www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie...
Effective URL:
https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie...
Submission: On November 30 via api (November 30th 2021, 9:08:08 pm UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 33 domains to perform 90 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.

This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	131.253.33.203 131.253.33.203	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.16.186.42 2.16.186.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2.16.186.192 2.16.186.192	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2.18.232.6 2.18.232.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 8	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	52.57.30.26 52.57.30.26	16509 (AMAZON-02) (AMAZON-02)
1	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.229.221.28 192.229.221.28	15133 (EDGECAST) (EDGECAST)
3 4	2620:119:50e7... 2620:119:50e7:101::9002:e05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 1	20.190.160.134 20.190.160.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 8	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.23 143.204.98.23	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:2cf4:6544:81b3:ad54	16509 (AMAZON-02) (AMAZON-02)
3 4	3.120.169.248 3.120.169.248	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.157.150.79 18.157.150.79	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
4	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	213.254.244.15 213.254.244.15	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	52.17.98.114 52.17.98.114	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.57.134.242 52.57.134.242	16509 (AMAZON-02) (AMAZON-02)
90	43

4 131.253.33.203 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net

www.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-42.deploy.static.akamaitechnologies.com

static-entertainment-neu-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

jill.fc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
26.at.atwola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static-global-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-192.deploy.static.akamaitechnologies.com

assets.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.6 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-6.deploy.static.akamaitechnologies.com

confiant.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::200 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.30.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-30-26.eu-central-1.compute.amazonaws.com

prod-m-node-3113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.28 (United States)

ASN15133 (EDGECAST, US)

cdn.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:119:50e7:101::9002:e05 (San Francisco, United States) 3 redirects

ASN14413 (LINKEDIN, US)

www.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.134 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.img-taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:2cf4:6544:81b3:ad54 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.169.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.150.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.15 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.98.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-98-114.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

m.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.132.78 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.134.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-134-242.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	msn.com 1 redirects www.msn.com assets.msn.com confiant.msn.com c.msn.com web.vortex.data.msn.com srtb.msn.com	708 KB
15	akamaized.net static-entertainment-neu-s-msn-com.akamaized.net static-global-s-msn-com.akamaized.net img-s-msn-com.akamaized.net	663 KB
10	yahoo.com 1 redirects jill.fc.yahoo.com web.ssp.yahoo.com service.idsync.analytics.yahoo.com prod-m-node-3113.ssp.yahoo.com tag.idsync.analytics.yahoo.com cms.analytics.yahoo.com pr-bh.ybp.yahoo.com	12 KB
9	3lift.com 2 redirects eb2.3lift.com ib.3lift.com	4 KB
8	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com m.adnxs.com	23 KB
8	bing.com 4 redirects c.bing.com www.bing.com	3 KB
5	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net	2 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net	1 KB
4	taboola.com cdn.taboola.com api.taboola.com	2 KB
3	mgid.com 2 redirects cm.mgid.com	2 KB
3	facebook.com 1 redirects www.facebook.com	3 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	704 B
2	facebook.net connect.facebook.net	83 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	901 B
2	yahoosandbox.com jac.yahoosandbox.com	78 KB
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	319 B
1	media.net hbx.media.net	289 B
1	adsymptotic.com p.adsymptotic.com	259 B
1	flashtalking.com d9.flashtalking.com	598 B
1	doubleverify.com tps.doubleverify.com	368 B
1	img-taboola.com img.img-taboola.com	8 KB
1	omnitagjs.com visitor.omnitagjs.com	235 B
1	sharethrough.com match.sharethrough.com	263 B
1	turn.com 1 redirects ad.turn.com	412 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	adsrvr.org match.adsrvr.org	265 B
1	outbrain.com widgets.outbrain.com	2 KB
1	live.com 1 redirects login.live.com	855 B
1	bizographics.com 1 redirects www.bizographics.com	381 B
1	advertising.com cdn.adaptv.advertising.com	2 KB
1	js7k.com cdn.js7k.com	77 KB
1	atwola.com 26.at.atwola.com	307 B
90	33

	Domain	Requested by
8	eb2.3lift.com	2 redirects ib.3lift.com eb2.3lift.com
7	c.bing.com	4 redirects cdn.adaptv.advertising.com eb2.3lift.com
7	img-s-msn-com.akamaized.net	www.msn.com
7	static-entertainment-neu-s-msn-com.akamaized.net	www.msn.com static-entertainment-neu-s-msn-com.akamaized.net
6	web.vortex.data.msn.com	static-entertainment-neu-s-msn-com.akamaized.net
6	assets.msn.com	www.msn.com web.ssp.yahoo.com assets.msn.com
4	srtb.msn.com	static-global-s-msn-com.akamaized.net
4	ib.adnxs.com	2 redirects acdn.adnxs.com
4	x.bidswitch.net	3 redirects eb2.3lift.com
4	cm.g.doubleclick.net	3 redirects eb2.3lift.com
4	www.msn.com	assets.msn.com static-entertainment-neu-s-msn-com.akamaized.net
3	cm.mgid.com	2 redirects
3	m.adnxs.com	2 redirects
3	www.facebook.com	1 redirects connect.facebook.net
3	api.taboola.com	cdn.taboola.com
3	px.ads.linkedin.com	2 redirects eb2.3lift.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pr-bh.ybp.yahoo.com	1 redirects
2	connect.facebook.net	www.msn.com connect.facebook.net
2	service.idsync.analytics.yahoo.com	web.ssp.yahoo.com tag.idsync.analytics.yahoo.com
2	sb.scorecardresearch.com	1 redirects www.msn.com
2	c.msn.com	1 redirects www.msn.com
2	jac.yahoosandbox.com	jill.fc.yahoo.com jac.yahoosandbox.com
2	jill.fc.yahoo.com	www.msn.com jac.yahoosandbox.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	hbx.media.net
1	p.adsymptotic.com
1	d9.flashtalking.com
1	tps.doubleverify.com
1	img.img-taboola.com
1	visitor.omnitagjs.com
1	match.sharethrough.com
1	acdn.adnxs.com	static-entertainment-neu-s-msn-com.akamaized.net
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.adsrvr.org	eb2.3lift.com
1	ib.3lift.com	static-entertainment-neu-s-msn-com.akamaized.net
1	widgets.outbrain.com	static-entertainment-neu-s-msn-com.akamaized.net
1	cdn.taboola.com	static-entertainment-neu-s-msn-com.akamaized.net
1	www.bing.com	static-global-s-msn-com.akamaized.net
1	login.live.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	www.bizographics.com	1 redirects
1	cdn.adaptv.advertising.com	www.msn.com
1	cms.analytics.yahoo.com
1	tag.idsync.analytics.yahoo.com	jac.yahoosandbox.com
1	cdn.js7k.com	web.ssp.yahoo.com
1	prod-m-node-3113.ssp.yahoo.com	web.ssp.yahoo.com
1	26.at.atwola.com	www.msn.com
1	web.ssp.yahoo.com	www.msn.com
1	confiant.msn.com	static-entertainment-neu-s-msn-com.akamaized.net
1	static-global-s-msn-com.akamaized.net	www.msn.com
90	53

This site contains links to these domains. Also see Links.

Domain
login.live.com
support.microsoft.com
go.microsoft.com
www.linkedin.com
a.msn.com
twitter.com
web.whatsapp.com
www.microsoft.com
apps.apple.com
play.google.com
blogs.msn.com

Subject Issuer	Validity	Valid
*.msn.com Microsoft RSA TLS CA 01	`2021-09-22` - `2022-09-22`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
secure.ace.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
assets.msn.com Microsoft RSA TLS CA 02	`2021-09-23` - `2022-09-23`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
web.vortex.data.msn.com Microsoft Azure TLS Issuing CA 05	`2021-10-13` - `2022-10-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2021-10-27` - `2022-01-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-16`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
*.idsync.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
cdn.adap.tv DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Frame ID: E8D6500B0D67856A4FE838E8B8D84203
Requests: 54 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.10.1/jac.js
Frame ID: B19A730FA2CE4C9F5CE90330F3D72BF5
Requests: 16 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: F4253663880BC5EFFD66B50EA71F89C1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adaptv.advertising.com/msft/msftsync.html
Frame ID: CEA8177730165F77E2D356C89FC40299
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/foodanddrink/secure/silentpassport?secure=true&lc=1033
Frame ID: F022E3897EE35E91F380C4C8C6AE2A6E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3FA8D188698A3BE897FE19E931A37950
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2b0e64fbfacb74%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff817e5ca28686%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450
Frame ID: 6E7BE0E8882FD192E56C9BC254A7C097
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7083DBF8B03A32B51ABF8095593317FE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This buttery, vanilla dough does it all. Here's the only holiday cookie recipe you need

Page Statistics

90
Requests

83 %
HTTPS

23 %
IPv6

33
Domains

53
Subdomains

43
IPs

7
Countries

1664 kB
Transfer

4427 kB
Size

47
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1638306483&rver=7.0.6730.0&wp=LBI&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2ffoodanddrink%2fSecure%2fPassport%3fru%3dhttps%253a%252f%252fwww.msn.com%252fen-us%252ffoodanddrink%252frecipes%252fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252far-AARjkif%253fcvid%253dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253dwinp1taskbar%2526fullscreen%253dtrue%2526pfr%253d1&lc=1033&id=1184&mkt=en-us&pcexp=True
Title: Sign in

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/product/msn/msn
Title: Help

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=286759
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=http%3a%2f%2fa.msn.com%2f06%2fen-us%2fAARjkif%3focid%3dsl&title=This+buttery%2c+vanilla+dough+does+it+all.+Here%27s+the+only+holiday+cookie+recipe+you+need&source=http%3a%2f%2fa.msn.com%2f06%2fen-us%2fAARjkif%3focid%3dsl
Title: SHARE

Search URL Search Domain Scan URL

URL: http://a.msn.com/06/en-us/AARjkif?ocid=sf
Title: SHARE

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http%3a%2f%2fa.msn.com%2f06%2fen-us%2fAARjkif%3focid%3dst&text=This+buttery%2c+vanilla+dough+does+it+all.+Here%27s+the+only+holiday+cookie+recipe+you+need&original_referer=http%3a%2f%2fa.msn.com%2f06%2fen-us%2fAARjkif%3focid%3dst
Title: TWEET

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=http%3a%2f%2fa.msn.com%2f06%2fen-us%2fAARjkif%3focid%3dsw
Title: SHARE

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/
Title: © 2021 Microsoft

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/microsoft-news/id945416273?pt=80423&ct=prime_footer&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.microsoft.amp.apps.bingnews&hl=en-us&referrer=utm_source=prime_footer&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=246338
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=512703
Title: Help

Search URL Search Domain Scan URL

URL: https://blogs.msn.com/
Title: MSN Blog

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/kb/2999841/
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252Far-AARjkif%253Fcvid%253Dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253Dwinp1taskbar%2526fullscreen%253Dtrue&di=14245&lng=en-us&activityId=a545202554cb4d3ebd25636e0c3e4de8&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=recipes&st.sdpt=&subcvs=lifestyle&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0 HTTP 302
https://c.bing.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252Far-AARjkif%253Fcvid%253Dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253Dwinp1taskbar%2526fullscreen%253Dtrue&di=14245&lng=en-us&activityId=a545202554cb4d3ebd25636e0c3e4de8&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=recipes&st.sdpt=&subcvs=lifestyle&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=4BEB70B454F542E3AAB9D5BD4B401ECA&RedC=c.msn.com&MXFR=20437F1FF199631D318F6FE0F07E62FD HTTP 302
https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252Far-AARjkif%253Fcvid%253Dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253Dwinp1taskbar%2526fullscreen%253Dtrue&di=14245&lng=en-us&activityId=a545202554cb4d3ebd25636e0c3e4de8&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=recipes&st.sdpt=&subcvs=lifestyle&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=4BEB70B454F542E3AAB9D5BD4B401ECA&MUID=20437F1FF199631D318F6FE0F07E62FD

Request Chain 24

https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%3Fcvid%3Dd4f5453f7be5453ccc51a9a30a0f5493%26ocid%3Dwinp1taskbar%26fullscreen%3Dtrue%23image%3D7&c8=This+buttery%2C+vanilla+dough+does+it+all.+Here%27s+the+only+holiday+cookie+recipe+you+need&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%3Fcvid%3Dd4f5453f7be5453ccc51a9a30a0f5493%26ocid%3Dwinp1taskbar%26fullscreen%3Dtrue%23image%3D7&c8=This%20buttery%2C%20vanilla%20dough%20does%20it%20all.%20Here%27s%20the%20only%20holiday%20cookie%20recipe%20you%20need&c9=

Request Chain 43

https://www.bizographics.com/collect/?fmt=gif&pid=7850 HTTP 301
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQIkT3BpZGbobQAAAX1yrRfW9I9GWeU88lXnHCeZZtIs0zLbIp5QOU4lpWMh8WD-XRrc32Mg

Request Chain 44

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1638306483&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2ffoodanddrink%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
https://www.msn.com/en-us/foodanddrink/secure/silentpassport?secure=true&lc=1033

Request Chain 45

https://eb2.3lift.com/mapuid?suid=20437F1FF199631D318F6FE0F07E62FD&sid=16 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJExtRNe_-ZgvL-Mp5xke7c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 59

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D&google_tc=

Request Chain 61

https://pr-bh.ybp.yahoo.com/sync/triplelift/14560109635179712144?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-fqkkLVZE2oTBm1LrUHkk8KrFWIdBuNBc9OsIpb8OYQ--~A&dongle=0883

Request Chain 64

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14560109635179712144 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14560109635179712144&dcc=t

Request Chain 65

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 66

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=2533623548162963499&dongle=d407

Request Chain 68

https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=223505105588011&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b0e64fbfacb74%26domain%3Dwww.msn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff817e5ca28686%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2b0e64fbfacb74%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff817e5ca28686%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450

Request Chain 70

https://ib.adnxs.com/async_usersync_file HTTP 302
https://acdn.adnxs.com/dmp/async_usersync.html

Request Chain 75

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 84

https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=a5452025-54cb-4d3e-bd25-636e0c3e4de8&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true HTTP 302
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D20437F1FF199631D318F6FE0F07E62FD%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D280%2526user%253D20437F1FF199631D318F6FE0F07E62FD HTTP 302
https://m.adnxs.com/mapuid?member=226&user=20437F1FF199631D318F6FE0F07E62FD&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D20437F1FF199631D318F6FE0F07E62FD HTTP 302
https://m.adnxs.com/mapuid?member=280&user=20437F1FF199631D318F6FE0F07E62FD

Request Chain 85

https://c.bing.com/c.gif?Red3=MSDB_pd&rid=a5452025-54cb-4d3e-bd25-636e0c3e4de8&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=20437F1FF199631D318F6FE0F07E62FD&_rand=629324

Request Chain 86

https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msn/20437F1FF199631D318F6FE0F07E62FD

Request Chain 88

https://cm.mgid.com/m?cdsp=516415&c=20437F1FF199631D318F6FE0F07E62FD&mode=inverse HTTP 307
https://cm.mgid.com/m?c=20437F1FF199631D318F6FE0F07E62FD&cdsp=516415&mode=inverse&sct=1 HTTP 301
https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_8408f05a-169e-4e08-9f5b-8d4db91042ee&bsw_param=37402901-7d2f-4e92-879c-2b641361f8e3&expires=10 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&us_privacy=

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ar-AARjkif Show response
www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ 147 KB
45 KB 281ms
239ms Document
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

/ ASP.NET

Resource Hash

5eaec961b4e73245c0128f08dd245d3b244bbc1175cc015942ede5e04e2f011d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-transform, no-cache
pragma: no-cache
content-length: 44978
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: User-Agent
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
x-aspnetmvc-version: 5.2
x-appversion: 20211124_25888217
x-activity-id: a5452025-54cb-4d3e-bd25-636e0c3e4de8
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 36, sn: neurope-prod-entertainment, dt: 2021-11-24T22:14:43.6666294Z, bt: 2021-11-24T18:33:10.1088669Z}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security: max-age=1209600; includeSubDomains; preload
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-ua-compatible: IE=Edge;chrome=1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1
x-fabric-cluster: pmeprodneu
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A545202554CB4D3EBD25636E0C3E4DE8 Ref B: VIEEDGE3220 Ref C: 2021-11-30T21:08:03Z
date: Tue, 30 Nov 2021 21:08:03 GMT

GET
H/1.1 200
OK f77b07.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/ 24 KB
24 KB 79ms
25ms Font
application/font-woff2 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Last-Modified: Tue, 20 Apr 2021 02:08:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a5ac1a8a35d71:0"
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=12431895
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24428
X-XSS-Protection: 1

GET
H/1.1 200
OK bf-1655d3-8d48d18c
static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038... 143 KB
23 KB 102ms
38ms Stylesheet
text/css 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038e3e-4192ab12/ca-9c582f-491caa4c/60-a25ca6-273ab94b/e2-f9b1a1-d2fbc11b/95-f7269e-b879da32/8b-cc6783-309c77d2/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7a5ab418dc7f4bac2e9846c3830f8ac8e7a961b98359b0d1870bfbb627807b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2: 2021-11-29T06:49:05
X-Powered-By: ASP.NET
X-Activity-Id: 00000000-61e9-422e-888f-b50c3722b67c
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 22164
X-XSS-Protection: 1
X-AspNetMvc-Version: 5.2
Last-Modified: Mon, 29 Nov 2021 06:49:05 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 1, sn: neurope-prod-entertainment, dt: 2021-11-24T21:28:30.8556716Z, bt: 2021-11-24T18:33:10.1088669Z}
X-FRAME-OPTIONS: SAMEORIGIN
X-S1: 2021-11-29T06:49:05
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=31398103
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin: *
X-AppVersion: 20211124_25888217
Expires: Tue, 29 Nov 2022 06:49:46 GMT

GET
H2 200 js Show response
jill.fc.yahoo.com/v1/client/msft/ 245 B
563 B 166ms
30ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v1/client/msft/js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef713dea3bd5f73a8366ea053bd73e8780b1e64fbda8778a8056a14386225209

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:58:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 549
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=900, s-maxage=900
x-robots-tag: noindex, noarchive, nosnippet, nofollow
content-length: 189
x-content-type-options: nosniff
x-request-id: 27613fe5787db1216e2fd1ddf73e8f62d41939

GET
H2 200 jquery-2.1.1.min.js Show response
static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/ 82 KB
30 KB 51ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by: ASP.NET
x-activity-id: 00000000-f0a2-4fd0-aa4c-9b9df0a8f8c8
content-length: 29575
x-xss-protection: 1
x-aspnetmvc-version: 5.2
last-modified: Fri, 12 Nov 2021 01:51:08 GMT
server: Microsoft-IIS/10.0
x-az: {did:2be360ae5c6345da911d978376c0449f, rid: 27, sn: neurope-prod-hp, dt: 2021-11-10T18:40:34.9368469Z, bt: 2021-11-09T01:49:44.8089375Z}
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29911326
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion: 20211109_25623220
expires: Sat, 12 Nov 2022 01:50:09 GMT

GET
H/1.1 200
OK 3b-5fdca4-f41d9e92 Show response
static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-6322... 351 KB
116 KB 83ms
82ms Script
text/javascript 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

40cb79da2384ffda15207e98d796e905dd94b4d435c9312e05eff613a16db2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2: 2021-11-25T10:17:27
X-Powered-By: ASP.NET
X-Activity-Id: 00000000-5607-4e62-af3e-cc98d3f70e88
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 117172
X-XSS-Protection: 1
X-AspNetMvc-Version: 5.2
Last-Modified: Thu, 25 Nov 2021 10:17:27 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 75, sn: neurope-prod-entertainment, dt: 2021-11-25T07:12:26.0105109Z, bt: 2021-11-24T18:33:10.1088669Z}
X-FRAME-OPTIONS: SAMEORIGIN
X-S1: 2021-11-25T10:17:27
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=31064915
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin: *
X-AppVersion: 20211124_25888217
Expires: Fri, 25 Nov 2022 10:16:38 GMT

GET
H2 200 startup.cd74dffb6206cf944176.js Show response
assets.msn.com/bundles/v1/hybrid/latest/startup/ 107 KB
28 KB 72ms
20ms Script
application/javascript 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/hybrid/latest/startup/startup.cd74dffb6206cf944176.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6168560d4c3b06a3c6dc6837eb93c9c6fcfe0e44546c140cc0f4c13fa9ee2a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:03 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: tjnCL0RGbzUdf3ZJub9zSA==
server-timing: 12
content-length: 28198
x-ms-lease-status: unlocked
last-modified: Sat, 20 Nov 2021 02:22:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ABCC9055E156
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
x-ms-request-id: 58ed86d0-301e-0037-58b5-ddfd87000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
akamai-request-id: 291d69ca

GET
H2 200 vendor.c12be6ce293c4eae2f9a.js Show response
assets.msn.com/bundles/v1/hybrid/latest/startup/ 2 MB
472 KB 87ms
36ms Script
application/javascript 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/hybrid/latest/startup/vendor.c12be6ce293c4eae2f9a.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8c0e263b34c62ff6ab6e71b6f5c151bb80a3f8cc8c535597f23cb990ffc506cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:03 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: vMWCuYqr7XatAWMiI0s8SA==
server-timing: 12
content-length: 481320
x-ms-lease-status: unlocked
last-modified: Sat, 20 Nov 2021 02:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ABCC8A3069A1
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
x-ms-request-id: 58ed8945-301e-0037-11b5-ddfd87000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
akamai-request-id: 291d69d1

GET
H2 200 common-header.c8502303816d2fdf2eb6.js Show response
assets.msn.com/bundles/v1/hybrid/latest/common-header/ 399 KB
109 KB 97ms
47ms Script
application/javascript 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/hybrid/latest/common-header/common-header.c8502303816d2fdf2eb6.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4888bb5e328c543cdff91c41e09d5d6abe880449951349dc72f9c46cbae88b9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:03 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 7Pt0Joap+gPOofY7BAtF+A==
server-timing: 12
content-length: 111077
x-ms-lease-status: unlocked
last-modified: Sat, 20 Nov 2021 02:21:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ABCC86DED9A0
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
x-ms-request-id: 787f57e1-e01e-001e-2cb5-dd1fa7000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
akamai-request-id: 291d69d3

GET
H/1.1 200
OK e151e5.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/ 43 B
446 B 34ms
34ms Image
image/gif 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/e151e5.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Last-Modified: Tue, 06 Jul 2021 00:05:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0d48ba0fa71d71:0"
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=19664438
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 1

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 BB17o60N Show response
www.msn.com/resolver/api/resolve/v2/configindex/ 90 KB
15 KB 64ms
64ms Fetch
application/json 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/resolver/api/resolve/v2/configindex/BB17o60N?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2296%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articlefullscreen%22,%22pageExperiments%22:[]}&apptype=hybrid&maxDepth=10
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/common-header/common-header.c8502303816d2fdf2eb6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: Kestrel /
Resource Hash: b7343f80739c4b2897176ddf0b6e6dd2dc597f6026791ac2543827e8f3962622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
content-encoding: gzip
etag: "-xjCdNwHuioEf9Z7CxqBsEo1Jp4"
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: TCP_MISS
content-length: 14861
server: Kestrel
x-msedge-ref: Ref A: 4B05377817CB4BD69579849502859FFA Ref B: VIEEDGE3220 Ref C: 2021-11-30T21:08:03Z
x-crs-buildversion: 20211026.3_master
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: public, max-age=900
x-fabric-cluster: pmeprodneu
x-cid: 7
x-ccc: US

GET
H/1.1 200
OK 59e092.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/65/ 21 KB
21 KB 31ms
31ms Font
application/font-woff2 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/65/59e092.woff2

Requested by

Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038e3e-4192ab12/ca-9c582f-491caa4c/60-a25ca6-273ab94b/e2-f9b1a1-d2fbc11b/95-f7269e-b879da32/8b-cc6783-309c77d2/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038e3e-4192ab12/ca-9c582f-491caa4c/60-a25ca6-273ab94b/e2-f9b1a1-d2fbc11b/95-f7269e-b879da32/8b-cc6783-309c77d2/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Last-Modified: Tue, 20 Apr 2021 02:08:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a5ac1a8a35d71:0"
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=12583026
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21096
X-XSS-Protection: 1

GET
H/1.1 200
OK 566d09.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/57/ 25 KB
26 KB 54ms
25ms Font
application/font-woff2 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/57/566d09.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038e3e-4192ab12/ca-9c582f-491caa4c/60-a25ca6-273ab94b/e2-f9b1a1-d2fbc11b/95-f7269e-b879da32/8b-cc6783-309c77d2/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Last-Modified: Tue, 04 May 2021 00:11:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0aec9177a40d71:0"
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=13700596
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25760
X-XSS-Protection: 1

GET
H/1.1 200
OK c19270.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/ 22 KB
22 KB 46ms
27ms Font
application/font-woff2 2.16.186.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/c19270.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-42.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/css/d7cb56b9-44633e53/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/9b-c89214-180424ac/eb-7b3dd1-25934931/e7-038e3e-4192ab12/ca-9c582f-491caa4c/60-a25ca6-273ab94b/e2-f9b1a1-d2fbc11b/95-f7269e-b879da32/8b-cc6783-309c77d2/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Last-Modified: Wed, 03 Mar 2021 01:26:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a5f730ccfd71:0"
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=8454688
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22604
X-XSS-Protection: 1

GET
H2 200 AARiCNI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 47 KB
48 KB 56ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARiCNI.img?h=373&w=624&m=6&q=60&o=f&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adc171dfb5c99116b0196aed474df9b04a826438ff5e92c02d21e74dac702db3

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Tue, 30 Nov 2021 21:07:21 GMT
x-datacenter: northeu
x-source-length: 949804
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431898
x-activityid: 1501945c-dded-4aaa-a4cb-1e7491e89edc
content-location: https://img.s-msn.com/tenant/amp/entityid/AARiCNI?h=373&w=624&m=6&q=60&o=f&l=f
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 48366
expires: Sun, 05 Dec 2021 21:06:21 GMT

GET
H2 200 AARiCNI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 67ms
33ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARiCNI.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3808f7e3978c6d68e7d90ab2347f5a20aea46068e00e9946a800aeac481c116c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Tue, 30 Nov 2021 21:06:46 GMT
x-datacenter: northeu
x-source-length: 949804
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431919
x-activityid: d6fb3724-505a-4ecb-a209-16ee93133146
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AARiCNI?h=55&w=75&m=6&q=60&u=t&o=t&l=f
content-length: 2354
expires: Sun, 05 Dec 2021 21:06:42 GMT

GET
H2 200 AARiHn4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 69ms
35ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARiHn4.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b824a7702f89b23259ba95dcdf4e3f85789cc394633b5a232f7654efda464cbd

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Tue, 30 Nov 2021 21:07:21 GMT
x-datacenter: northeu
x-source-length: 765787
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431956
x-activityid: 54453813-88b3-4818-a40f-5aff8a84d7fa
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AARiHn4?h=55&w=75&m=6&q=60&u=t&o=t&l=f
content-length: 2139
expires: Sun, 05 Dec 2021 21:07:19 GMT

GET
H2 200 AARigj6.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 66ms
33ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARigj6.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbae4c486e32428af05e7932e5a992561070210240dbcc5c755c2ca43f240f41

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Tue, 30 Nov 2021 21:06:47 GMT
x-datacenter: northeu
x-source-length: 926698
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431970
x-activityid: 61e052e6-ea01-4e0b-8c03-04e25de12863
content-location: https://img.s-msn.com/tenant/amp/entityid/AARigj6?h=55&w=75&m=6&q=60&u=t&o=t&l=f
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 2146
expires: Sun, 05 Dec 2021 21:07:33 GMT

GET
H2 200 AARigjd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 69ms
35ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARigjd.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a220a28b298e3584b6e365210209550b43c6b8c0cbc4f96f325eadffd0688c5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Tue, 30 Nov 2021 21:06:46 GMT
x-datacenter: northeu
x-source-length: 746120
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431922
x-activityid: 4e109702-3758-48a0-8287-fba863023bb7
content-location: https://img.s-msn.com/tenant/amp/entityid/AARigjd?h=55&w=75&m=6&q=60&u=t&o=t&l=f
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 2150
expires: Sun, 05 Dec 2021 21:06:45 GMT

GET
H2 200 AARio8a.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 366ms
333ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARio8a.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

775d41b82ed09016b15d6899273ac56f1d9cfddcac78c5c622dfb05903d818d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 21:08:04 GMT
last-modified: Tue, 30 Nov 2021 21:06:46 GMT
x-datacenter: northeu
x-source-length: 878805
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431918
x-activityid: dee67f30-0920-4bf6-b40d-f15da5d35937
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AARio8a?h=55&w=75&m=6&q=60&u=t&o=t&l=f
content-length: 2076
expires: Sun, 05 Dec 2021 21:06:42 GMT

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.10.1/ 154 KB
39 KB 25ms
8ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.10.1/jac.js

Requested by

Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

addc1e4dd7fc6dd313b790767c4ce1974f8c214d450334f4bc6362e9634909d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 12:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30713
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 39752
x-amz-id-2: 9W9BZPtx0ET+kkrejsbSDTmpFIrHU+cpOHYBeAuzim5z0xch4xQybHFi11aCWiPs1VzRmjgmfbQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Nov 2021 13:27:09 GMT
server: ATS
etag: "934026e2c89686f511d38a9a0f49e309-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, OPTIONS
x-amz-request-id: 1BH7344EWNX6TBJC
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK config.js Show response
confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/ 89 KB
30 KB 93ms
22ms Script
text/javascript 2.18.232.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2.18.232.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-6.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 97b1ffaf0413f351625c6c565e25a1fd489bb38261e8d0141ae674861ceda2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:03 GMT
Content-Encoding: gzip
x-amz-request-id: DYDR1HT04E2E3VZ6
Connection: keep-alive
Content-Length: 29794
x-amz-id-2: aohz0vC6WqeRv8LgJwCkUIetapYJmkEpYd+aT484Q2WuGEpCk2HCjfAqT6rFDsDR46vIonDc6p4=
X-Served-By: cache-ams21025-AMS
Last-Modified: Fri, 01 Oct 2021 20:49:52 GMT
Server: AmazonS3
X-Timer: S1633170635.271168,VS0,VE0
ETag: "7ee4c3a1c9bf7235b30ce6f3fa5c1dbc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2

200

c.gif
c.msn.com/
Redirect Chain

https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-d...
https://c.bing.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-...
https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-d...

42 B
255 B

29ms
29ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252Far-AARjkif%253Fcvid%253Dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253Dwinp1taskbar%2526fullscreen%253Dtrue&di=14245&lng=en-us&activityId=a545202554cb4d3ebd25636e0c3e4de8&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=recipes&st.sdpt=&subcvs=lifestyle&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=4BEB70B454F542E3AAB9D5BD4B401ECA&MUID=20437F1FF199631D318F6FE0F07E62FD
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:03 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92BA1092965849D6B2B937951EAD8AD5 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.msn.com/c.gif?udc=true&rid=a545202554cb4d3ebd25636e0c3e4de8&rnd=637739032834027304&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Ffoodanddrink%252Frecipes%252Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%252Far-AARjkif%253Fcvid%253Dd4f5453f7be5453ccc51a9a30a0f5493%2526ocid%253Dwinp1taskbar%2526fullscreen%253Dtrue&di=14245&lng=en-us&activityId=a545202554cb4d3ebd25636e0c3e4de8&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=recipes&st.sdpt=&subcvs=lifestyle&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=4BEB70B454F542E3AAB9D5BD4B401ECA&MUID=20437F1FF199631D318F6FE0F07E62FD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 116ms
29ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-...
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only...

0
224 B

9ms
9ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%3Fcvid%3Dd4f5453f7be5453ccc51a9a30a0f5493%26ocid%3Dwinp1taskbar%26fullscreen%3Dtrue%23image%3D7&c8=This%20buttery%2C%20vanilla%20dough%20does%20it%20all.%20Here%27s%20the%20only%20holiday%20cookie%20recipe%20you%20need&c9=
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:03 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 548t2TeeY-X19G0QOq-XKF7kkTID6SCwocjyOH98FC7qum1WukS68A==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 30 Nov 2021 21:08:03 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1638306483911&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%3Fcvid%3Dd4f5453f7be5453ccc51a9a30a0f5493%26ocid%3Dwinp1taskbar%26fullscreen%3Dtrue%23image%3D7&c8=This%20buttery%2C%20vanilla%20dough%20does%20it%20all.%20Here's%20the%20only%20holiday%20cookie%20recipe%20you%20need&c9=
content-length: 484
x-amz-cf-id: EnsEYNCWFk1RgeMvcfGdfg6LBN6EKmca6XYk22AOyE-ZuUT1kiBZHg==

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 6 KB
2 KB 391ms
391ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.10.1&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%227HD66FC%22%2C%22msft_rid%22%3A%22a545202554cb4d3ebd25636e0c3e4de8%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%2220437F1FF199631D318F6FE0F07E62FD%22%2C%22msft_pagetype%22%3A%22fs_gallery%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22rectangle1_arti_0%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221638306483920%7C968542927429514900%22%7D%2C%22alias%22%3A%22FDRUSEN30%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%221dcb41320%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.10.1/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b0bb0723b8651475ddc6eed01ca7ae1e8dc1e17025aed711c0a124ad7245d749

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store
x-robots-tag: noindex, noarchive, nosnippet, nofollow
x-content-type-options: nosniff
x-request-id: 27372c73cc19b9ef38b24447393bc57e3f2766

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 122ms
31ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 115ms
28ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 AARiCNI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 341 KB
342 KB 33ms
33ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARiCNI.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd53f4ff2463c2d234d6940f604ed558129fd8c40744c6d6b9619dac2eb81a9c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 21:08:04 GMT
last-modified: Tue, 30 Nov 2021 21:07:21 GMT
x-datacenter: northeu
x-source-length: 949804
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431899
x-activityid: ba75609c-d4e5-4509-bbdc-11a52da85d85
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AARiCNI?h=1080&w=1920&m=6&q=60&o=f&l=f
content-length: 348992
expires: Sun, 05 Dec 2021 21:06:23 GMT

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.10.1/ Frame B19A 154 KB
39 KB 8ms
8ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.10.1/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.10.1/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

addc1e4dd7fc6dd313b790767c4ce1974f8c214d450334f4bc6362e9634909d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 12:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30714
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 39752
x-amz-id-2: 9W9BZPtx0ET+kkrejsbSDTmpFIrHU+cpOHYBeAuzim5z0xch4xQybHFi11aCWiPs1VzRmjgmfbQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Nov 2021 13:27:09 GMT
server: ATS
etag: "934026e2c89686f511d38a9a0f49e309-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, OPTIONS
x-amz-request-id: 1BH7344EWNX6TBJC
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ Frame B19A 3 KB
3 KB 276ms
255ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FDRUSEN30&tp=msft_muid%3D20437F1FF199631D318F6FE0F07E62FD!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Da545202554cb4d3ebd25636e0c3e4de8!msft_year%3D!msft_asid%3D1638306483920|968542927429514900!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3dfc2d780b82ed0b3957ea365c309e65aa05ecf492aa6545192ba0dad90159af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
server: ATS/9.1.0.33
age: 0
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 3113
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C5166461%7C0%7C170%7CAdId=11043949;BnId=4;ct=4094105089;st=4311;adcid=1;itime=306484486;reqtype=5;guid=8ch72l9gqd4lj&b=3&s=ri;;impref=16383064842600566287;imprefseq=85597212...
26.at.atwola.com/ Frame B19A 1 B
307 B 155ms
112ms Image
application/x-javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C5166461%7C0%7C170%7CAdId=11043949;BnId=4;ct=4094105089;st=4311;adcid=1;itime=306484486;reqtype=5;guid=8ch72l9gqd4lj&b=3&s=ri;;impref=16383064842600566287;imprefseq=85597212503150142;imprefts=1638306484;adclntid=1002;pvid=1dcb41320;kvgrp=1dcb41320;kvmsft_jac=1;kvmsft_pagetype=fs_gallery;kvpg=www.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-aarjkif;kvmn=fdrusen30;kvsecure=true;kvmsft_providerid=7hd66fc;kvmsft_asid=1638306483920%7C968542927429514900;kvmsft_rid=a545202554cb4d3ebd25636e0c3e4de8;kvmsft_ext_inv_cd=us;kvmsft_muid=20437F1FF199631D318F6FE0F07E62FD;gdpr=0;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache
content-length: 1
x-content-type-options: nosniff
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 loader.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B19A 2 KB
2 KB 24ms
23ms Script
application/javascript 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FDRUSEN30&tp=msft_muid%3D20437F1FF199631D318F6FE0F07E62FD!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Da545202554cb4d3ebd25636e0c3e4de8!msft_year%3D!msft_asid%3D1638306483920|968542927429514900!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: pLUHk/oJyNBgGYWe8lAhWA==
server-timing: 12
content-length: 967
x-ms-lease-status: unlocked
last-modified: Thu, 25 Nov 2021 09:32:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9AFF675AA92B5
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 86b7267f-e01e-0009-1deb-e18819000000
cache-control: public, max-age=86400
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
akamai-request-id: 291d7866

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame B19A 19 B
140 B 30ms
11ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58294,55953,55936,58292,58160,55829,55859,57926,55939,58267&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FDRUSEN30&tp=msft_muid%3D20437F1FF199631D318F6FE0F07E62FD!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Da545202554cb4d3ebd25636e0c3e4de8!msft_year%3D!msft_asid%3D1638306483920|968542927429514900!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: no-cache
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame B19A 43 B
176 B 27ms
9ms Image
image/gif 52.57.30.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a9691540170705f2c9b79e3b43500cd&posi=986340&grp=%3F%3F%3F&nl=1638306484652&rts=1638306484408&pix=1&et=1&a=18f5d853c03740edabb1a77d8d685ee4&m=aXAtMTAtMjItOTktMjIz&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7Ozs2ZmU3NTQ2MjVhZmQ0OWIxYmVkZWRkMzE4MjIyZTcxMDszMTU1OTk1NDsxNjM4MzA0MjAwOzswOzswOztwYXNzYmFjay05MzkzOzs.&uid=y-hn.G.dRE2uryfNqyP5Zxz1luve.0%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxNw..&xoi=MHxERVU.&af=7&dety=5
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FDRUSEN30&tp=msft_muid%3D20437F1FF199631D318F6FE0F07E62FD!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Da545202554cb4d3ebd25636e0c3e4de8!msft_year%3D!msft_asid%3D1638306483920|968542927429514900!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.30.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-30-26.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
last-modified: Wed, 24 Nov 2021 20:39:48 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.37.js Show response
cdn.js7k.com/ix/ Frame B19A 76 KB
77 KB 29ms
10ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.37.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:21:57 GMT
x-content-type-options: nosniff
age: 13568
x-amz-server-side-encryption: AES256
content-length: 78331
x-amz-id-2: 5ljPJvm9OS+MII4gEJdP5VxeB/jooRiWmQt9X38YG0DO3tw6qU1UeDB8yM1bdzwveAw4GrSjMQU=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:57:38 GMT
server: ATS
etag: "89552f1206dff50a36eaa1887718e2c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: MGQ0JXFEKX7Y2S0F
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 v0.2.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B19A 3 KB
2 KB 68ms
20ms Script
application/javascript 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18961880
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 51efec8a28873f9bcbc470285e8c44721aedd8ba6a3bbb0a7137f15a8fcfa61f

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: BwhJIdV9OTCo4hrLZ2FETg==
server-timing: 11
content-length: 1538
x-ms-lease-status: unlocked
last-modified: Fri, 26 Nov 2021 22:24:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9B12B78827D0A
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ad5a2bdd-a01e-000d-7bd9-e463b5000000
cache-control: public, max-age=86400
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 291d797d

GET
H2 200 rectangle.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B19A 1 KB
1 KB 20ms
20ms Stylesheet
text/css 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/rectangle.css?v=18961880
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18961880
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-192.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02dab2d35f6317a3fcdb46a41e70a74eddb6784ff23986601f173d6d033d1be3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 3sPABzl1SEN+32ZJ8N3DgA==
server-timing: 12
content-length: 509
x-ms-lease-status: unlocked
last-modified: Fri, 26 Nov 2021 22:24:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9B12B786C85DE
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5d08d318-301e-0066-382d-e43509000000
cache-control: public, max-age=86400
akamai-server-ip: 2.16.186.188
x-ms-version: 2009-09-19
akamai-request-id: 291d79d5

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame F425 8 KB
3 KB 35ms
9ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.10.1/jac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/

Response headers

content-encoding: gzip
age: 55
content-type: text/html
date: Tue, 30 Nov 2021 21:08:04 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (frb/669E)
vary: Accept-Encoding
x-amz-id-2: pDrdzM/m7IVmo/CV7fkMdpP1wlHA9mupxhotUuTLRmWfnvjjSe4fU/5DX5iqjAmF4l9Br74pORs=
x-amz-request-id: 9N0XRTY5QG13RAKE
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3220

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 113ms
31ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 119ms
29ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 irisbannerajax Show response
www.msn.com/en-us/foodanddrink/ 0
471 B 72ms
72ms XHR
text/plain 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/foodanddrink/irisbannerajax?position=top&canvas=views&cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true

Requested by

Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/foodanddrink/8beae48e-67da-4322-b8a5-9aa6ace82888/_csp;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: html

Response headers

strict-transport-security: max-age=1209600; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-activity-id: 8beae48e-67da-4322-b8a5-9aa6ace82888
x-xss-protection: 1
x-ua-compatible: IE=Edge;chrome=1
pragma: no-cache
x-aspnetmvc-version: 5.2
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 49, sn: neurope-prod-entertainment, dt: 2021-11-30T06:12:36.6461382Z, bt: 2021-11-24T18:33:10.1088669Z}
x-frame-options: SAMEORIGIN
date: Tue, 30 Nov 2021 21:08:04 GMT
vary: User-Agent
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, no-transform
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/foodanddrink/8beae48e-67da-4322-b8a5-9aa6ace82888/_csp;
x-msedge-ref: Ref A: 8BEAE48E67DA4322B8A59AA6ACE82888 Ref B: VIEEDGE3220 Ref C: 2021-11-30T21:08:04Z
x-appversion: 20211124_25888217
expires: -1

GET
H2 200 msftsync.html Show response
cdn.adaptv.advertising.com/msft/ Frame CEA8 1 KB
2 KB 37ms
10ms Document
text/html 192.229.221.28
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adaptv.advertising.com/msft/msftsync.html
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F56) /
Resource Hash: 6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/

Response headers

accept-ranges: bytes
age: 504015
content-type: text/html
date: Tue, 30 Nov 2021 21:08:04 GMT
etag: "3e0945d7410acb79f4bc1c066c83cbbc"
last-modified: Wed, 22 Jan 2020 16:26:35 GMT
nel: {"report_to": "default", "max_age": 604800, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.01}
report-to: {"group": "default", "max_age":604800, "endpoints":[{"url":"https://report.vdms.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
server: ECAcc (frc/8F56)
x-amz-id-2: muVwQo1H6+VM3Jhy4OYVvRR2pb0pKm4SmUVtWgKJzNnUNiKA88teNfdhXBHWLQ/djzS1yTS+e6s=
x-amz-replication-status: COMPLETED
x-amz-request-id: 9FY4V112XVFZ0N9P
x-amz-server-side-encryption: AES256
x-amz-version-id: zqeLDDuJFBlGL7Xo4iS44TeBMv3TBu.Q
x-cache: HIT
content-length: 1126

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://www.bizographics.com/collect/?fmt=gif&pid=7850
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQIkT3BpZGbobQAAAX1yrRfW9I9GWeU88lXnHCeZZtIs0zLbIp5QOU4lpWMh8WD-XRrc32Mg

43 B
239 B

459ms
176ms

Image
image/gif

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQIkT3BpZGbobQAAAX1yrRfW9I9GWeU88lXnHCeZZtIs0zLbIp5QOU4lpWMh8WD-XRrc32Mg
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:06 GMT
content-encoding: gzip
server: Play
linkedin-action: 1
vary: Accept-Encoding
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: image/gif
content-length: 65
x-li-uuid: IJ4gyhFvvBagLw5oiysAAA==

Redirect headers

date: Tue, 30 Nov 2021 21:08:06 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQIkT3BpZGbobQAAAX1yrRfW9I9GWeU88lXnHCeZZtIs0zLbIp5QOU4lpWMh8WD-XRrc32Mg
x-li-proto: http/2
x-li-pop: prod-lor1
content-length: 0
x-li-uuid: ddcmsBFvvBZAB0y9XysAAA==

GET
H2

200

silentpassport Show response
www.msn.com/en-us/foodanddrink/secure/ Frame F022
Redirect Chain

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1638306483&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2ffoodanddrink%2fsecure%2fsilentpassport%3fsecure%3dt...
https://www.msn.com/en-us/foodanddrink/secure/silentpassport?secure=true&lc=1033

239 B
525 B

60ms
59ms

Document
text/html

131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/foodanddrink/secure/silentpassport?secure=true&lc=1033

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

/ ASP.NET

Resource Hash

0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/

Response headers

cache-control: private, no-transform
content-length: 185
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: User-Agent
access-control-allow-origin: *
x-aspnetmvc-version: 5.2
x-appversion: 20211124_25888217
x-activity-id: 9eb7114e-8f60-4181-b0c2-20bcc73116e5
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 9, sn: neurope-prod-entertainment, dt: 2021-11-24T22:15:13.1360635Z, bt: 2021-11-24T18:33:10.1088669Z}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-powered-by: ASP.NET
access-control-allow-methods: HEAD,GET,OPTIONS
x-xss-protection: 1
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9EB7114E8F604181B0C220BCC73116E5 Ref B: VIEEDGE3220 Ref C: 2021-11-30T21:08:04Z
date: Tue, 30 Nov 2021 21:08:04 GMT

Redirect headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Tue, 30 Nov 2021 21:07:04 GMT
Location: https://www.msn.com/en-us/foodanddrink/secure/silentpassport?secure=true&lc=1033
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: d976d786-178d-4082-bbfa-2fa7590c45c3
PPServer: PPV: 30 H: BL02PF078FDBEB4 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Tue, 30 Nov 2021 21:08:04 GMT
Content-Length: 0

GET
H2

200

getuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/mapuid?suid=20437F1FF199631D318F6FE0F07E62FD&sid=16
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0666c1b8fb96f0f0e51a56b9a70e3a96def239a3b7aa50e31f71bc9e47868038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AndkZ6oLiVaMUpX7mEypcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 30 Nov 2021 21:26:37 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: GUApml3wTSGHAGC+BaLWSKUY10C4A5KG9cjy4sFwgWtZN4839oe3vK1G9WRChLsIZHntIWUd4j/okMxvyzhnVw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 0e84a1335642b8d29aa881f9ca8d17e5
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Nov 2021 21:08:04 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "18241744b229daab45d9f398888362bb"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 128ms
30ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 msnhomepagehistory.aspx Show response
www.bing.com/ 2 B
935 B 55ms
53ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/msnhomepagehistory.aspx?_=1638306483843
Requested by: Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 717242E96177427785570D13490419F0 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:04Z
x-snr-routing: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin: https://www.msn.com
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 6
expires: -1

GET
H2 200 TaboolaCookieSyncScript.js Show response
cdn.taboola.com/ 2 KB
1 KB 28ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/TaboolaCookieSyncScript.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: H.Y5st4f9YCLW_cyz9zrbO7e673uzGOr
content-encoding: gzip
etag: "c82b00ef266759f04018438bb542679a"
age: 18610
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 817
x-amz-id-2: f3kaCUbjeqUviXRu29sb6/wFka4PiMCcu9FTTRo1SaLL4tKelLy1G+6r6Guk5SnW5nQcQtd0CiY=
x-served-by: cache-hhn4029-HHN
last-modified: Mon, 16 Oct 2017 10:26:53 GMT
server: AmazonS3
x-timer: S1638306485.844715,VS0,VE0
date: Tue, 30 Nov 2021 21:08:04 GMT
vary: Accept-Encoding
x-amz-request-id: Z8Y5XQDWNT9CKM3T
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 98
x-cache-hits: 235

GET
H2 200 MSNIdSync.js Show response
widgets.outbrain.com/external/publishers/msn/ 5 KB
2 KB 88ms
31ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8fbf6928787ffb5fdb8a25b297b7a0f02d5e33b29a03281567cd5f19a71e7762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 15:57:33 GMT
server: AkamaiNetStorage
etag: "b1ff756b088e4df48225de9d3834c1e8:1638287897.150311"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2154

GET
H2 200 sync.js Show response
ib.3lift.com/ 275 B
575 B 30ms
8ms Script
application/javascript 143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/sync.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: /
Resource Hash: c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:57:58 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 20:57:58 GMT
age: 606
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-length: 275
x-amz-cf-id: _SLeZXus9e7YvVrWvtPWa-EQK4uvGuK2zIzuYN4SL4i_rDeWV2NZPQ==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 23ms
11ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=d25d54ee747eb924d768c88d8f0dce46

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b81e1f027cb3068d895a0cd46af48041a0c0756cba53fa70626156d97de52bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IfRggVwbYgmEbvlAaOfqtg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Nov 2022 20:06:25 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82920
x-fb-rlafr: 0
x-fb-debug: LoTEbvGdoGKA+n0/FuWmZVxupsatv0raWyrhA+BZJibTga1eHR6gPBIRaN23bYc1q7UFnqxZmNm0PzXEeACgDg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 311626f18aa1501e7695cbb96aead76d
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 21:08:04 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c8197c18fa1fe4fdc92b7122de997ef5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 c.gif
c.bing.com/ Frame CEA8 42 B
206 B 29ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?aol_uid=nocookie&Red3=MSAOL_pd
Requested by: Host: cdn.adaptv.advertising.com
URL: https://cdn.adaptv.advertising.com/msft/msftsync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.adaptv.advertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96F9719806F54F1D92DAA5C8A5889C73 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame F425 38 B
141 B 13ms
13ms XHR
application/json 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://tag.idsync.analytics.yahoo.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3FA8 1 KB
1 KB 11ms
10ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: ad259564da69d2821f981adcfa14f121ad02b77645fa4b25eaa7b767ff9e3e55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
content-type: text/html; charset=utf-8
content-length: 464
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 user.sync Show response
api.taboola.com/1.2/json/taboola-usersync/ 110 B
488 B 19ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.taboola.com/1.2/json/taboola-usersync/user.sync?app.type=desktop&app.apikey=e60e3b54fc66bae12e060a4a66536126f26e6cf8&response.callback=taboolaHandleUpdateUserId
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/TaboolaCookieSyncScript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b00901bfa5820614168d93bb4e6901ccf2be2c27bd66b69cde6af2eb3d51fcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 30 Nov 2021 21:08:04 GMT
content-encoding: gzip
server: nginx
x-timer: S1638306485.863153,VS0,VE9
x-served-by: cache-hhn4029-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3FA8 70 B
265 B 106ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 3FA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJExtRNe_-ZgvL-Mp5xke7c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJExtRNe_-ZgvL-Mp5xke7c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJExtRNe_-ZgvL-Mp5xke7c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FA8
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D&google_tc=

170 B
188 B

51ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NjAxMDk2MzUxNzk3MTIxNDQ%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 3FA8 0
812 B 536ms
188ms Image
text/plain 2620:119:50e7:101::9002:e05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=14560109635179712144&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:05 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lor1
content-length: 0
x-li-uuid: ofSsehFvvBbAEUu9XysAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 3FA8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/14560109635179712144?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-fqkkLVZE2oTBm1LrUHkk8KrFWIdBuNBc9OsIpb8OYQ--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-fqkkLVZE2oTBm1LrUHkk8KrFWIdBuNBc9OsIpb8OYQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 30 Nov 2021 21:08:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-fqkkLVZE2oTBm1LrUHkk8KrFWIdBuNBc9OsIpb8OYQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3FA8 43 B
220 B 34ms
8ms Image
image/gif 3.120.169.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=14560109635179712144&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.169.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 3FA8 42 B
198 B 33ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=14560109635179712144&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF4341B4C9A8493BB14BD1C0ABE64631 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 3FA8
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14560109635179712144
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14560109635179712144&dcc=t

0
0

103ms
103ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14560109635179712144&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R1G7CGA4WAE34QVC4RRT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14560109635179712144&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3FA8
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

7ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 3FA8
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=2533623548162963499&dongle=d407

37 B
352 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=2533623548162963499&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=2533623548162963499&dongle=d407
pragma: no-cache
date: Tue, 30 Nov 2021 21:08:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 128ms
111ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=223505105588011&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fen-us%2Ffoodanddrink%2Frecipes%2Fthis-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need%2Far-AARjkif%3Fcvid%3Dd4f5453f7be5453ccc51a9a30a0f5493%26ocid%3Dwinp1taskbar%26fullscreen%3Dtrue%23image%3D7&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d25d54ee747eb924d768c88d8f0dce46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: OEnFlVa4KZCt433im3QfiIJDRBlb3k3kIqkcX8idWB1r39QmAtCDGDPFjBLvazxBvRuRyMEBRf7GLEWItCWH8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 30 Nov 2021 21:08:04 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 6E7B
Redirect Chain

https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=223505105588011&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b0e64f...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...

0
0

222ms
211ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2b0e64fbfacb74%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff817e5ca28686%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d25d54ee747eb924d768c88d8f0dce46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: PHBTQaNwqGYQA7WhLhW+GBPsl+7tljLkUWMFYW9wYzHJ9rgePGTn9jyK5v1R+FcKjnDY/buojBwFNnnugkJM9A==
date: Tue, 30 Nov 2021 21:08:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2b0e64fbfacb74%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff817e5ca28686%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3Sw9oDA/Y78Tu6F+b/dZAaUARSs2tDfbDhjfD2Y6KetL4FYTviYE3g0a5g1j8pDRJ+Xx4swKtQVj7W44qiyOwA==
content-length: 0
date: Tue, 30 Nov 2021 21:08:04 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

POST
H/1.1 200
OK v1
web.vortex.data.msn.com/collect/ 0
0 112ms
27ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1

200
OK

async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7083
Redirect Chain

https://ib.adnxs.com/async_usersync_file
https://acdn.adnxs.com/dmp/async_usersync.html

52 KB
17 KB

115ms
40ms

Document
text/html

2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/foodanddrink/_sc/js/d7cb56b9-6ef4b25e/direction=ltr.locales=en-us.themes=violet.dpi=resolution1x/7a-b2958a-e55f641e/b6-1cb2fa-dc19049b/22-632238-bef5c007/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92?ver=20211124_25888217&fdhead=msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c&ocid=winp1taskbar&csopd=20201002173836&csopdb=20211103190100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 01 Dec 2021 21:08:08 GMT
Date: Tue, 30 Nov 2021 21:08:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: nginx/1.17.9
Date: Tue, 30 Nov 2021 21:08:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://acdn.adnxs.com/dmp/async_usersync.html
AN-X-Request-Uuid: fd20f8ef-aba3-457f-9e9d-6d05e7e63c49
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H2 200 v1
match.sharethrough.com/sync/ 68 B
263 B 126ms
8ms Image
image/png 18.157.150.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?supply_id=FPB1dLHF&supply_user_id=20437F1FF199631D318F6FE0F07E62FD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.150.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:05 GMT
content-length: 68
content-type: image/png

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ 49 B
235 B 140ms
23ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=20437F1FF199631D318F6FE0F07E62FD&external=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 49
expires: 0

POST
H2 200 auction Show response
srtb.msn.com/ 7 KB
3 KB 340ms
321ms XHR
text/html 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

3f0f6a23a987d2d0f155ac01c96348a882d6f1db92bc7c9c9a4fcc306af5c49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
x-msEdge-clientId: 20437F1FF199631D318F6FE0F07E62FD
Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-ms-flightId: msnallexpusers,muidflt14cf,muidflt16cf,muidflt27cf,muidflt51cf,mmxios1cf,pneedge1cf,audexedge3cf,moneyhp1cf,compliancehp1cf,pnehz3cf,audexhz3cf,moneyhz2cf,bingcollabhz1cf,1s-brsageccpd1,article2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,msnsports2cf,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,weather9cf,msnapp8cf,prong2c,1s-pagesegservice,routentpring2c
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 21:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 520CC708438C4560A26B1A8D62A3F5AD Ref B: FRAEDGE1519 Ref C: 2021-11-30T21:08:05Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=280
timing-allow-origin: https://www.msn.com

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 140ms
30ms Preflight 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ms-flightid,x-msedge-clientid
Origin: https://www.msn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

vary: Origin
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age: 21600
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ADCE8F5F3515478B80B8D7CA7D755040 Ref B: FRAEDGE1414 Ref C: 2021-11-30T21:08:05Z
date: Tue, 30 Nov 2021 21:08:05 GMT
content-length: 0

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 7083
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

61ms
61ms

Script
text/html

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:06 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2397b7a7-a755-4698-9395-dea3c68e1a85
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:06 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ee57b406-9ab9-4bf8-abc2-70f3ca71beb5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F30365f45fb0765af120ca0b0662db483.png
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_250%2Cw_300%2Cc_pad%2Cb_auto/ Frame B19A 8 KB
8 KB 10ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_250%2Cw_300%2Cc_pad%2Cb_auto/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F30365f45fb0765af120ca0b0662db483.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fcc007c13bbe8464c128528c6d9b1c68751c7356e4deb909a373befbcc1b5bed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 30 Nov 2021 21:08:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 1081067
edge-cache-tag: 606841189887281629526777303270626776250,521633014253148774019624388523211613208,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 36
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_250%2Cw_300%2Cc_pad%2Cb_auto/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F30365f45fb0765af120ca0b0662db483.png
content-length: 7860
x-request-id: b7af31da67a49146f1a6e25b44cd5f12
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 15 Nov 2021 13:03:27 GMT
server: nginx
x-timer: S1638306486.333286,VS0,VE1
etag: "e1735227452ba180973b51c9e5ae06c8"
x-served-by: cache-bwi5039-BWI, cache-dca17780-DCA, cache-hhn4029-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 204 recommendations.notify-available
api.taboola.com/2.0/json/msn-msn-home/ Frame B19A 0
260 B 16ms
16ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__774386d68b6ff9ee38399bf6bbe6351b__4bf4d5740f7879717d291fb1dbd3a908__%7E%7EV1%7E%7E-434714284991457092%7E%7EEKhlJ_jTqmaQTHS6J6EJgrDCzDH5ZUMp37rdZEj5-pHTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLbgbn18lED0ML33ONAEERGgBmeFjRYiAaE2zwJy7_fsnKsXiqb-19jYfpXKtjLbPFz9UW9_QFrN092HDvxYHWf6p4lMiSqOuA7F1UJym5c4AoVAm9PwBl4Ce_JGaGdaYP-M9VTiiE-_I7n_YR8WRJO-orBOBAJdMXLS-BFmvayIlCDHfJ2n79lm27VEzcLRFZeiJ5w4BRq1q_gaAryDiXkMO7Tswj5WH4cylUjQLFLHQ__text&response.session=v2_dc7521bc5bd2ca786bff517e66b3ca12_20437F1FF199631D318F6FE0F07E62FD_1638306486_1638306486_CIi3jgYQy9c-GJHbrurS7vuzjQEgASgFMDg4m-MJQP-JEEjjhtgDUKbsEFgAYABokJjB3LiroqIIcAA&view.external-id=a545202554cb4d3ebd25636e0c3e4de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 30 Nov 2021 21:08:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638306486.332316,VS0,VE9
x-served-by: cache-hhn4029-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ Frame B19A 305 B
368 B 33ms
12ms Image
image/jpeg 213.254.244.15
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=15911784&cmp=164527&sid=7744&plc=5969059&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Content-Length: 142
Expires: 11/29/2021 9:08:06 PM

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame B19A 70 B
598 B 142ms
53ms Image
image/png 52.17.98.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9v.CampID=3175&D9r.DeviceID=true&D9c=ftImp&D9v.CCampID=164527&D9c.placementId=5969059&D9v.gdpr=${GDPR}&D9v.gdpr_consent=${GDPR_CONSENT_78}&D9v.us_privacy=${US_PRIVACY}&cb=2021-11-30+21%3A08%3A06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-98-114.eu-west-1.compute.amazonaws.com
Software: prod-xre-app23.lhr11 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 21:08:05 GMT
Server: prod-xre-app23.lhr11
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/png
Content-Length: 70
X-HW: 1638306388.dop034.lo4.t,1638306388.cds215.lo4.shn,1638306483.dop034.lo4.t,1638306486.cds010.lo4.sc,1638306486.cds010.lo4.p

GET
H2 204 served
srtb.msn.com/notify/ Frame B19A 0
96 B 36ms
36ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=a545202554cb4d3ebd25636e0c3e4de8&r=swrect&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=aec27dde-feed-4ff5-bfc1-d6dc5e15bec1&ii=1&c=14317727672879189482

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CD4667B53E24DEE9A1B1994CCE93C25 Ref B: FRAEDGE1519 Ref C: 2021-11-30T21:08:06Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-visible
api.taboola.com/2.0/json/msn-msn-home/ Frame B19A 0
61 B 20ms
20ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-visible?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__774386d68b6ff9ee38399bf6bbe6351b__4bf4d5740f7879717d291fb1dbd3a908__%7E%7EV1%7E%7E-434714284991457092%7E%7EEKhlJ_jTqmaQTHS6J6EJgrDCzDH5ZUMp37rdZEj5-pHTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLbgbn18lED0ML33ONAEERGgBmeFjRYiAaE2zwJy7_fsnKsXiqb-19jYfpXKtjLbPFz9UW9_QFrN092HDvxYHWf6p4lMiSqOuA7F1UJym5c4AoVAm9PwBl4Ce_JGaGdaYP-M9VTiiE-_I7n_YR8WRJO-orBOBAJdMXLS-BFmvayIlCDHfJ2n79lm27VEzcLRFZeiJ5w4BRq1q_gaAryDiXkMO7Tswj5WH4cylUjQLFLHQ__text&response.session=v2_dc7521bc5bd2ca786bff517e66b3ca12_20437F1FF199631D318F6FE0F07E62FD_1638306486_1638306486_CIi3jgYQy9c-GJHbrurS7vuzjQEgASgFMDg4m-MJQP-JEEjjhtgDUKbsEFgAYABokJjB3LiroqIIcAA&view.external-id=a545202554cb4d3ebd25636e0c3e4de8&ppb=CIoB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 13
pragma: no-cache
date: Tue, 30 Nov 2021 21:08:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638306486.333434,VS0,VE13
x-served-by: cache-hhn4029-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 viewed
srtb.msn.com/notify/ Frame B19A 0
127 B 35ms
34ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/viewed?rid=a545202554cb4d3ebd25636e0c3e4de8&r=swrect&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=aec27dde-feed-4ff5-bfc1-d6dc5e15bec1&ii=1&c=14317727672879189482

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72A5AA8D31A44AB5824F6CDB2C5652EE Ref B: FRAEDGE1519 Ref C: 2021-11-30T21:08:06Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 200 c.gif
c.bing.com/ 42 B
151 B 32ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=MSAOL_Video_pd&rid=a5452025-54cb-4d3e-bd25-636e0c3e4de8&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/foodanddrink/recipes/this-buttery-vanilla-dough-does-it-all-here-s-the-only-holiday-cookie-recipe-you-need/ar-AARjkif?cvid=d4f5453f7be5453ccc51a9a30a0f5493&ocid=winp1taskbar&fullscreen=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C6A6539986B413DB7853E113F91ACE5 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

mapuid
m.adnxs.com/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=a5452025-54cb-4d3e-bd25-636e0c3e4de8&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us...
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D20437F1FF199631D318F6FE0F07E62FD%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember...
https://m.adnxs.com/mapuid?member=226&user=20437F1FF199631D318F6FE0F07E62FD&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D20437F1FF199631D318F6FE0F07E62FD
https://m.adnxs.com/mapuid?member=280&user=20437F1FF199631D318F6FE0F07E62FD

43 B
949 B

16ms
15ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.adnxs.com/mapuid?member=280&user=20437F1FF199631D318F6FE0F07E62FD

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:06 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d5b083b3-2e1a-4ed5-92e2-284ad8e12adf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:06 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d04494c7-b98e-4b00-91df-3d88ef9d5a38
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://m.adnxs.com/mapuid?member=280&user=20437F1FF199631D318F6FE0F07E62FD
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSDB_pd&rid=a5452025-54cb-4d3e-bd25-636e0c3e4de8&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/fooda...
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=20437F1FF199631D318F6FE0F07E62FD&_rand=629324

43 B
259 B

117ms
56ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=20437F1FF199631D318F6FE0F07E62FD&_rand=629324
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6b670c974e4dd220-MAN
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAACC55254B948A6A3AF8D966649B21E Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=20437F1FF199631D318F6FE0F07E62FD&_rand=629324
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

20437F1FF199631D318F6FE0F07E62FD
pr-bh.ybp.yahoo.com/sync/msn/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSOATH_pd
https://pr-bh.ybp.yahoo.com/sync/msn/20437F1FF199631D318F6FE0F07E62FD

43 B
872 B

34ms
34ms

Image
image/gif

2a05:d018:d29:3601:2cf4:6544:81b3:ad54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msn/20437F1FF199631D318F6FE0F07E62FD

Protocol

Server

2a05:d018:d29:3601:2cf4:6544:81b3:ad54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 21:08:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABE19CB3597C4592AC0534414CDA7B31 Ref B: FRAEDGE1418 Ref C: 2021-11-30T21:08:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://pr-bh.ybp.yahoo.com/sync/msn/20437F1FF199631D318F6FE0F07E62FD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cksync.php
hbx.media.net/ 44 B
289 B 129ms
73ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=20437F1FF199631D318F6FE0F07E62FD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 30 Nov 2021 21:08:06 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Tue, 30 Nov 2021 21:08:06 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.mgid.com/m?cdsp=516415&c=20437F1FF199631D318F6FE0F07E62FD&mode=inverse
https://cm.mgid.com/m?c=20437F1FF199631D318F6FE0F07E62FD&cdsp=516415&mode=inverse&sct=1
https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_8408f05a-169e-4e08-9f5b-8d4db91042ee&bsw_param=37402901-7d2f-4e92-879c-2b641361f8e3&expires=10
https://cm.mgid.com/m?cdsp=433145&c=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&us_privacy=

43 B
480 B

58ms
58ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 21:08:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b670c9839245b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=37402901-7d2f-4e92-879c-2b641361f8e3&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 30 Nov 2021 21:08:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7083 0
731 B 14ms
14ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 21:08:07 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 80577e85-4456-480c-9261-b16f2c72e775
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:14:42	Name: sync Value: CgoIgQIQ_qS0ldcvCgoI4gEQ_qS0ldcvCgoI5gEQ_qS0ldcvCgoIhwIQ_qS0ldcvCgkICRD-pLSV1y8KCQg6EP6ktJXXLwoJCAsQ_qS0ldcvCgoIjAIQ_qS0ldcvCgoIzgEQ_qS0ldcvCgkIXxD-pLSV1y8=
.msn.com/	1969-12-31 23:59:59	Name: anoncknm Value:
.msn.com/	1969-12-31 23:59:59	Name: _EDGE_S Value: F=1
.msn.com/	1970-01-20 08:26:42	Name: _EDGE_V Value: 1
.msn.com/	1970-01-20 08:26:42	Name: MUID Value: 20437F1FF199631D318F6FE0F07E62FD
.scorecardresearch.com/	1970-01-20 16:21:54	Name: UID Value: 1ENSEYNCWFK1RGEMVCFGDFg1638306484
.bing.com/	1970-01-20 08:26:42	Name: MUID Value: 20437F1FF199631D318F6FE0F07E62FD
.c.bing.com/	1970-01-20 08:26:42	Name: SRM_B Value: 20437F1FF199631D318F6FE0F07E62FD
.c.bing.com/	1970-01-20 08:26:42	Name: SRM_M Value: 20437F1FF199631D318F6FE0F07E62FD
.c.msn.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.msn.com/	1970-01-19 23:05:07	Name: ANONCHK Value: 0
.msn.com/	1970-01-20 07:50:42	Name: MC1 Value: GUID=6049d6e0631f4714a4e3c250d4fcfee7&HASH=6049&LV=202111&V=4&LU=1638306484082
.msn.com/	1970-01-19 23:05:08	Name: MS0 Value: 58e8657ff36149bfb5af6cde865c185b
.yahoo.com/	1970-01-20 07:51:04	Name: A3 Value: d=AQABBLOSpmECENR2KP2_dASeu8cLJ6riRIYFEgEBAQHkp2GwYQAAAAAA_eMAAA&S=AQAAArbQx3xtCXK-9z6UDuxGnsE
.msn.com/	1970-01-20 07:50:42	Name: _SS Value: SID=00
.3lift.com/	1970-01-20 01:14:42	Name: tluid Value: 14560109635179712144
.bing.com/	1970-01-19 23:06:32	Name: SUID Value: M
.bing.com/	1970-01-20 08:26:42	Name: SRCHD Value: AF=NOFORM
.bing.com/	1970-01-20 08:26:42	Name: SRCHUID Value: V=2&GUID=7B08A02298574E798C4FC0005428648F&dmnchg=1
.bing.com/	1970-01-20 08:26:42	Name: SRCHUSR Value: DOB=20211130
.bing.com/	1970-01-20 08:26:42	Name: SRCHHPGUSR Value: SRCHLANG=de
.bing.com/	1969-12-31 23:59:59	Name: _SS Value: SID=10DF40CEA0EF63B527E35031A1846226
.turn.com/	1970-01-20 03:24:18	Name: uid Value: 2533623548162963499
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 8eec3c2b98b04572a2f12466bb2ad97a
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=1184&lt=1638306484&co=1
.doubleclick.net/	1970-01-20 08:26:42	Name: IDE Value: AHWqTUkB_pOTF5IeUQFf8wP6vTEcvNRbRdJNUALTf_xIfPyQtQvsDh8HzubmOR3JOEY
.bizographics.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-19 23:06:32	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2598:u=1:x=1:i=1638306485:t=1638392885:v=2:sig=AQE0a1mqnI6Y6eJ38b96Pku3arSVvMV4"
.linkedin.com/	1970-01-19 23:48:18	Name: UserMatchHistory Value: AQIfihcRacHWygAAAX1yrRSzrViWTfK5tXAtbytVxWi56HEOCNYsC_gFi_zdRfw5EIZDFnsU384uOQ
.linkedin.com/	1970-01-19 23:48:18	Name: AnalyticsSyncHistory Value: AQK3GucsXf1H-wAAAX1yrRSz4QqvXF2wyby6P3XCgxFhDLKqIyMdz7jiRjdq-J04RtDNfJSFWV-HYk7KW5O9Cg
.linkedin.com/	1970-01-20 16:37:00	Name: bcookie Value: "v=2&08155e01-4b41-4b67-8078-65930cb97e1f"
.sharethrough.com/	1970-01-20 07:50:42	Name: stx_user_id Value: f29bdfac-b16a-4bd6-af73-234d6d348042
.adnxs.com/	1970-01-20 01:14:42	Name: uuid2 Value: 1516751747348887883
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:37:00	Name: bscookie Value: "v=1&202111302108060e2d422e-172f-442a-8164-64d854d4eadbAQFGUOZYp8NEen-6MosQnTLniNQS1Bnx"
.linkedin.com/	1970-01-20 16:23:25	Name: li_gc Value: MTswOzE2MzgzMDY0ODY7MjswMjFHqTwR/6gwRHwL6ODNE/hi3xFL0RirKy8dzHflAlcA4g==
.msn.com/	1970-01-19 23:05:10	Name: ecasession Value: v2_dc7521bc5bd2ca786bff517e66b3ca12_20437F1FF199631D318F6FE0F07E62FD_1638306486_1638306486_CIi3jgYQy9c-GJHbrurS7vuzjQEgASgFMDg4m-MJQP-JEEjjhtgDUKbsEFgAYABokJjB3LiroqIIcAA
www.msn.com/	1970-01-19 23:06:32	Name: msaOptout Value: 0
.adnxs.com/	1970-01-20 01:14:42	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In7j@]9#!]tbP6j2F-XstGt!@De8$leTS
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lau6JD58uT8d
.mgid.com/	1970-01-19 23:05:08	Name: __cf_bm Value: KXoDfAs2YHDpgHh26FFv81ac6KlHz.fPQ90qyXCqAFw-1638306486-0-AbbReS4NTS3TA57Od8o/7/gxG797FKVN1KNd+w6ppCZb+r2lk0v+xvFuIgc98U7AAxIGs1jRqKFz0TjMm+9YMSs=
.bidswitch.net/	1970-01-20 07:50:42	Name: tuuid Value: 37402901-7d2f-4e92-879c-2b641361f8e3
.bidswitch.net/	1970-01-20 07:50:42	Name: c Value: 1638306486
.bidswitch.net/	1970-01-20 07:50:42	Name: tuuid_lu Value: 1638306487
.taptapnetworks.com/	1970-01-20 07:50:42	Name: SONATA_ID Value: csonata_8408f05a-169e-4e08-9f5b-8d4db91042ee
cm.mgid.com/	1970-01-19 23:48:18	Name: mg_sync Value: {"433145":1638306487,"516415":1638306486}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://jac.yahoosandbox.com/0.10.1/jac.js Message: Allow attribute will take precedence over 'allowfullscreen'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26.at.atwola.com
acdn.adnxs.com
ad.turn.com
api.taboola.com
assets.msn.com
b1sync.zemanta.com
c.bing.com
c.msn.com
cdn.adaptv.advertising.com
cdn.js7k.com
cdn.taboola.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
confiant.msn.com
connect.facebook.net
d9.flashtalking.com
eb2.3lift.com
hbx.media.net
ib.3lift.com
ib.adnxs.com
img-s-msn-com.akamaized.net
img.img-taboola.com
jac.yahoosandbox.com
jill.fc.yahoo.com
login.live.com
m.adnxs.com
match.adsrvr.org
match.sharethrough.com
p.adsymptotic.com
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.yahoo.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.amazon-adsystem.com
sb.scorecardresearch.com
service.idsync.analytics.yahoo.com
sonata-notifications.taptapnetworks.com
srtb.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
tag.idsync.analytics.yahoo.com
tps.doubleverify.com
visitor.omnitagjs.com
web.ssp.yahoo.com
web.vortex.data.msn.com
widgets.outbrain.com
www.bing.com
www.bizographics.com
www.facebook.com
www.linkedin.com
www.msn.com
x.bidswitch.net
104.18.100.194
104.19.132.78
108.174.10.14
13.248.245.213
13.32.121.37
131.253.33.203
142.250.186.34
143.204.98.23
151.101.65.44
152.195.51.15
18.157.150.79
185.255.84.153
185.33.220.244
185.33.221.89
192.229.221.28
2.16.186.192
2.16.186.42
2.18.232.130
2.18.232.6
2.18.234.190
2.18.235.93
20.190.160.134
2001:678:cb4:bbbb::11
204.79.197.203
209.54.177.54
212.82.100.182
213.254.244.15
2620:119:50e7:101::9002:e05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1288:80:800::7001
2a02:26f0:6c00::210:ba09
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:2cf4:6544:81b3:ad54
3.120.169.248
3.126.56.137
40.77.226.250
52.142.114.2
52.17.98.114
52.223.40.198
52.28.203.152
52.57.134.242
52.57.30.26
70.42.32.191
02dab2d35f6317a3fcdb46a41e70a74eddb6784ff23986601f173d6d033d1be3
0666c1b8fb96f0f0e51a56b9a70e3a96def239a3b7aa50e31f71bc9e47868038
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
3808f7e3978c6d68e7d90ab2347f5a20aea46068e00e9946a800aeac481c116c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfc2d780b82ed0b3957ea365c309e65aa05ecf492aa6545192ba0dad90159af
3f0f6a23a987d2d0f155ac01c96348a882d6f1db92bc7c9c9a4fcc306af5c49e
40cb79da2384ffda15207e98d796e905dd94b4d435c9312e05eff613a16db2e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4888bb5e328c543cdff91c41e09d5d6abe880449951349dc72f9c46cbae88b9e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
51efec8a28873f9bcbc470285e8c44721aedd8ba6a3bbb0a7137f15a8fcfa61f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5eaec961b4e73245c0128f08dd245d3b244bbc1175cc015942ede5e04e2f011d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6168560d4c3b06a3c6dc6837eb93c9c6fcfe0e44546c140cc0f4c13fa9ee2a5e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b81e1f027cb3068d895a0cd46af48041a0c0756cba53fa70626156d97de52bf
6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
775d41b82ed09016b15d6899273ac56f1d9cfddcac78c5c622dfb05903d818d5
7a220a28b298e3584b6e365210209550b43c6b8c0cbc4f96f325eadffd0688c5
7a5ab418dc7f4bac2e9846c3830f8ac8e7a961b98359b0d1870bfbb627807b20
7b00901bfa5820614168d93bb4e6901ccf2be2c27bd66b69cde6af2eb3d51fcf
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c0e263b34c62ff6ab6e71b6f5c151bb80a3f8cc8c535597f23cb990ffc506cc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fbf6928787ffb5fdb8a25b297b7a0f02d5e33b29a03281567cd5f19a71e7762
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
97b1ffaf0413f351625c6c565e25a1fd489bb38261e8d0141ae674861ceda2d2
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad259564da69d2821f981adcfa14f121ad02b77645fa4b25eaa7b767ff9e3e55
adc171dfb5c99116b0196aed474df9b04a826438ff5e92c02d21e74dac702db3
addc1e4dd7fc6dd313b790767c4ce1974f8c214d450334f4bc6362e9634909d4
b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620
b0bb0723b8651475ddc6eed01ca7ae1e8dc1e17025aed711c0a124ad7245d749
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b7343f80739c4b2897176ddf0b6e6dd2dc597f6026791ac2543827e8f3962622
b824a7702f89b23259ba95dcdf4e3f85789cc394633b5a232f7654efda464cbd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbae4c486e32428af05e7932e5a992561070210240dbcc5c755c2ca43f240f41
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
dd53f4ff2463c2d234d6940f604ed558129fd8c40744c6d6b9619dac2eb81a9c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
ef713dea3bd5f73a8366ea053bd73e8780b1e64fbda8778a8056a14386225209
f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
fcc007c13bbe8464c128528c6d9b1c68751c7356e4deb909a373befbcc1b5bed

www.msn.com Open in urlscan Pro 131.253.33.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

90 Requests

83 %HTTPS

23 %IPv6

33 Domains

53 Subdomains

43 IPs

7 Countries

1664 kBTransfer

4427 kBSize

47 Cookies

15 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

83 %
HTTPS

23 %
IPv6

33
Domains

53
Subdomains

43
IPs

7
Countries

1664 kB
Transfer

4427 kB
Size

47
Cookies

90 HTTP transactions
1 data transactions