b5fcff9ee803e9f2ef1f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 06 Apr 2022 08:02:05 GMT
server
nginx
x-timer
S1649787780.155354,VS0,VE1
etag
"ae8e1aff2f22a842cd691e23c7cff6c5"
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kcgs7200150-IAD, cache-bur-kbur8200069-BUR, cache-iad-kcgs7200035-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F812da02ccdcd70b14b1b01f3572ec43c.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame B619 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F812da02ccdcd70b14b1b01f3572ec43c.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E5539128566088155283%7E%7Eo0555GlSlIQjhnUMTFSozVTpZJCNCcH83d0RWDIWQqjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mZZUlrcKcnetiAobAqBn2FUllC15YHnNnYgcczjg7t4vWNwQeqPae_UayX-AysnI5OpHO0hwg_yUSv-uTK8dMie__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
74b17f4d935d8f9efb25c739fb046995d71e7ee520b019d0ba0e7ff5d9099f84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:00 GMT
via
1.1 varnish, 1.1 varnish
age
1662480
edge-cache-tag
405887934203794570067508620249451501768,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
cache-tag
405887934203794570067508620249451501768,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
105
expiration
expiry-date="Fri, 15 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F812da02ccdcd70b14b1b01f3572ec43c.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E5539128566088155283%7E%7Eo0555GlSlIQjhnUMTFSozVTpZJCNCcH83d0RWDIWQqjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mZZUlrcKcnetiAobAqBn2FUllC15YHnNnYgcczjg7t4vWNwQeqPae_UayX-AysnI5OpHO0hwg_yUSv-uTK8dMie__text%22%7D
content-length
3494
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 15 Mar 2022 01:06:59 GMT
server
nginx
x-timer
S1649787780.155701,VS0,VE1
etag
"970ec0b09ad9d8fb297bc080176f9847"
x-served-by
cache-iad-kcgs7200067-IAD, cache-iad-kcgs7200049-IAD, cache-chi-kigq8000143-CHI, cache-iad-kjyo7100037-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ Frame B619 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E-7024125400786611621%7E%7EvEpCjHx78eVH_uypuOQDZmbc-hXBLfLnCKvee_DwU2zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQZ4a6mmx10IQsd2kfeJTLN3WfGxmbeJhJlm5_iMRJ6h-s00V_9X1VrZR5fqOIfClGPp7kfo4pMCFKv1X7Xpiw1-I-xvIVkJuCCT790v-ag6qc4KUbQ4JxHDW3P1oTkXoSbR6GmD5dMf64K2ggCA4suHffknJSmgNBa64uLX4M24KNwoMNUAFOtmFZF85v4yMkQ%2C%7E%7EV1%7E%7E5539128566088155283%7E%7Eo0555GlSlIQjhnUMTFSozVTpZJCNCcH83d0RWDIWQqjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mZZUlrcKcnetiAobAqBn2FUllC15YHnNnYgcczjg7t4vWNwQeqPae_UayX-AysnI5OpHO0hwg_yUSv-uTK8dMie__text%2Ctext&response.session=v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.156065,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ Frame B619 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=931722b3-4c6e-40de-85e3-4c3b0a8420db&ii=1&c=13141676705065109554;12354234668394607274
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 46124E1C757B49BD93BBC01D1D79761F Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-visible
am-api.taboola.com/2.0/json/msn-msn/ Frame B619 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__def59a1c88beeaa9a46e1457bd72ded1__%7E%7EV1%7E%7E-7024125400786611621%7E%7EvEpCjHx78eVH_uypuOQDZmbc-hXBLfLnCKvee_DwU2zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQZ4a6mmx10IQsd2kfeJTLN3WfGxmbeJhJlm5_iMRJ6h-s00V_9X1VrZR5fqOIfClGPp7kfo4pMCFKv1X7Xpiw1-I-xvIVkJuCCT790v-ag6qc4KUbQ4JxHDW3P1oTkXoSbR6GmD5dMf64K2ggCA4suHffknJSmgNBa64uLX4M24KNwoMNUAFOtmFZF85v4yMkQ%2C%7E%7EV1%7E%7E5539128566088155283%7E%7Eo0555GlSlIQjhnUMTFSozVTpZJCNCcH83d0RWDIWQqjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-6fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mZZUlrcKcnetiAobAqBn2FUllC15YHnNnYgcczjg7t4vWNwQeqPae_UayX-AysnI5OpHO0hwg_yUSv-uTK8dMie__text%2Ctext&response.session=v2_febb7a49d78f259bd6b0dc0c6fe10a51_29023373D5846CCD10B122F7D4B36DD0_1649787779_1649787779_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&ppb=CK0D&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787780.156211,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
viewed
srtb.msn.com/notify/ Frame B619 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/viewed?rid=d20768c48fb94922929cebcfc2cf129c&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=931722b3-4c6e-40de-85e3-4c3b0a8420db&ii=1&c=13141676705065109554;12354234668394607274
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:22:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43C87F7B3BA54B46A9BD5B787462F766 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
adfetch
googleads.g.doubleclick.net/pagead/ Frame 1F89 		103 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e149851333d4b2b6555215ea31f65e7cabe0a55a2795c4d6346deab0c70ca719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
36062
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Apr 2022 18:23:00 GMT
expires
Tue, 12 Apr 2022 18:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 9DD4 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 17:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3499
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4875
x-xss-protection
0
server
cafe
etag
7698967424627035244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 18:24:41 GMT
adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame 9DD4 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=980316&grp=%3F%3F%3F&nl=1649787780194&rts=1649787779892&pix=1&et=1&a=87032bebb4e840738764e9187a6c485d&m=aXAtMTAtMjItMTIxLTIyMA..&p=MC4wMDA1NzgzMzk&b=MTE3Mjc7MjtiZXN0ZXJhbnRpdmlydXNwcm9ncmFtbS5jb207Ozs7YWVhOWM5NDVhMDE1NDJkN2E4YzQ3MGFjNDRmM2U1Zjk7MjkzODgzNjY7MTY0OTc4NDY1MDs7MC4wMDA1NzgzMzk7OzA7OzM3OTY1OTgzNzI3MDsxYzFlYTRkZTMxYTFiMzA3ZWUxNTE4ZTNhYjQzZTYyNzE5MTQ0MDE0OzE.&uid=y-_LlKzmpE2uq4UIIq_9aBuCmfBIxS%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=6&dety=2
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.133.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-133-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:00 GMT
last-modified
Tue, 12 Apr 2022 15:05:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DD4 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-C_XRfg1pt-XZYyGU7IdkufNTFN3ldQh-Im5TVnY82_c0uDuKTD-aLaMSIV__6DZrvU_xNNkSOUoTAvCN-uTYdXtqd1dw&pr=2:0.578339
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 9DD4 		19 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58294,55953,58292,58160,55829,55859,57926,55965,55939,56554,58267&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:00 GMT
cache-control
no-cache
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 9DD4 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D29023373D5846CCD10B122F7D4B36DD0!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Dd20768c48fb94922929cebcfc2cf129c!msft_year%3D!msft_asid%3D1649787779253|950787257491017000!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 16:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7256
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
16540
x-amz-id-2
RPIj17wRsAx3T/R6ho2Vx2xH+gmAttW3NLIewpOHYPsGR4lX6TTJnXoU3Im6whfiTmSG6RxB/80=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
QVNHFKCNH2DP6G6V
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
5baa728a4cf4b2cbcc891e962e37f4f2.js
www.gstatic.com/mysidia/ Frame 1F89 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5baa728a4cf4b2cbcc891e962e37f4f2.js?tag=client_fast_engine
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 10:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5507
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 23:59:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Jul 2022 10:18:05 GMT
551a410f22968205b8739ba20bcf63c7.js
www.gstatic.com/mysidia/ Frame 1F89 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/551a410f22968205b8739ba20bcf63c7.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 10:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4552
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 03:53:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Jul 2022 10:18:05 GMT
css
fonts.googleapis.com/ Frame 1F89 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 18:14:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Apr 2022 18:23:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Apr 2022 18:23:00 GMT
load_preloaded_resource.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 1F89 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1201
x-xss-protection
0
server
cafe
etag
17441257144546641969
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 18:09:54 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 1F89 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9790
x-xss-protection
0
server
cafe
etag
8169034061967891973
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 18:11:32 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 1F89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
server
cafe
etag
15450667304708860052
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 18:17:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F89 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Apr 2022 18:23:00 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 1F89 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7667
x-xss-protection
0
server
cafe
etag
7504708142712926003
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 18:21:22 GMT
l
www.google.com/ads/measurement/ Frame 1F89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYjOkBqn6Apv4qDNMNguMQs2023yUuhaL_93syCcEHw6LvZ2A_DLMVdvfO0i8gZH8Mwk14NuE512g_5XIrlDzwzBN_-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
387e3e2078b688a73d34c2ce2c981e9e.js
www.gstatic.com/mysidia/ Frame 1F89 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/387e3e2078b688a73d34c2ce2c981e9e.js?tag=mysidia_one_click_handler_one_afma
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
594befbd8e54b702cc00938e8066561b1487f44bd97fad602d4c699b5a8eb77d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 10:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14777
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 23:59:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Jul 2022 10:18:05 GMT
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787780351&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
16b8a0b01404f77be35f52b11950f7e94a14d75c82406ca9b595396c8ca04d8e

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:00 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
6
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
adview
googleads.g.doubleclick.net/pagead/ Frame 1F89 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CfswGhMNVYrJ4pPmewQ-cuJ2ADa7N-PNc0ZXejeMJwOO_m8IWEAEg2MyLJWCVipaCqAegAbegzbsDyAEBqAMByAPDBKoEuAJP0Ci_j2zl2sLjW6bXEmJqYRzWpQ39pdC0Sc1WkiXXe3IPILTI1iILsNITqOPQgonf81SGwVYrnMiZ3EcPi7xo55F6fXKlb_7VORuVTAqr928ZZULs4BABmKAw7-2f-X8HacJ1izMHHCUBM8vP3fWzOxQel-91V65Vbkgx_YyN6TCwcgZLnA7-MLFpcaQhyaLFOs_VFmkWYg8-H3r9Z1ChElJ5e0pGDAKWGqcP4_TarFxR9W-HnxYeQOLcqXDGfYhDHHQbtfjnU_oXPOd3QxEl4GGKxRDfXx8mB3faqUItwmcQ8HRBxD3KEYx9sz-oiSKkDAvjB1BwCCIOLwauJhm7BhsdAK7jLq5QSr-4iipMGmp9-srq-jMHhCK_zElKJqigfpXV43Vv-t_BELkGstD43uh7iUgGi9fABOW7hpOzAZIFBAgEGAGSBQQIBRgEoAZRgAex37JEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGADyCA1iaWRkZXItMjMyMjEygAoEyAsB2BMMiBQD0BUBmBYBgBcBshcICgYIABIAGAA&sigh=nXCZERbVKOA&uach_m=[UACH]&pr=2:0.578339&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 12 Apr 2022 18:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame FFF9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
885
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 18:08:15 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:22:59 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 4CE9142AC7684249A29DCFCB94617425 Ref B: VIEEDGE3117 Ref C: 2022-04-12T18:23:00Z
AAPInH8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPInH8.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:00 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
1233469
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429501
x-activityid
6382dcd0-8e9f-46c9-9c08-960ffd097f6b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPInH8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1428
expires
Sun, 17 Apr 2022 17:41:21 GMT
AAW8uPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8uPB.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:00 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
366505
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429400
x-activityid
cfe0e549-0c16-49c5-911a-86dcb1e8093c
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8uPB?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
1331
expires
Sun, 17 Apr 2022 17:39:40 GMT
AAREQl4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREQl4.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:00 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
eastus
x-source-length
1860193
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429418
x-activityid
31343f23-a69a-4f81-9757-9e2f7aaad0fa
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAREQl4?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1027
expires
Sun, 17 Apr 2022 17:39:58 GMT
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:00 GMT
last-modified
Sun, 03 Apr 2022 16:09:08 GMT
x-datacenter
westus
x-source-length
16004
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425734
x-activityid
bed87234-bc41-434c-88ff-33af3abaf0eb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length
1264
expires
Sun, 17 Apr 2022 16:38:34 GMT
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.11 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
97c3408e-ec14-4783-a659-8ecfac22ecbc
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:2
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
23
ms-cv
NOj+SNnbBEGvy4+tyAQKQQ.0
content-length
4138
x-trace-context
{"ActivityId":"97c3408e-ec14-4783-a659-8ecfac22ecbc"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:23:00 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
0
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
104.104.52.7
akamai-request-id
2b1d6e54
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:38:00 GMT
auction
srtb.msn.com/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
53d2c60a64ac531842a498a893bdbbee6d21084c8bfb76cad15b2da1b12a5350
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
29023373D5846CCD10B122F7D4B36DD0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt11cf,muidflt13cf,muidflt19cf,mmxios1cf,moneyedge2cf,starthp2cf,moneyhp1cf,bingcollabhp2cf,pnehz3cf,artgly1cf,article4cf,onetrustpoplive,anaheim1cf,msnapp5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp1cf,prg-1sw-ugrth2,prg-rsum-t2,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-prsdfuz,prg-1sw-gevte,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphnmsncf,prg-hprewflyout-t,prg-wf-sky-re,weather8cf,msnapp10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskipc,1s-fcrypt,prg-psovhigh6,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-wpo-pnpc,prg-1sw-accu10c,prg-1sw-pr2fuzal,prg-1sw-pr2sdfuz,prg-1sw-pr2sdfze,prg-1sw-rndw,prg-1sw-hdukr,prg-apilog,prg-sh-cadp2,prg-sh-synadpc,prg-upsaip-w1-t,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-xapc,prg-1sw-psfy21,prg-1sw-rih-revamp1,prg-wea-skipauth,prg-1sw-acrlt,prg-1sw-acmng,prg-serv-beacct,prg-1sw-multif2,2e5cb361
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECD52BA90EC2489EAC990CD411747CF2 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=411
timing-allow-origin
https://www.msn.com
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787780447&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2a8f051af9e85d6dd67c7294e90b392cb69b7027f7e9fe1cc5a89a96c5f82408

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:00 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
3
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
truncated
/ Frame 1F89 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f04d1883122f30e0307c1b52a42104e64c92e05352ddef9f4da158e647f5a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 1F89 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:46:42 GMT
x-content-type-options
nosniff
age
588978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:46:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FFF9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 18:23:00 GMT
expires
Tue, 12 Apr 2022 18:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Apr 2022 18:23:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
pagead2.googlesyndication.com/bg/ Frame ABD1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=572661517&adsafe=medium&client=ca-pub-2399441271239169&format=300x250_as&ip=217.64.151.10&output=html&unviewed_position_start=1&url=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&sub_client=bidder-232212&hl=de&aceid=MHYXtAD5VTQB5G40AYJwNAGycDQB-XA0AYVyNAHIcjQBqXM0ARF1NAEodTQBdXU0Acd1NAHXdTQB_XU0AVB2NAFfdjQBanY0AW52NAFvdjQBfHY0AX12NAGOdjQBkHY0AZ52NAGjdjQBtXY0AbZ2NAG7djQBvXY0Ach2NAHKdjQB0nY0AdZ2NAHYdjQB2XY0Ad12NAHgdjQB5HY0AQV3NAERdzQBH3c0ASB3NAFIc0EBYBxcAjweXAJn-YgCtvqIArI9qgInQqoCAUqqAiBaqgI7WqoCF2CqAs9hqgJIcqoC_XiqApx6qgI-f6oCeYWqAhiNqgKukaoCaJWqAkWWqgKAm6oCgZuqAoKbqgLjn6oCoqiqAi2sqgLkrKoCtrSqAgy9qgIgwqoCX8aqApfKqgKCy6oC-8uqAsvNqgLjz6oCFNGqAnDSqgJs2KoCkNmqAkrdqgJ54aoCyOKqAg_kqgKg5aoCOOmqAl3pqgIh7KoCveyqAtbsqgLV8KoC3_GqAlnyqgJ18qoCuvKqAuvyqgL78qoChfSqAqn0qgI39aoC3vWqAlv2qgJd9qoCkvaqAl74qgIm-6oCQvuqAuL7qgIG_KoCSf2qAkv9qgJd_aoC0_2qAgD-qgJg_qoCg_6qAoz-qgJc_6oCeP-qAu7_qgL_AKsCDgGrAkICqwJwAqsCvwKrAu0CqwKwA6sC1wSrAisFqwLNcroC9XQkBGKzxQUGcPYLL676D86hNRGiRuISCaj7EtSs-xK4x_sSWsr7EmDK-xLM0fsSLtj7En7Z-xK63PsSM-L7Es_n-xIJ6PsSk-r7Emvt-xK17vsSgu_7EiTw-xJ18fsSSvL7EgT0-xIq9fsSdvX7Ekv2-xJN9vsSl_b7EqX2-xIT9_sSK_f7Eov3-xJbn-oUsPUDFfhWaxpqy7Uu1s61LmGJ4VlGGwdq&awbid_c=AKAmf-Chuw6UPPr371nDad1Rkz_K7dJ57aufbNStUvNHytvSZcTTPrspS0ABAmITtP4TU377gUqm8LzyLrqiiGFRj1_aVcsZG6zkE3IRfrDLHwnVSZ81fiSgqt8Tl50Jk5zxFzRzWiMBIeEwX8b1_YflLhTuElLLTAhra1LIpN3CGj9Y3cGlvfo&awbid_d=AKAmf-D9F2WZcmTdaWUCq9PmGD22qtLptJBGY45Vz89wBpU1DjFH6v1AIb_2drrtrVCIjapcnPfx04AsitE1IHej-fIzMNcCHMu-lX7lqK8yxwDb-T5-yfuCuSL0cPscJMqC3DUYRNPafFlYXbO18TVnOc2HBMpRv2754lm9w88dwypQX_PdKHtUtZ7JF6GzzOnGcZoYvawv1JDpSJv775Ui2W1I2_S_Q3vKdRghz4gjoCdUsVVokC3ubhtbpKU9TMVZfma6aEJCnnUOkuuCcQ2J1zjHUAOQ1_pp3uls9T-6zDUdj9a-A4dwB7Oem97fwduJS79tyNSiiJVHDHGjSwV2hvihMM4e-bKCZQJXmlDn9rsBazXdpdybMFkBczqKJ1rtfMJf1DflVANtOL4YyB-Xl0YenhxKS08tUNfoHDtsO0DhYO5M25EPYKPVr5ukj93R9Khs1UYUD6gRpkylMfQ0qs_gPm0uWt3LBuXKOsduocddx5_BIM2nz_l594iCMsS2Zbkz1C1W4vU4AN9_UVRYAvCoPI3NyXJP4tkQcvBkaDrUrQAFG0ukrusaZXAj5wsBtbxW3fVmrT8msSswZXu4swEm2zmK3-cpY31YUoA5Evs_kIlnwU_B5EQGOMkr6U8t44CbWiY4P0Xp2TJXHTsOenbRPrAjzCBMyYPsG6g_JqjKIvfaYi5Di1QiXTMIz8IeDlsZPiVrqTi3OWKNAL8cLMdxB3TNx_lL1XfvOOfpDO4eTcg0KUA&cid=CAASBORocgM&exk=1458364772&rfl=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP&a_pr=2:0.578339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
23757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Apr 2023 11:47:03 GMT
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__be4d1e98384f4a31dc5a5596f4ee56d8__%7E%7EV1%7E%7E-3863926746644127058%7E%7EVoIQnvE6R-UiWjb1DG-AnpHILGTr4R5J4wu9YOATBIj6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdPlU4-jnpo0lIhsm8UaisRJvCMl6mVJHMznsD6m3tKRJID7DMBO_GnFTphSYHdHb8rK9g_AdWEN1CaR5bawwHsuar5IkGsYKx_AVVEvj2XMq9sKYGw-lprgpFx4uviE4Ci9oC2xI1PQigb2kjTNYM5zVpWUBRlVEIUSdtbmC7yPT-5CUznqrqc63TK1oqlsNFLixy1zAxwCYyYZgOIZ0b3S6rXzQfT0owwZYoOtr28H3__text&response.session=v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787781.002534,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=rightrail&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=5108dd98-a007-4a49-880d-789fbe8900c8&ii=1&c=11314876803912170796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A4BD4E4ADC55493A87C40C611D0E053E Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__54d01f23680690b9460a495a8965f64f__%7E%7EV1%7E%7E6232959854470507199%7E%7EpwK-CcAKc9WVulmWX8ICLkey-X8n50SACZRTMWCClnzTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RJgoj5GVqXiXYiuCWRM6SVpl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekVkIENVKeHgs5tQ2_IA3wSJaNdqZDMtk2YY5-jsTKsopgjuxhQ12xXY9Ns5JQmKXCI05cn-uRBvnEwvYJr44j_7qtfNB9PSjDBlig62vbwfc__text&response.session=v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787781.002648,VS0,VE11
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=rightrail&i=2&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=eba52c38-c68f-4c9d-b043-1561aaa18c0a&ii=1&c=9525377797904019174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 193D5E001D8644CFBEDAF9D8F7909703 Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__36581262f56595afb84d7ec0b9119a05__608551e675b7bdc7e8dee0f142dbdf04__%7E%7EV1%7E%7E-8038975765933680535%7E%7E1rymct0uwgzHdlHulXXql5bkJsgqhqzhuYtRha3belLTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJ8HKWiiV8xzV__Ysqk5p36fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRmZLsN8YEfG8u0wVyat5ra-PoQLIxVQ-Dl6u_gZvhfnFj_4cokANQTaztbgc2ASjb58hbh6da_GLGpwl7TPGk2Q__text&response.session=v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA&view.external-id=d20768c48fb94922929cebcfc2cf129c&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787781.002746,VS0,VE9
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=d20768c48fb94922929cebcfc2cf129c&r=rightrail&i=3&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=73fce293-9a77-4725-957e-1e0d3444ee88&ii=1&c=12706508992713375202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8EDA1DFEDFF94DF9AF54A5F8BAE396DE Ref B: VIEEDGE2206 Ref C: 2022-04-12T18:23:00Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1ba385a2fff2c8142a05829e0c5e7737.jpeg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1ba385a2fff2c8142a05829e0c5e7737.jpeg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__be4d1e98384f4a31dc5a5596f4ee56d8__%7E%7EV1%7E%7E-3863926746644127058%7E%7EVoIQnvE6R-UiWjb1DG-AnpHILGTr4R5J4wu9YOATBIj6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdPlU4-jnpo0lIhsm8UaisRJvCMl6mVJHMznsD6m3tKRJID7DMBO_GnFTphSYHdHb8rK9g_AdWEN1CaR5bawwHsuar5IkGsYKx_AVVEvj2XMq9sKYGw-lprgpFx4uviE4Ci9oC2xI1PQigb2kjTNYM5zVpWUBRlVEIUSdtbmC7yPT-5CUznqrqc63TK1oqlsNFLixy1zAxwCYyYZgOIZ0b3S6rXzQfT0owwZYoOtr28H3__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee863d8eb932f67231b95cac28fc87fc4ce00e1a57911336f1c10f5c748f45d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:01 GMT
via
1.1 varnish, 1.1 varnish
age
708922
edge-cache-tag
321660745202350662597735748024140168540,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
cache-tag
321660745202350662597735748024140168540,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
410
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1ba385a2fff2c8142a05829e0c5e7737.jpeg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__be4d1e98384f4a31dc5a5596f4ee56d8__%7E%7EV1%7E%7E-3863926746644127058%7E%7EVoIQnvE6R-UiWjb1DG-AnpHILGTr4R5J4wu9YOATBIj6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdPlU4-jnpo0lIhsm8UaisRJvCMl6mVJHMznsD6m3tKRJID7DMBO_GnFTphSYHdHb8rK9g_AdWEN1CaR5bawwHsuar5IkGsYKx_AVVEvj2XMq9sKYGw-lprgpFx4uviE4Ci9oC2xI1PQigb2kjTNYM5zVpWUBRlVEIUSdtbmC7yPT-5CUznqrqc63TK1oqlsNFLixy1zAxwCYyYZgOIZ0b3S6rXzQfT0owwZYoOtr28H3__text%22%7D
content-length
1678
x-request-id
af9b3d3ab4b7a5ae4c2abd59dd89a965
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 04 Apr 2022 08:04:58 GMT
server
nginx
x-timer
S1649787781.998955,VS0,VE1
etag
"13b68753b4ca8ab05167e6fc27410294"
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kcgs7200120-IAD, cache-chi-kigq8000082-CHI, cache-iad-kiad7000173-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5621182aa2da79674ae2e75f7fbbaceb.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5621182aa2da79674ae2e75f7fbbaceb.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__54d01f23680690b9460a495a8965f64f__%7E%7EV1%7E%7E6232959854470507199%7E%7EpwK-CcAKc9WVulmWX8ICLkey-X8n50SACZRTMWCClnzTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RJgoj5GVqXiXYiuCWRM6SVpl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekVkIENVKeHgs5tQ2_IA3wSJaNdqZDMtk2YY5-jsTKsopgjuxhQ12xXY9Ns5JQmKXCI05cn-uRBvnEwvYJr44j_7qtfNB9PSjDBlig62vbwfc__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb1eb77e34f4aeeca464250840b50048dacfff4a81086262cc2a76a6bb70ba4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 12 Apr 2022 18:23:00 GMT
via
1.1 varnish, 1.1 varnish
age
2198248
edge-cache-tag
450265650731705506805175281380931797211,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
cache-tag
450265650731705506805175281380931797211,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
120
expiration
expiry-date="Fri, 15 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5621182aa2da79674ae2e75f7fbbaceb.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__54d01f23680690b9460a495a8965f64f__%7E%7EV1%7E%7E6232959854470507199%7E%7EpwK-CcAKc9WVulmWX8ICLkey-X8n50SACZRTMWCClnzTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RJgoj5GVqXiXYiuCWRM6SVpl-LjFwSRJQN4ZQsVKnNOI_QKU88Wt8tg5jlzD0FbWlaMKp_HkoJ66u17TvO0QEekVkIENVKeHgs5tQ2_IA3wSJaNdqZDMtk2YY5-jsTKsopgjuxhQ12xXY9Ns5JQmKXCI05cn-uRBvnEwvYJr44j_7qtfNB9PSjDBlig62vbwfc__text%22%7D
content-length
2086
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 15 Mar 2022 17:00:20 GMT
server
nginx
x-timer
S1649787781.999095,VS0,VE0
etag
"ad20cff88e0c42282cce87e2b32ee985"
x-served-by
cache-bwi5066-BWI, cache-iad-kcgs7200080-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3ac06cae0dec1752de858573eb0b2a3b.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3ac06cae0dec1752de858573eb0b2a3b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__608551e675b7bdc7e8dee0f142dbdf04__%7E%7EV1%7E%7E-8038975765933680535%7E%7E1rymct0uwgzHdlHulXXql5bkJsgqhqzhuYtRha3belLTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJ8HKWiiV8xzV__Ysqk5p36fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRmZLsN8YEfG8u0wVyat5ra-PoQLIxVQ-Dl6u_gZvhfnFj_4cokANQTaztbgc2ASjb58hbh6da_GLGpwl7TPGk2Q__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b01a8d9681332f5011de00e713320ded2ece2c4ce17ea1a9f2910a44ad8f7e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:01 GMT
via
1.1 varnish, 1.1 varnish
age
615686
edge-cache-tag
583984589079146767606671031374665321368,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
cache-tag
583984589079146767606671031374665321368,477098584219752080998209984813943070029,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
341
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_56%2Cw_56%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3ac06cae0dec1752de858573eb0b2a3b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_114db763b69b7ab12b5aa26ff7551a2f_29023373D5846CCD10B122F7D4B36DD0_1649787780_1649787780_CNawjgYQrrs-GMTP8_PjwrnqoAEgASgFMDg4m-MJQI6KEEjxtdkDUKjsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__36581262f56595afb84d7ec0b9119a05__608551e675b7bdc7e8dee0f142dbdf04__%7E%7EV1%7E%7E-8038975765933680535%7E%7E1rymct0uwgzHdlHulXXql5bkJsgqhqzhuYtRha3belLTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJ8HKWiiV8xzV__Ysqk5p36fl12eOAPNx8c3l44v8mx1z1DkivkpIK5iYuLzOp4mbFEAx1WrM0UuUkMBVABGjRmZLsN8YEfG8u0wVyat5ra-PoQLIxVQ-Dl6u_gZvhfnFj_4cokANQTaztbgc2ASjb58hbh6da_GLGpwl7TPGk2Q__text%22%7D
content-length
1170
x-request-id
1e044f590aa7fa4163282dc831dc8739
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 31 Mar 2022 11:01:58 GMT
server
nginx
x-timer
S1649787781.999217,VS0,VE1
etag
"e98ee7be91e0ffc21337acab3d721368"
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200081-IAD, cache-chi-kigq8000103-CHI, cache-iad-kiad7000136-IAD, cache-hhn4047-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
AAMehvB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMehvB?w=624&h=350&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7c58cd7715468402d9e389e7f3c9d74dc2d6ccbac14021c060d7373590759c0f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:01 GMT
last-modified
Mon, 11 Apr 2022 10:48:37 GMT
x-datacenter
westus
x-source-length
108373
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=318318
x-activityid
f35a57e8-8fd8-4754-ae5c-ae304a65f61a
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAMehvB?w=624&h=350&q=60&m=6&f=jpg&u=t
content-length
45562
expires
Sat, 16 Apr 2022 10:48:19 GMT
domains
api.viglink.com/api/ 		42 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.200.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf9c1a2475fd696da09169c8902c7ea48dcf4601418dab845432e4012eadd1a6

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:00 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1002 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787781520&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
1884d75b7ad68068378c8fb14e6f6bb94ad106c03fe96ce4656de7a6c041506b

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:01 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
9
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F89 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviE2zhqXv-W6wKCx8A5CjjtnEpFYn0B7DnmEbmXyMBytgxxpA5iHE2aLLOZRGkk6UxHGTJAPNqsoOrnYtGw8zqgvEq0kwwPMCLgZuDbYc8zoJ4YSZzIQ&sig=Cg0ArKJSzOiZDwxExpKuEAE&cid=CAASF-RoYqxpVn4rK2tsdcChwGh4S47cJFa_&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=572661517&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649787780214&rpt=464&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BidRHanSer
15.taboola.com/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/BidRHanSer?oid=15&width=29&height=29&revmod=&encoded=1&urlonly=1&noimpr=true&pubid=168627&tagid=2809745&cb=36274644261&cirf=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz&cisrf=&pageType=text&pstn=Below%20Article%20River%20Video%20-%20Desktop%20-%20Webcomp&tagVer=30.2.21&pubnm=msn-edge-us_river
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/msn/msnTagScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f30c6f794b76a037efe7d8ddec7ce5cefa9fbfce8f960e46eeb74c97b06c0c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:03 GMT
content-encoding
gzip
server
nginx
x-timer
S1649787783.283744,VS0,VE177
machineid
1451
vary
Accept-Encoding
x-cache
MISS
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-hhn4061-HHN
UnitMSNWidgetDesktop.min.js
vidstat.taboola.com/lite-unit/3.7.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Requested by
Host: 15.taboola.com
URL: https://15.taboola.com/BidRHanSer?oid=15&width=29&height=29&revmod=&encoded=1&urlonly=1&noimpr=true&pubid=168627&tagid=2809745&cb=36274644261&cirf=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz&cisrf=&pageType=text&pstn=Below%20Article%20River%20Video%20-%20Desktop%20-%20Webcomp&tagVer=30.2.21&pubnm=msn-edge-us_river
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ecc7d63144f16c6e23494088f99a3123986562df3dc70164f8efbde9f278007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:03 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
496270
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29025
x-served-by
cache-hhn4061-HHN
last-modified
Wed, 06 Apr 2022 12:29:49 GMT
server
AmazonS3
x-timer
S1649787783.471432,VS0,VE0
etag
"a132222df9e264f0b11a27f8350b0bbf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
J_pySprzAoQTUeims8y_ialndbiYo21ujxfr0bYrGbpdRdrYkZuUiA==
x-cache-hits
1588
domains
api.viglink.com/api/ 		63 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.200.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-200-66.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
30c2b54d679ce17b75da6fb2757c07b98a492f3cfee42286c3236d74c5f70c57

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:02 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
63
Expires
Thu, 01 Jan 1970 00:00:00 GMT
st
imprammp.taboola.com/ Frame 87AF 		0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=6269495&dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&cmcv=&pix=undefined&cb=1649787783746&uv=3158&tms=1649787783746&abt=206725b_vA!adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vA!Noapp22_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm&ft=0&unm=MSN_WIDGET&aure=false&cirid=918D2C9C9F2523538691561992697&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Tue, 12 Apr 2022 18:23:03 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4061-HHN
x-timer
S1649787784.757141,VS0,VE37
sync
am-match.taboola.com/ Frame 1494 		0
57 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 12 Apr 2022 18:23:03 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=198827&tagid=1020237&crid=6269495&noaop=3&sortOrderType=0&cb=1649787783754&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1386&pt=1627490195&tz=0&viewable=true&ddast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2809745&dpubid=168627&abtst=206725b_vA!adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vA!Noapp22_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fwww.msn.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d087f693ecbabc5201427db992d9eb94abd0b8053c17b2f75de5f502fe8c672

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
content-encoding
gzip
access-control-allow-origin
https://www.msn.com
machineid
1458
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4061-HHN
pragma
no-cache
server
nginx
x-timer
S1649787784.760378,VS0,VE302
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://ads.stickyadstv.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect,<https://www8.smartadserver.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7994267&crid=6269495&dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&cmcv=&pix=31589837&cb=1649787783746&uv=3158&tms=1649787783746&abt=206725b_vA!adh5c-1_vA!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vA!Noapp22_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm&ft=0&unm=MSN_WIDGET&debug=pn:!sqg:!torgn:1649787777228.4!ts:1649787783745&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:03 GMT
content-length
0
server
nginx
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787783841&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5f58a9814fbb40d46e78e27dbb2b35db67da252dacdcd3d7fdd21db645fece7d

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:03 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
16
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,Connection,time-delta-millis
Content-Length
153
cmTagMSN_WIDGET.js
vidstat.taboola.com/vpaid/units/31_5_8/infra/ 		745 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a4c91178b51a23b6410c04248cf80a2919b78041c20a29a29ccee4d5c6481512

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 varnish
age
59707
x-amz-meta-mtime
1649326459
x-cache
HIT
x-amz-meta-ctime
1649326460
x-amz-meta-mode
33188
content-encoding
br
content-length
131101
x-amz-id-2
EMZOfBtk6ipwgKBaN15L4KiaclMp848N4/KgwYH8IfPiRbUcgZNsqolv8tt55QDBJWA2MzQBKjg=
x-served-by
cache-hhn4078-HHN
accept-ranges
bytes
last-modified
Thu, 07 Apr 2022 10:14:21 GMT
server
AmazonS3-br
x-timer
S1649787784.116369,VS0,VE1
etag
"d1062819fed1c667bf4a0193d024d4d8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
43H6D1MGE0TMY52V
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
1
cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_5_8/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 varnish
age
461191
x-amz-meta-mtime
1649326492
x-cache
HIT
x-amz-meta-ctime
1649326492
x-amz-meta-mode
33188
content-encoding
br
content-length
8294
x-amz-id-2
pk7rsu0gt52GF9DxDYVvdnmtQSR7CNCNlZW4Q5wCNt+lGQZIK9E9hXCVNuvyu8AdJ9UCECrYwS8=
x-served-by
cache-hhn4061-HHN
accept-ranges
bytes
last-modified
Thu, 07 Apr 2022 10:14:53 GMT
server
AmazonS3-br
x-timer
S1649787784.087043,VS0,VE0
etag
"7109a5557051e4983d59fded16204002"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
AC2TJP5XVJ0HZNNZ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
19758
PMS.js
vidstat.taboola.com/PMS/2.4.3/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.4.3/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea8c236c93cf26c8ffa686286fa27b7629d7499aec11700dec5f854c58547c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront), 1.1 varnish
age
1877079
x-amz-meta-mtime
1611220473
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1611220473
x-amz-meta-mode
33188
content-encoding
gzip
content-length
17847
x-served-by
cache-hhn4061-HHN
last-modified
Thu, 21 Jan 2021 09:14:34 GMT
server
AmazonS3
x-timer
S1649787784.199523,VS0,VE0
etag
"ab1cfea1c666e027aa42b257f63e5ddb"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
wN_xBxHj7L_YePSP0mgqmqxJEXXMZ4L1l_YmHcrvKa69zdQAnGkf1w==
x-cache-hits
1090
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront), 1.1 varnish
age
2225007
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn4061-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1649787784.255446,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
t1A-OC7FrDGZJC7Tp3c5Te6utmhBjz82_E5tKO0J_wHxk5doBZKsXQ==
x-cache-hits
21557
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1081406
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4061-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1649787784.255504,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
26044
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/ 		559 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4ed235403aeda420ba92bd7b4b8bfd402075a2a6370b556c4b113723cf469d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:04 GMT
via
1.1 varnish
age
269984
x-amz-meta-mtime
1649517747
x-cache
HIT
x-amz-meta-ctime
1649517759
x-amz-meta-mode
33188
content-encoding
br
content-length
117049
x-amz-id-2
ZQ+IKm+O+H3r4dbWnu5NlIXN56X8vhyIsdE7Oq/KN1KkpWROmy4Bh16CfxRASLA6p/NEsV99I/sUNJvQ0/b9vA==
x-served-by
cache-hhn4061-HHN
accept-ranges
bytes
last-modified
Sat, 09 Apr 2022 15:22:40 GMT
server
AmazonS3-br
x-timer
S1649787784.281642,VS0,VE0
etag
"96ed152596a9e4bcc8e88857b398fe6e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1XA7VC1WHXDSH0T5
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
22303
sync
am-match.taboola.com/ Frame 9289 		0
56 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7OhoCFgPZ31tt4yzJKQTZ31tt4yzJKQUAAAAGBvkHHbkYjigb5oY5o6wmm9VmOFsuVrPFcjmZLXdD6MjFcETZMDfMGWU12aw2w9lwMRwONpvVZLeaQouwzH7fQUE5PT1ml0HStL0sB1nT5PIb1AIRy_M1_Q0HtUDXsnj8bsMb-NB0Onyue73u97urPXe7xu_2q-xu1ecvd_k-f9HLY7T7zX6f86-4-E1vtcPse1hebpnfdTe5NW_Xz2d2mdxKu-dpcrl1T7vJ7_u8lXbP6WE2uyxvwcPjdfhcnr_C8lYweMXNrtDfe5wm99JlNNwBAAAA4AHgS_UG4gcAACACAAAAQOIHAACAIqDi30LgAgAAAAADgGD1WQMAisOgLDfX5fQPAICHBxAAAAEMEgABydkSAJXvyBMAAICDOpmnbZb_____GIC8_U2ZAf6RoB6ABx-AB6KC1SJGAAAAANlAlwpHkzqhsqj6____twK4AgAIAPwYQB4OAwAAKBhboIfF7zc77Bq_22X__________2b_ZwBoQkuuFGlBMPXDaj8AAABrv4AAAGzqBgDwJgAXcwB2AAAAAHf_____eQAAAB57lGyv1Xj2KOt9LcIy-30HBeX09JhdBknT9rIcZE2Ty29QC0Qsz9f0NxzUAl3L4vG7DfebsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEYaGi91gNhquNSubwy1a2YZrhcO5WouMk4lxtXI5Ny7nWvT6mJ6jmWk52E3xYT4u5752YWg-bse-duFiyV4EF-lE7bm7VSafy636_CtP28tyEUsEp4t0InoZTxf1HxtksZvLRnPFajFXDFYJAAAAAAAAAGAJU-ZNAAAAAE6DmA1nk91yASh2PIsbP45oz92tMvlcbtXnX3naXpY3eyaItVotawAAAABu3cgB!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 12 Apr 2022 18:23:04 GMT
machineid
3406
server
nginx
e875169e-3f9c-4a45-957f-eceade984dd0
https://www.msn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.msn.com/e875169e-3f9c-4a45-957f-eceade984dd0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ed86e7d3-9f69-4631-b74a-3fa3e461c391
https://www.msn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.msn.com/ed86e7d3-9f69-4631-b74a-3fa3e461c391
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
10194209
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/10194209?_fw_gdpr=0&schain=1.0,1!taboola.com,1324684,1,-1367313065&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
44171856ad3ae136c03baa04e423d5db52585e9668e70caa0e5bb6dc968b4335

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1178
x-sticky-vk
1649787784414043-417
Expires
Tue, 12 Apr 2022 18:23:04 GMT
12599937
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12599937?_fw_gdpr=0&schain=1.0,1!taboola.com,1324684,1,-1367313065&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e939cd306e9122687841f97b361f7263fd402abdde9e562dab27537afb2699bb

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1178
x-sticky-vk
1649787784417078-542
Expires
Tue, 12 Apr 2022 18:23:04 GMT
ac
www8.smartadserver.com/
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_con...
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_con...
129 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1324684%2C1%2C-1367313065%2Cmsn-edge-us_river%2Cmsn.com&us_privacy=1---&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:04 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:03 GMT
access-control-allow-origin
https://www.msn.com
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www8.smartadserver.com/ac?siteid=353075&pgid=1474167&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1649787784355&pgDomain=www.msn.com&vpw=612&vph=304&gdpr=0&gdpr_consent=&schain=1.0%2C1!taboola.com%2C1324684%2C1%2C-1367313065%2Cmsn-edge-us_river%2Cmsn.com&us_privacy=1---&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 88EB 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1649787784.dop052.fr8.t,1649787784.cds281.fr8.shn,1649787784.cds281.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116304
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame A8AA 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1649787784.dop127.fr8.t,1649787784.cds016.fr8.shn,1649787784.cds016.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116304
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame A8AA 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1649787784645
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:04 GMT
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1649787784.dop155.fr8.t,1649787784.cds202.fr8.shn,1649787784.cds202.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7d215d24d9a167ca854118ab80deb3db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2a73_7085784581915398978
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
0
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 88EB 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1649787784676
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:04 GMT
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1649787784.dop150.fr8.t,1649787784.cds101.fr8.shn,1649787784.cds101.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 88EB 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=7d215d24d9a167ca854118ab80deb3db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l12b1_7085784581915400346
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame A8AA 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12599937&loc=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1649787784684093-400
Expires
Tue, 12 Apr 2022 18:23:04 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A8AA 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12599937&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1324684%2C1%2C-1367313065&vav=5b100e698cb79d28382c93b5a4aa0580&vaviv=8125dc746605e94e6de7fc0c04b62961&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&playerSize=612x304&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649787784697096-600
Expires
Tue, 12 Apr 2022 18:23:04 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 88EB 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=10194209&loc=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1649787784849017-582
Expires
Tue, 12 Apr 2022 18:23:04 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 88EB 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=10194209&_fw_gdpr=0&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1324684%2C1%2C-1367313065&vav=86d6185e3dd83fee9c0ed82a9851175b&vaviv=f8ffd7ecc58414f4b5b551c5b9a93b33&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&playerSize=612x304&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649787784847019-364
Expires
Tue, 12 Apr 2022 18:23:04 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Protocol
H2
Server
142.250.185.194 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649787784798073-365
Expires
Tue, 12 Apr 2022 18:23:04 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.180.144 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BMXKGVVQTM69ZJFHP3KB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649787784791095-373
Expires
Tue, 12 Apr 2022 18:23:04 GMT
user-matching
ads.stickyadstv.com/ Frame 88EB 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Protocol
H2
Server
142.250.185.194 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=N2QyMTVkMjRkOWExNjdjYTg1NDExOGFiODBkZWIzZGI=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649787784947047-544
Expires
Tue, 12 Apr 2022 18:23:05 GMT
user-matching
ads.stickyadstv.com/ Frame 88EB 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a312cdfb-2d55-440d-bc9d-f9a5ad49ab65
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?id=7d215d24d9a167ca854118ab80deb3db&ex=freewheel.tv&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| getCookieConsentRequired string| _ssrServiceEntryUrl string| _webWorkerBundle string| _authCookieName object| webWorker object| webpackChunk_msnews_msnews_experiences object| _pageTimings object| _secondaryPageTimings number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| _isWebWorkerPresent function| telemetryEventsClear function| telemetryEventsFlush object| Base64 boolean| hasPreHydrateState function| _getAppPerfTrace object| MSANTracker function| Gemini object| JAC_CONFIG object| JAC object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| vglnk object| cmTagConfig boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16497877786886 undefined| vglnk_16497877786887 object| JAC_QUEUE object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| webpackJsonpCSW function| setImmediate function| clearImmediate object| civicscience undefined| vglnk_16497877788889 function| jsonp_1649787779268_73220 undefined| vglnk_164978777927210 undefined| vglnk_164978778124511 object| TRC object| cmTag undefined| vglnk_164978778352612 object| _cm_wfCounters string| lastWfUrl function| webpackHotUpdate function| startCMTagMain object| _taboola string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer

36 Cookies

Domain/Path Name / Value
.msn.com/ Name: _EDGE_S
Value: F=1
.msn.com/ Name: _EDGE_V
Value: 1
.msn.com/ Name: MUID
Value: 29023373D5846CCD10B122F7D4B36DD0
www.msn.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 2fd7ea36-473b-4ebb-98e9-589db45f8b9e
www.msn.com/ Name: ai_session
Value: 316XeEvz+Y2+d+fN/4yCob|1649787778028|1649787778028
.scorecardresearch.com/ Name: UID
Value: 133219a1fc7e5d88c6738051649787778
.bing.com/ Name: MUID
Value: 29023373D5846CCD10B122F7D4B36DD0
.c.bing.com/ Name: SRM_B
Value: 29023373D5846CCD10B122F7D4B36DD0
.c.bing.com/ Name: SRM_M
Value: 29023373D5846CCD10B122F7D4B36DD0
.c.msn.com/ Name: SM
Value: C
.c.msn.com/ Name: ANONCHK
Value: 0
.bing.com/ Name: SUID
Value: M
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=13EBB8D74EC34158834A5EF5177604A4&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20220412
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=de
.bing.com/ Name: _SS
Value: SID=21B4E6A20CAD6F3D2530F7260DC66E71
.yahoo.com/ Name: A3
Value: d=AQABBILDVWICEB5W9nhKueT63lebLaMJC1sFEgEBAQEVV2JfYgAAAAAA_eMAAA&S=AQAAAuT0JH-MK35H0RnorxGCBO4
.login.live.com/ Name: uaid
Value: 74fa70701f13489dbe0cba0f3634f646
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1649787778&co=1
www.msn.com/ Name: msaoptout
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=f71571cd0c7845e2aa6ac8ae2fc66f45&HASH=f715&LV=202204&V=4&LU=1649787779425
.microsoft.com/ Name: MS0
Value: 1d24cc5b76e04f03aa06eedc1b59beac
.agkn.com/ Name: ab
Value: 0001%3Ar1LX7EuG%2FXzJvOAgc8Hxmbesc6BQqiID
.agkn.com/ Name: u
Value: C|0EAAp6IADKeiAAwAAAAAAAQAHAAAAAAGaZpH__x4AAAAAADGD4gAAAAATG-w-AAAAAAn8LWgAAAAAHyE4zgA
.doubleclick.net/ Name: IDE
Value: AHWqTUmprkc8BKXopE25atcCkdnHV1fMNCIZqaqyawh4wyusoFqC6Od2lSyK5gAVHvU
.doubleclick.net/ Name: DSID
Value: NO_DATA
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
ads.stickyadstv.com/ Name: UID
Value: 7d215d24d9a167ca854118ab80deb3db
ads.stickyadstv.com/ Name: sessionId
Value: 2dfb2e3147ff8518a1fca4bbcc67a5
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 353075=4879823
.smartadserver.com/ Name: pid
Value: 5507578375197970240
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=160067658&lo=-415003147&lt=637853845845028672&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0

7 Console Messages

Source Level URL
Text
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-29023373D5846CCD10B122F7D4B36DD0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=Peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=D20768C4-8FB9-4922-929C-EBCFC2CF129C&ocid=peregrine&market=en-us&user=m-29023373D5846CCD10B122F7D4B36DD0&fdhead=msnallexpusers%2Cmuidflt11cf%2Cmuidflt13cf%2Cmuidflt19cf%2Cmmxios1cf%2Cmoneyedge2cf%2Cstarthp2cf%2Cmoneyhp1cf%2Cbingcollabhp2cf%2Cpnehz3cf%2Cartgly1cf%2Carticle4cf%2Conetrustpoplive%2Canaheim1cf%2Cmsnapp5cf%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp1cf%2Cprg-1sw-ugrth2%2Cprg-rsum-t2%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-prsdfuz%2Cprg-1sw-gevte%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphnmsncf%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather8cf%2Cmsnapp10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskipc%2C1s-fcrypt%2Cprg-psovhigh6%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-wpo-pnpc%2Cprg-1sw-accu10c%2Cprg-1sw-pr2fuzal%2Cprg-1sw-pr2sdfuz%2Cprg-1sw-pr2sdfze%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-apilog%2Cprg-sh-cadp2%2Cprg-sh-synadpc%2Cprg-upsaip-w1-t%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-xapc%2Cprg-1sw-psfy21%2Cprg-1sw-rih-revamp1%2Cprg-wea-skipauth%2Cprg-1sw-acrlt%2Cprg-1sw-acmng%2Cprg-serv-beacct%2Cprg-1sw-multif2%2C2e5cb361
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
26.at.atwola.com
ad-delivery.net
ad.doubleclick.net
ads.stickyadstv.com
am-api.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
api.btloader.com
api.msn.com
api.viglink.com
assets.msn.com
browser.events.data.msn.com
btloader.com
c.bing.com
c.msn.com
cdn.js7k.com
cdn.stickyadstv.com
cdn.viglink.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.agkn.com
d2zqfs55y95cft.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.archive-digger.com
img-s-msn-com.akamaized.net
imprammp.taboola.com
jac.yahoosandbox.com
jill.fc.yahoo.com
login.live.com
mem.gfx.ms
pagead2.googlesyndication.com
prod-m-node-3113.ssp.advertising.com
prod-m-node-3113.ssp.yahoo.com
s.amazon-adsystem.com
s.yimg.com
sb.scorecardresearch.com
service.idsync.analytics.yahoo.com
srtb.msn.com
tag.idsync.analytics.yahoo.com
tpc.googlesyndication.com
vidstat.taboola.com
web.ssp.yahoo.com
web.vortex.data.microsoft.com
wf.taboola.com
www.bing.com
www.civicscience.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.msn.com
www138.civicscience.com
www8.smartadserver.com
ads.stickyadstv.com
s.amazon-adsystem.com
104.104.52.11
13.32.121.72
130.211.23.194
131.253.33.203
141.226.228.48
142.250.185.194
142.250.186.102
151.101.65.44
152.195.51.15
18.156.0.31
18.214.246.74
185.86.137.113
2.18.234.233
20.50.73.9
2001:4de0:ac19::1:b:3a
204.79.197.203
209.54.180.144
212.82.100.182
2600:9000:223f:5200:f:c7b3:ce40:93a1
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700::6810:a40d
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1288:80:807::2
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a02:26f0:3500:7::17d8:4dd2
34.233.224.198
35.157.246.167
40.126.31.69
40.77.226.250
52.142.114.2
52.211.200.66
52.29.133.154
52.29.167.104
00df3a318c3fd470d38916cafcf87651f3318f23652a8e34ec5790bf96d62921
01636b51d4678bafb80f1bb8e5de3b41c7ed107322bda2fccc3c638ba9cd5ba3
054da3e71adbd20784a49844f803131f28b80679b1448eb070ee255498171edc
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55
06004c77b60b4ac92cc7c9e542dcc7739953f5c996c13a2e48513b1bab931635
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
07952001ef2d38d6b78acce58cdd217806d1934990613b684fff570493fe51c2
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0b2e162e74af088df0fe79756114b8724f5d7ce842e43ebf23db53c6757010e2
0b444bdf3fe9ed89238d011a7b7d1dc2753b3273abdb9522c5c6128b1801d287
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
0d4083286e2cddeef53e20193016754c77f644733b27cff887aa450627f66386
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
12ef4915d97bfc68be594bcb3a7744ce5707c0b69ea5e5de96d221e4afa249b5
15897dfb93ad2d1cd1b9f67f46382ad08a0d2c59b0da2275b6977dd5debbf931
1613d677e53f717118190d4983c6ecfc2f25696435d0d6ce6811e6b47627643c
16b8a0b01404f77be35f52b11950f7e94a14d75c82406ca9b595396c8ca04d8e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1884d75b7ad68068378c8fb14e6f6bb94ad106c03fe96ce4656de7a6c041506b
19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b
1a0c300b3eb47d04a745e446ec68fc2aaf76b50abec8e2d78b9ec806116bce51
1a355720643bcde13843f0a20d2301328d828ba2505b25df41f447338f2af84d
1d087f693ecbabc5201427db992d9eb94abd0b8053c17b2f75de5f502fe8c672
1defec92beb6fab7405907cf2e49cf87fa9e64cf6c4bfcce9e79cf1b8325bbf1
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f1cd89bc86dad3a473b1b89f83fb4df78604ddf4c5b10d2da3b263844750d24
1f31fa627ed978a0d4b90ad8d1daeae39c61a3122abb1dd3b8511c406dca2ea8
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0
2a2340b57fdd291118580f3525015bfaeaae7be8775675bf7847925a3b44cb8f
2a8f051af9e85d6dd67c7294e90b392cb69b7027f7e9fe1cc5a89a96c5f82408
2b57bfdcc2b7ade60b7e1734ee8ed3521c9d0e01e818bedebb335b6f2c3acc46
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30c2b54d679ce17b75da6fb2757c07b98a492f3cfee42286c3236d74c5f70c57
30f5d4a286d6f8f2d6dd5a62e1e52f55f000c3c418796d48c5072332e5a806c4
32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b
377f60fa87d345d11b3485794b590184900f0ccc90a20ca6fec401a4649da1ee
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677
380a4673a245b7c6dfb8726c2fa2a82440da54cddb456abdf038b649589f9b98
3960bab1341fe97dc7d8cb89e4b4e6ab0dbaf256e60993cbbb5ca2d33c4b647c
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
3f04d1883122f30e0307c1b52a42104e64c92e05352ddef9f4da158e647f5a6d
42736024c56912c10fd3c7761c9d57f37e5bf5f87f74bfafc763059a2ff632d2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44171856ad3ae136c03baa04e423d5db52585e9668e70caa0e5bb6dc968b4335
44888dbc834fb18e3bdd3d873b81bc16407059d88c990b89c476b392dec48a6c
45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9
47effbf21c3af4550e6906fa5faf81935fc3a8c8d8c4145d9b69dab40157e494
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4ccc1d05a5f05994fb16da0c0c9f28976945f7ae589c774f98f20f8edb898939
4ecc7d63144f16c6e23494088f99a3123986562df3dc70164f8efbde9f278007
4ed235403aeda420ba92bd7b4b8bfd402075a2a6370b556c4b113723cf469d5d
53d2c60a64ac531842a498a893bdbbee6d21084c8bfb76cad15b2da1b12a5350
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
569e739a31edbda5cf393675ba23d987c47eed5e51a87854b39dd4ec79238f44
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
594befbd8e54b702cc00938e8066561b1487f44bd97fad602d4c699b5a8eb77d
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4
5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95
5eb7a9f9adc35ddb7d8f67c20f4d337c64d6ce894cd6bacd9d8b72f5eb03853c
5f58a9814fbb40d46e78e27dbb2b35db67da252dacdcd3d7fdd21db645fece7d
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b
628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7
62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
67aebdc8fb87bd7f5d1224fe6c2e916f23623dc780f66725fab19f98cd64e264
6838a24ee1be5a9cb9a9c9a421ff1e0a6965067326e45cf1cacf0778069aaba2
686d1b573ee42c00494e395b38e3131991f08c5ae89ee361d5b3376d01727525
68896fc9eee1f9e74e87ec5617979a1a617274406b69b9e2ac319894dcae9de3
689a6adffce2a0d6fb99e6c7ac5a806dca1b94f903f4db6f2e622df212790465
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2
6b03b6f0f84e9859d676ec3080f7bfddd9a8f63deef4523b2605088806b0b12e
6b768a9f1e6f874bf5b5499d6df0af06c137507a2e56c2e19f98a365b3131e79
6be7096c82fd45e502e374446d2cf70fecb5cd16b54237d0856e4dff9162076c
6ce9fbb36497aaed178cc819cad03e53899bce8610626a3cc64608e5e66a5e65
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
6dfc832ff4bac20a488712ad02af7dcecca7cdc7de58ffa1ca15518f2317ab40
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440
72f8b953f6f6388e49730d2367b920f1bf6380a5d1b0781ed228202aceb2f54e
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
734988aa63a7b90f9cb5a147b0465e79dcb7ea214bcfccee4468bee8aae69e09
736c9943e1073ce9f5c5deaa5bb2541e2f9b2046e066644dcc42e26c5353128d
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
74b17f4d935d8f9efb25c739fb046995d71e7ee520b019d0ba0e7ff5d9099f84
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65
7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329
7ac966ca1fd3fc726538c76b248c4e254560596368fc628ce48b8dfb0cdc34ac
7b8c1df95b6d2e68380089bd884656bf5203badbd9f53deb467d9a97499e3613
7be125dccc06cf72d47ff189f1b29b6473a9b2119318a2f72a525d4a75ef8633
7c58cd7715468402d9e389e7f3c9d74dc2d6ccbac14021c060d7373590759c0f
7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33
7e1dacebac327d4678565051a9a021e9040b455ad2621c4eafce2824dd17d6db
7ef08b374b98dd05adf277f227f8af9c2f6a8ebcbdb365c3957b05b310eb1154
83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3
8600aaf225573d6eeb458637e79791e0744ddce81d8edce832f6445be848e36c
87306ff222703017f52bdec3f69a6583605e65c484484477313479de06b51f61
8d022a2329afb7d9da0a0492eceaf6c81229194476ed309da744359810d84b43
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
8fc2bce13214d547385999998e27dadcf4b3d7f7787b9692c3849b8efe1d796e
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
95c2996b3c92fea363e0d182b80e172330fb13ff3840ac70fb699aba95818ab1
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a47f2d6080a0aaf2ea65faf66bd0d78e5c79d3b78e6cad3625b2e71373bf5de
9ae6f1bd3b4ffde2948bcf5acde3c6d3c0dd9ab8f3479e54a10d5c25029d93fb
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a0f030a52000bb031b5b6ae5d9116a49c4c6a8827880dbdae8bed67ea17e298f
a2d08593a89467435094a328a17bdaca9d19cca6ed10214adcba9da9a2a78667
a36190bae6654b1f22cfbed41d29271069f4f2d6338cc374be020965d43285b0
a43832c3694bf725f05896990421fe7d596e10538731a539112c174016a206b7
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1
a4c91178b51a23b6410c04248cf80a2919b78041c20a29a29ccee4d5c6481512
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1
a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd
a951fb87a147491c9e4f4025479042bae5e6cebb7bf47ca56e4965268b1ddc8c
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
aa9f1a2e05ecd596dc7cdc24ee1f97f22174cd3028cfb97210f9cf0343757848
aaee490ae7ac3af767857d876df43b3ff5bf7833a11eecc2c35de435c0ea947e
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
aca63519ae5b1990c00048e5901c025161073426f2858185da42c784274e8dbb
acbbe4a4a0fe7510b6f5b03027213a90eaa8c6cf226e2f9f7b3e1dbd97686b19
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b
aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a
b01a8d9681332f5011de00e713320ded2ece2c4ce17ea1a9f2910a44ad8f7e41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
b59fe8feeb9ed23f1b5e1581ee4db390f93bec286451627aa06a87ca6fddd13e
b899c96f6bd8de4ddc433b15a8c6e0dbfa81bc346d1f32fde1b52acdd6864327
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
b924ad39a82784eb8194c5219e78c56beaf373e12d9d82168134d1319993bce5
bb66b1b530d86fed91d62bc369e5fd29999b99ad92703b81580be8a2e3962419
bccbdefad6797dd13860d99d3a4879c7345ec7ec982755bfe34dee8639f0302b
bd1e10a375a428c7bac8f6d1d0f976ff20eff193ddd2d3745976a5504c07c4d6
bfb69a567f33224bd398905d838aaf2068d33038367e3b22131b70347823b95d
c0fdda9dab7a65aef575d02d1c8fde7d7a00ea1796514529f31786958ed56583
c282bd0966e3162e4e06d15774582a5cdb22ba408f4a62b9eefbc4825e58670e
c2a85d058e5ad9855edda1554724f04893c0b28771842bc870f8d0a39a665ff2
c3752788f9fc691bbcc5f7eef227c66a536b9267e460525b772ad69b6da0db2a
c5871cc6db78ad7488e253e8a84af131074b8159d46443101a4e272c0793a05c
c74c78b4212d6e9496bd73b856ab1c80a69a85acc63df051eae6f5b5334e0110
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
c9d83bc5aae933a6ad1a842c7db73a8c89dfcea8419fd95401fdffb87242050c
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0
cb7d8204a2270f1bcb4e044c66e7e24ea3467aa1cde4867f166088039de2860f
cb9c9a4aa94639811b9a26c22273d5a7950fec602a3c3df19b557124200c1d8d
cc4ddcccfb5d9717516c4827c0f202bfac14e18d92b4504928dbc22deef57e18
cc97d510a0a9b7e66b664c2f04ab9ab33ddc7e7946e67e62550c0487d280b306
cd78847f0bdfa8f0a81eb00ae51b2485f7a4e03875ca8d36830f83bdb414c9df
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9c1a2475fd696da09169c8902c7ea48dcf4601418dab845432e4012eadd1a6
cfb49753dd3733aa626638d8850d695d44df13c1cc58f5922ee95a1803e0d33e
d17fc93a3e2b897e36ac1b5e32f912953e175ac73f570e84cbb03129e6022835
d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c
dd5fd5a2bf9b59be4e383490c3b510199ba3abd7a6496983f84fafbd1c6a6695
dea8c236c93cf26c8ffa686286fa27b7629d7499aec11700dec5f854c58547c4
dfb5fc9c665b9eff192d9c6a33bf9ecb8aa4654aa8d83685d3ca2be8a546a39c
e149851333d4b2b6555215ea31f65e7cabe0a55a2795c4d6346deab0c70ca719
e254c1e85858af67585ec49e2f9daaa2e66561f4adb5b9335c74c7d7af7b3afc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e4af51011f2b5302f586c624c6cd57492c527e03ae1dc983c7da4b8ed2b2906e
e6a106879082345d475326c840dfbe62f90ce4e4e6bbe10e016e53d502ddddbb
e89f1284e7890f38b73947d7a2df5e325fd490850928152d863671a357fe1d87
e939cd306e9122687841f97b361f7263fd402abdde9e562dab27537afb2699bb
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8
eb1eb77e34f4aeeca464250840b50048dacfff4a81086262cc2a76a6bb70ba4b
eb573a7ad09616b4d77475709a374fa97b7f9755bb861e374994d71f03abfcea
eda7984db34f7aada4ea502f1156a23d7c317879749997043ebe401f379a2f8e
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee863d8eb932f67231b95cac28fc87fc4ce00e1a57911336f1c10f5c748f45d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b2a0429d2b9b6f339a88926e9d1c8726d9ddb7be4beafe9dc4f84ed92e91e
f1471643844af10bdfa9a90620fd5dd7252d0fe1189ca93f40b25d34a98160ec
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f30c6f794b76a037efe7d8ddec7ce5cefa9fbfce8f960e46eeb74c97b06c0c83
f43b46276227834afda76346240a4276885e66328c05471bc5165cebd1da6a52
f706ef48f78d016dc9babb77ab2c657e2c0ee12b7be6ae2dd683fa503fa503c7
f7ba0e8a42a5a05be5e686414b17bf84d5d7ee7b592198627b99b87faece827d
f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9
f869867a1bff18643cf3323cad20211e29fb941240b1a68fb8231ba0da4bd28d
fb78650b186d628076b44f193b4b06cac27c7a9c1b5a90b5119bc22522d2ed83
fb921dd14601dac222f665ecc3b2d0cdd370b18524343bfb1a9944cda681b267
fded1c1aca58118d7ffb5ee78794313d948e7973bb3034440c19ed8a062d8283
ffc30eb03c3a40c22d7fa088e8e8567713c9ffec226e77fc0a3b340e6d77b825