www.msn.com Open in urlscan Pro
204.79.197.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid...
Effective URL:
https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid...
Submission: On November 07 via api (November 7th 2022, 9:55:43 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 82 HTTP transactions. The main IP is 204.79.197.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1178.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 8th 2022. Valid for: a year.

This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	52.178.17.2 52.178.17.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
1	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8	15133 (EDGECAST) (EDGECAST)
3	23.36.163.97 23.36.163.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	3.66.124.245 3.66.124.245	16509 (AMAZON-02) (AMAZON-02)
1	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.229.221.28 192.229.221.28	15133 (EDGECAST) (EDGECAST)
1 1	2620:119:50e7... 2620:119:50e7:101::9002:e19	14413 (LINKEDIN) (LINKEDIN)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	40.126.31.67 40.126.31.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.189.100 13.224.189.100	16509 (AMAZON-02) (AMAZON-02)
1 3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 5	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	52.28.129.28 52.28.129.28	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
3 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:d29... 2a05:d018:d29:3602:1e36:6736:c41a:e1de	16509 (AMAZON-02) (AMAZON-02)
1	95.101.200.23 95.101.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.12.213 34.149.12.213	() ()
82	34

9 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

www.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static-entertainment-neu-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

jill.fc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
25.ras.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static-global-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.178.17.2 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

web-prem.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)

o.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.163.97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-97.deploy.static.akamaitechnologies.com

assets.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.124.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-245.eu-central-1.compute.amazonaws.com

prod-m-node-3112.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.28 (United States)

ASN15133 (EDGECAST, US)

cdn.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e7:101::9002:e19 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

www.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.67 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.archive-digger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-100.fra2.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.129.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-129-28.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

m.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.102.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1e36:6736:c41a:e1de (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (None, )

ASN- ()

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	akamaized.net static-entertainment-neu-s-msn-com.akamaized.net — Cisco Umbrella Rank: 110365 static-global-s-msn-com.akamaized.net — Cisco Umbrella Rank: 27244 img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 597	718 KB
20	msn.com 1 redirects www.msn.com — Cisco Umbrella Rank: 1178 c.msn.com — Cisco Umbrella Rank: 1122 browser.events.data.msn.com — Cisco Umbrella Rank: 1710 assets.msn.com — Cisco Umbrella Rank: 262 srtb.msn.com — Cisco Umbrella Rank: 1387	49 KB
10	yahoo.com jill.fc.yahoo.com — Cisco Umbrella Rank: 3789 web-prem.ssp.yahoo.com — Cisco Umbrella Rank: 7956 25.ras.yahoo.com — Cisco Umbrella Rank: 9792 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 1590 prod-m-node-3112.ssp.yahoo.com — Cisco Umbrella Rank: 50302 tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 4636 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1577 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 715	12 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 313 acdn.adnxs.com — Cisco Umbrella Rank: 880 m.adnxs.com — Cisco Umbrella Rank: 2173	25 KB
7	bing.com 4 redirects c.bing.com — Cisco Umbrella Rank: 445 www.bing.com — Cisco Umbrella Rank: 84	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 815 www.linkedin.com — Cisco Umbrella Rank: 745 px4.ads.linkedin.com — Cisco Umbrella Rank: 7246	3 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	3 KB
3	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 571 ib.3lift.com — Cisco Umbrella Rank: 1984	877 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 api.taboola.com — Cisco Umbrella Rank: 4398	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	87 KB
2	aolcdn.com o.aolcdn.com — Cisco Umbrella Rank: 9161	3 KB
2	yahoosandbox.com jac.yahoosandbox.com — Cisco Umbrella Rank: 6545	79 KB
1	doubleverify.com tps.doubleverify.com	157 B
1	archive-digger.com images.archive-digger.com — Cisco Umbrella Rank: 5972	13 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1967	450 B
1	media.net hbx.media.net — Cisco Umbrella Rank: 1890	316 B
1	adsymptotic.com p.adsymptotic.com — Cisco Umbrella Rank: 926	186 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1240	235 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 756	35 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1343	3 KB
1	live.com 1 redirects login.live.com — Cisco Umbrella Rank: 64	1 KB
1	bizographics.com 1 redirects www.bizographics.com — Cisco Umbrella Rank: 33348	606 B
1	advertising.com cdn.adaptv.advertising.com — Cisco Umbrella Rank: 80007	2 KB
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 1524	17 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 207	191 B
82	25

	Domain	Requested by
13	img-s-msn-com.akamaized.net	www.msn.com static-entertainment-neu-s-msn-com.akamaized.net
7	static-entertainment-neu-s-msn-com.akamaized.net	www.msn.com static-entertainment-neu-s-msn-com.akamaized.net
6	srtb.msn.com	static-global-s-msn-com.akamaized.net
6	browser.events.data.msn.com	static-entertainment-neu-s-msn-com.akamaized.net
6	c.bing.com	4 redirects cdn.adaptv.advertising.com
5	ib.adnxs.com	2 redirects acdn.adnxs.com
3	m.adnxs.com	3 redirects
3	www.facebook.com	1 redirects connect.facebook.net
3	assets.msn.com	web-prem.ssp.yahoo.com assets.msn.com
3	www.msn.com	static-entertainment-neu-s-msn-com.akamaized.net
2	connect.facebook.net	www.msn.com connect.facebook.net
2	eb2.3lift.com	ib.3lift.com
2	px.ads.linkedin.com	2 redirects
2	service.idsync.analytics.yahoo.com	web-prem.ssp.yahoo.com tag.idsync.analytics.yahoo.com
2	o.aolcdn.com	www.msn.com
2	c.msn.com	1 redirects www.msn.com
2	jac.yahoosandbox.com	jill.fc.yahoo.com jac.yahoosandbox.com
2	jill.fc.yahoo.com	www.msn.com jac.yahoosandbox.com
1	tps.doubleverify.com
1	images.archive-digger.com
1	cm.mgid.com
1	hbx.media.net
1	pr-bh.ybp.yahoo.com
1	p.adsymptotic.com
1	visitor.omnitagjs.com
1	match.sharethrough.com
1	acdn.adnxs.com	static-entertainment-neu-s-msn-com.akamaized.net
1	api.taboola.com	cdn.taboola.com
1	ib.3lift.com	static-entertainment-neu-s-msn-com.akamaized.net
1	widgets.outbrain.com	static-entertainment-neu-s-msn-com.akamaized.net
1	cdn.taboola.com	static-entertainment-neu-s-msn-com.akamaized.net
1	www.bing.com	static-global-s-msn-com.akamaized.net
1	login.live.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	www.bizographics.com	1 redirects
1	cdn.adaptv.advertising.com	www.msn.com
1	cms.analytics.yahoo.com
1	tag.idsync.analytics.yahoo.com	jac.yahoosandbox.com
1	cdn.js7k.com	web-prem.ssp.yahoo.com
1	prod-m-node-3112.ssp.yahoo.com	web-prem.ssp.yahoo.com
1	25.ras.yahoo.com	www.msn.com
1	web-prem.ssp.yahoo.com	www.msn.com
1	sb.scorecardresearch.com	www.msn.com
1	static-global-s-msn-com.akamaized.net	www.msn.com
82	45

This site contains links to these domains. Also see Links.

Domain
login.live.com
support.microsoft.com
go.microsoft.com
www.linkedin.com
a.msn.com
twitter.com
web.whatsapp.com
www.microsoft.com
apps.apple.com
play.google.com
blogs.msn.com

Subject Issuer	Validity	Valid
*.msn.com Microsoft RSA TLS CA 01	`2022-09-08` - `2023-09-08`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
secure.ace.advertising.com DigiCert SHA2 High Assurance Server CA	`2022-08-01` - `2023-01-18`	6 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-26` - `2022-12-14`	2 months	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-09-08` - `2023-09-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
o.aolcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
assets.msn.com Microsoft Azure TLS Issuing CA 01	`2022-08-11` - `2023-08-06`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-21` - `2022-12-21`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.idsync.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-10` - `2023-06-10`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
cdn.adap.tv DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2021-12-07` - `2022-12-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.archive-digger.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-28` - `2022-12-31`	9 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Frame ID: F4985689A97C55511A5247A58DC5AF1D
Requests: 55 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 6F8D1F39E7DA1C9B3B8A5904042E403A
Requests: 17 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 8AD0F197151B993583560E8F7834C6BB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adaptv.advertising.com/msft/msftsync.html
Frame ID: 1AB6B8B7CE0592F0AAA5C6B820BA7FBA
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Frame ID: FE61814B6185EBF30C90597BB54A9CD7
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4796C9D15B57E8852AD9DA04FD8BBFB9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df68afdc4841e64%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff5dacf3b20dcfc%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450
Frame ID: 160738063A87D466B355634E00BEC69C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5C4EEAEE2F03E282EB581E827955D3E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

I Bonds: How to Buy the Best Low-Risk Investment Right Now

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

93 %
HTTPS

32 %
IPv6

25
Domains

45
Subdomains

34
IPs

6
Countries

1007 kB
Transfer

2017 kB
Size

33
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1667858137&rver=7.0.6730.0&wp=LBI&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fSecure%2fPassport%3fru%3dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252ftechnology%252fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252far-AA11hIW4%253fcvid%253ddd65628d39e541f5aee338174f251cff%2526fullscreen%253dtrue%2526pfr%253d1&lc=1033&id=1184&mkt=en-us&pcexp=True
Title: Sign in

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/product/msn/msn
Title: Help

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=286759
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=http%3a%2f%2fa.msn.com%2f01%2fen-us%2fAA11hIW4%3focid%3dsl&title=I+Bonds%3a+How+to+Buy+the+Best+Low-Risk+Investment+Right+Now&source=http%3a%2f%2fa.msn.com%2f01%2fen-us%2fAA11hIW4%3focid%3dsl
Title: SHARE

Search URL Search Domain Scan URL

URL: http://a.msn.com/01/en-us/AA11hIW4?ocid=sf
Title: SHARE

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http%3a%2f%2fa.msn.com%2f01%2fen-us%2fAA11hIW4%3focid%3dst&text=I+Bonds%3a+How+to+Buy+the+Best+Low-Risk+Investment+Right+Now&original_referer=http%3a%2f%2fa.msn.com%2f01%2fen-us%2fAA11hIW4%3focid%3dst
Title: TWEET

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=http%3a%2f%2fa.msn.com%2f01%2fen-us%2fAA11hIW4%3focid%3dsw
Title: SHARE

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/
Title: © 2022 Microsoft

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/microsoft-news/id945416273?pt=80423&ct=prime_footer&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.microsoft.amp.apps.bingnews&hl=en-us&referrer=utm_source=prime_footer&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=246338
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=512703
Title: Help

Search URL Search Domain Scan URL

URL: https://blogs.msn.com/
Title: MSN Blog

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/kb/2999557/
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252Far-AA11hIW4%253Fcvid%253Ddd65628d39e541f5aee338174f251cff%2526fullscreen%253Dtrue&di=17930&lng=en-us&activityId=b2b80e7499cc4f87ba96b13e63f207fd&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newsscienceandtechnology&st.sdpt=&subcvs=news&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0 HTTP 302
https://c.bing.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252Far-AA11hIW4%253Fcvid%253Ddd65628d39e541f5aee338174f251cff%2526fullscreen%253Dtrue&di=17930&lng=en-us&activityId=b2b80e7499cc4f87ba96b13e63f207fd&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newsscienceandtechnology&st.sdpt=&subcvs=news&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=005C5028F9794CF48303D8D672C7E15A&RedC=c.msn.com&MXFR=1CE0BF3AA74964D4368EAD6FA69B6524 HTTP 302
https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252Far-AA11hIW4%253Fcvid%253Ddd65628d39e541f5aee338174f251cff%2526fullscreen%253Dtrue&di=17930&lng=en-us&activityId=b2b80e7499cc4f87ba96b13e63f207fd&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newsscienceandtechnology&st.sdpt=&subcvs=news&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=005C5028F9794CF48303D8D672C7E15A&MUID=1CE0BF3AA74964D4368EAD6FA69B6524

Request Chain 44

https://www.bizographics.com/collect/?fmt=gif&pid=7850 HTTP 301
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQICVTX4JJ6tKgAAAYRUF4wRS57bDcGMLj7yECSP-YbA8dKWg__LMOi1Lf23AlMmp1qd2nrz

Request Chain 45

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1667858137&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033

Request Chain 62

https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=223505105588011&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df68afdc4841e64%26domain%3Dwww.msn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff5dacf3b20dcfc%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df68afdc4841e64%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff5dacf3b20dcfc%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450

Request Chain 63

https://ib.adnxs.com/async_usersync_file HTTP 302
https://acdn.adnxs.com/dmp/async_usersync.html

Request Chain 68

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 70

https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=b2b80e74-99cc-4f87-ba96-b13e63f207fd&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true HTTP 302
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D1CE0BF3AA74964D4368EAD6FA69B6524%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D280%2526user%253D1CE0BF3AA74964D4368EAD6FA69B6524%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D1CE0BF3AA74964D4368EAD6FA69B6524 HTTP 302
https://m.adnxs.com/mapuid?member=226&user=1CE0BF3AA74964D4368EAD6FA69B6524&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D1CE0BF3AA74964D4368EAD6FA69B6524%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D1CE0BF3AA74964D4368EAD6FA69B6524 HTTP 302
https://m.adnxs.com/mapuid?member=280&user=1CE0BF3AA74964D4368EAD6FA69B6524&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D1CE0BF3AA74964D4368EAD6FA69B6524 HTTP 302
https://ib.adnxs.com/setuid?entity=483&code=1CE0BF3AA74964D4368EAD6FA69B6524

Request Chain 71

https://c.bing.com/c.gif?Red3=MSDB_pd&rid=b2b80e74-99cc-4f87-ba96-b13e63f207fd&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=1CE0BF3AA74964D4368EAD6FA69B6524&_rand=570090

Request Chain 72

https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msn/1CE0BF3AA74964D4368EAD6FA69B6524

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ar-AA11hIW4 Show response
www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ 128 KB
39 KB 171ms
151ms Document
text/html 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

/ ASP.NET

Resource Hash

e529be808bf040c9559acc389c7f7f7d3576b739813b23d6f3a729e2ac719554

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-transform, no-cache
content-encoding: gzip
content-length: 38741
content-security-policy: default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 21:55:37 GMT
expires: -1
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma: no-cache
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security: max-age=1209600; includeSubDomains; preload
vary: User-Agent
x-activity-id: b2b80e74-99cc-4f87-ba96-b13e63f207fd
x-appversion: 20220818_30431435
x-aspnetmvc-version: 5.2
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 8, sn: neurope-prod-entertainment, dt: 2022-10-31T16:14:05.3985161Z, bt: 2022-08-18T00:20:52.4879513Z}
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-fabric-cluster: pmeprodneu
x-frame-options: SAMEORIGIN
x-msedge-ref: Ref A: B2B80E7499CC4F87BA96B13E63F207FD Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:37Z
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge;chrome=1
x-xss-protection: 1

GET
H/1.1 200
OK f77b07.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/ 24 KB
24 KB 200ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 07 Nov 2022 21:55:38 GMT
Last-Modified: Wed, 16 Mar 2022 18:46:44 GMT
Server: Microsoft-IIS/10.0
ETag: "082ad2e6639d81:0"
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=11262692
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 24428
X-XSS-Protection: 1

GET
H/1.1 200
OK ed-6bbb92-8d48d18c
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364... 141 KB
22 KB 201ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364eb/7f-145015-491caa4c/7d-3d0302-273ab94b/cd-b91829-c5224254/24-ca6c94-6b7ba/69-158bff-5dd96923/51-e120b3-ac5c2fc8/7a-e2312d-feaf21fa/ed-6bbb92-8d48d18c?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f879251e9cd7ef2abee03ac56ab0d54dc88f6ef7bb18d50337d8237c754e1824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 21:55:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2: 2022-08-27T16:02:49
X-Powered-By: ASP.NET
X-Activity-Id: 00000000-c7ff-43ea-9b84-fbe30309d2ac
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 21811
X-XSS-Protection: 1
X-AspNetMvc-Version: 5.2
Last-Modified: Sat, 27 Aug 2022 16:02:49 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 29, sn: neurope-prod-entertainment, dt: 2022-07-27T09:50:57.3828051Z, bt: 2022-08-18T00:20:52.4879513Z}
X-FRAME-OPTIONS: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
X-S1: 2022-08-27T16:02:49
Cache-Control: public, no-transform, max-age=29588999
Vary: Accept-Encoding
Timing-Allow-Origin: *
X-AppVersion: 20220818_30431435
Expires: Mon, 16 Oct 2023 09:05:37 GMT

GET
H2 200 js Show response
jill.fc.yahoo.com/v1/client/msft/ 359 B
651 B 81ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v1/client/msft/js

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
age: 42
content-length: 265
x-xss-protection: 1; mode=block
x-request-id: 2783f99785ed4f001a08123fa7d6685e8e1963
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=900
x-robots-tag: noindex, noarchive, nosnippet, nofollow

GET
H2 200 jquery-2.1.1.min.js Show response
static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/ 82 KB
30 KB 50ms
11ms Script
application/javascript 2a02:26f0:3500:16::215:14a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 07 Nov 2022 21:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by: ASP.NET
x-activity-id: 00000000-cbe9-45a5-9952-4b81a6bb6ce6
content-length: 29575
x-xss-protection: 1
x-aspnetmvc-version: 5.2
last-modified: Wed, 26 Jan 2022 09:21:38 GMT
server: Microsoft-IIS/10.0
x-az: {did:2be360ae5c6345da911d978376c0449f, rid: 38, sn: neurope-prod-hp, dt: 2022-01-26T07:12:35.8146348Z, bt: 2022-01-25T01:18:15.9618395Z}
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,OPTIONS
x-frame-options: SAMEORIGIN
cache-control: public, max-age=6866758
x-appversion: 20220125_26749149
expires: Thu, 26 Jan 2023 09:21:36 GMT

GET
H/1.1 200
OK c7-47822a-f41d9e92 Show response
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e77... 336 KB
115 KB 10ms
9ms Script
text/javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3e5639a0f3c8ceb8bd7f41d5a8ae80dcfb79d9235b352b490c6e69a8ef168fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 21:55:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2: 2022-08-20T02:15:31
X-Powered-By: ASP.NET
X-Activity-Id: 00000000-6acf-4b55-abb1-caebe88f3c6b
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 116944
X-XSS-Protection: 1
X-AspNetMvc-Version: 5.2
Last-Modified: Sat, 20 Aug 2022 02:15:31 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 43, sn: neurope-prod-entertainment, dt: 2022-07-27T10:04:42.1605292Z, bt: 2022-08-18T00:20:52.4879513Z}
X-FRAME-OPTIONS: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
X-S1: 2022-08-20T02:15:31
Cache-Control: public, no-transform, max-age=30617530
Vary: Accept-Encoding
Timing-Allow-Origin: *
X-AppVersion: 20220818_30431435
Expires: Sat, 28 Oct 2023 06:47:48 GMT

GET
H/1.1 200
OK e151e5.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/ 43 B
533 B 9ms
8ms Image
image/gif 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/e151e5.gif

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 07 Nov 2022 21:55:38 GMT
Last-Modified: Mon, 24 Jan 2022 19:26:30 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7c6495811d81:0"
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=6884097
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 43
X-XSS-Protection: 1

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 59e092.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/65/ 21 KB
21 KB 21ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/65/59e092.woff2

Requested by

Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364eb/7f-145015-491caa4c/7d-3d0302-273ab94b/cd-b91829-c5224254/24-ca6c94-6b7ba/69-158bff-5dd96923/51-e120b3-ac5c2fc8/7a-e2312d-feaf21fa/ed-6bbb92-8d48d18c?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364eb/7f-145015-491caa4c/7d-3d0302-273ab94b/cd-b91829-c5224254/24-ca6c94-6b7ba/69-158bff-5dd96923/51-e120b3-ac5c2fc8/7a-e2312d-feaf21fa/ed-6bbb92-8d48d18c?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 21:55:38 GMT
Last-Modified: Thu, 21 Apr 2022 20:27:08 GMT
Server: Microsoft-IIS/10.0
ETag: "0f6212cbe55d81:0"
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=14839162
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 21096
X-XSS-Protection: 1

GET
H/1.1 200
OK c19270.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/ 22 KB
23 KB 24ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/c19270.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364eb/7f-145015-491caa4c/7d-3d0302-273ab94b/cd-b91829-c5224254/24-ca6c94-6b7ba/69-158bff-5dd96923/51-e120b3-ac5c2fc8/7a-e2312d-feaf21fa/ed-6bbb92-8d48d18c?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 07 Nov 2022 21:55:38 GMT
Last-Modified: Tue, 15 Feb 2022 01:19:14 GMT
Server: Microsoft-IIS/10.0
ETag: "0d52dba22d81:0"
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=8728037
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 22604
X-XSS-Protection: 1

GET
H/1.1 200
OK 566d09.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/57/ 25 KB
26 KB 22ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static-entertainment-neu-s-msn-com.akamaized.net/sc/57/566d09.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-76e96dce/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/b0-c94bf6-64efdea6/ae-63f93e-2fb21599/af-d59430-372364eb/7f-145015-491caa4c/7d-3d0302-273ab94b/cd-b91829-c5224254/24-ca6c94-6b7ba/69-158bff-5dd96923/51-e120b3-ac5c2fc8/7a-e2312d-feaf21fa/ed-6bbb92-8d48d18c?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 07 Nov 2022 21:55:38 GMT
Last-Modified: Wed, 23 Mar 2022 16:54:08 GMT
Server: Microsoft-IIS/10.0
ETag: "0f8ad9cd63ed81:0"
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=12531370
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 25760
X-XSS-Protection: 1

GET
H2 200 AA13Qfgr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 44 KB
44 KB 50ms
14ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Qfgr.img?h=373&w=624&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba5e9ea4fe972e1511989124b40f17a5d5166d1de9743977eca847906b290706

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 99519
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431945
x-activityid: f805a12c-ce12-4abd-804c-0f1e4e097b14
content-location: https://img.s-msn.com/tenant/amp/entityid/AA13Qfgr?h=373&w=624&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 44646
expires: Sat, 12 Nov 2022 21:54:43 GMT

GET
H2 200 AA13Qfgr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 52ms
16ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Qfgr.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf3227032ad7be6e93b7ca2630d02481adc6eee0b6f4209e81aa2d2e93df2a57

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:01 GMT
x-resizerversion: 1.0
x-source-length: 99519
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431875
x-activityid: c05987b9-2de6-40b5-bd0c-7f2a7323efe1
content-location: https://img.s-msn.com/tenant/amp/entityid/AA13Qfgr?h=55&w=75&m=6&q=60&u=t&o=t&l=f
timing-allow-origin: *
content-length: 1808
expires: Sat, 12 Nov 2022 21:53:33 GMT

GET
H2 200 AA12drgm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 52ms
17ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12drgm.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d6cb1e52043af52e1fcfb5a4144d906ab002079685a5254067adad4705dc220

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 17292
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431847
x-activityid: f2edbd62-f86f-40a7-903d-68214735dfdf
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12drgm?h=55&w=75&m=6&q=60&u=t&o=t&l=f
timing-allow-origin: *
content-length: 1384
expires: Sat, 12 Nov 2022 21:53:05 GMT

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 52ms
17ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce584eb49735b3639eb58e5948225d6d9d971675026bf3087ea9b06869cc6860

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastap
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431858
x-activityid: f123744e-580d-4675-b0e5-1d48c9468314
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=55&w=75&m=6&q=60&u=t&o=t&l=f
timing-allow-origin: *
content-length: 1291
expires: Sat, 12 Nov 2022 21:53:16 GMT

GET
H2 200 AA12dzoJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 52ms
17ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dzoJ.img?h=55&w=75&m=6&q=60&u=t&o=t&l=f&x=192&y=348

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dc370ebe7676f8d87b119df32c22f62c9446951c3a99f48913f5dd2286b1d691

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 111591
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431860
x-activityid: 7fc986f3-72ab-4bf1-bbae-212b943d5706
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dzoJ?h=55&w=75&m=6&q=60&u=t&o=t&l=f&x=192&y=348
timing-allow-origin: *
content-length: 1682
expires: Sat, 12 Nov 2022 21:53:18 GMT

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.14.0/ 153 KB
40 KB 69ms
20ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.14.0/jac.js

Requested by

Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 06:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: AAEB7ZRXMGDARS0P
age: 56386
x-amz-server-side-encryption: AES256
content-length: 40241
x-amz-id-2: hNeklVAiiI0N/Nlq7Se+KmnngLLi3q2ZcZRaTohJ3eFsxuxFF5dHfVEUbxCGdmDkeyiL+y85fjc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 09:58:30 GMT
server: ATS
etag: "aa505988e9b89104864232dd5ae7e916-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2

200

c.gif
c.msn.com/
Redirect Chain

https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best...
https://c.bing.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-bes...
https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best...

42 B
255 B

27ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252Far-AA11hIW4%253Fcvid%253Ddd65628d39e541f5aee338174f251cff%2526fullscreen%253Dtrue&di=17930&lng=en-us&activityId=b2b80e7499cc4f87ba96b13e63f207fd&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newsscienceandtechnology&st.sdpt=&subcvs=news&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=005C5028F9794CF48303D8D672C7E15A&MUID=1CE0BF3AA74964D4368EAD6FA69B6524
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79C98DD4906C47168B38031F15859A03 Ref B: FRAEDGE1706 Ref C: 2022-11-07T21:55:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.msn.com/c.gif?udc=true&rid=b2b80e7499cc4f87ba96b13e63f207fd&rnd=638034549378272991&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%252Far-AA11hIW4%253Fcvid%253Ddd65628d39e541f5aee338174f251cff%2526fullscreen%253Dtrue&di=17930&lng=en-us&activityId=b2b80e7499cc4f87ba96b13e63f207fd&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newsscienceandtechnology&st.sdpt=&subcvs=news&pg.n=gallery_inlineclassicfs&pg.t=gallery&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=005C5028F9794CF48303D8D672C7E15A&MUID=1CE0BF3AA74964D4368EAD6FA69B6524
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 81ms
18ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858138281&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 36ms
12ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1667858138277&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%2Far-AA11hIW4%3Fcvid%3Ddd65628d39e541f5aee338174f251cff%26fullscreen%3Dtrue%23image%3D3&c8=I+Bonds%3A+How+to+Buy+the+Best+Low-Risk+Investment+Right+Now&c9=
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hvnDmXKAsRYvN91fXfmj0KWdTS5sGl-JyCpV-5OjL5T0TV5cjYHC-Q==
x-cache: Miss from cloudfront

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 72ms
16ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858138315&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 71ms
16ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858138330&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 AA13Qfgr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 97 KB
97 KB 12ms
11ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Qfgr.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8df298f72e201afd8d5f1044a62e43aecb8e83d781064c3377bad491b61273cc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 99519
x-datacenter: eastap
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431910
x-activityid: e96c4038-8c33-45dd-bc1a-809b0588c000
content-location: https://img.s-msn.com/tenant/amp/entityid/AA13Qfgr?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 99082
expires: Sat, 12 Nov 2022 21:54:08 GMT

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 35 KB
35 KB 19ms
18ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431838
x-activityid: 0b267f8f-4e30-4b90-bde5-5e4f63f60ee4
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 35878
expires: Sat, 12 Nov 2022 21:52:56 GMT

GET
H2 200 AA12dzoJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 110 KB
110 KB 19ms
19ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dzoJ.img?h=1080&w=1920&m=6&q=60&o=f&l=f&x=192&y=348

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed4480643494d1c09bba080bb7cd1c5ce66d530c96618afe086af577ff0ba7b3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 111591
x-datacenter: westus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431895
x-activityid: 4c417223-1066-45b1-917d-20234ca63eb2
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dzoJ?h=1080&w=1920&m=6&q=60&o=f&l=f&x=192&y=348
timing-allow-origin: *
content-length: 112342
expires: Sat, 12 Nov 2022 21:53:53 GMT

GET
H2 200 AA12drgm.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 20 KB
20 KB 20ms
19ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12drgm.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61565cdeb7961ad169146db291e9862280371911abff94523657fdbcca958d37

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-datacenter: westus
x-source-length: 17292
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431845
x-activityid: 953e324b-a4a0-4eb5-8e07-e48dcfddc614
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12drgm?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 20076
expires: Sat, 12 Nov 2022 21:53:03 GMT

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 35 KB
35 KB 143ms
143ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=1536&w=2560&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Mon, 07 Nov 2022 21:55:38 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431976
x-activityid: 5df9a4e6-bb91-461f-afea-1c444de5958e
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=1536&w=2560&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 35878
expires: Sat, 12 Nov 2022 21:55:14 GMT

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 7 KB
3 KB 128ms
127ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%227HD66FC%22%2C%22msft_rid%22%3A%22b2b80e7499cc4f87ba96b13e63f207fd%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%221CE0BF3AA74964D4368EAD6FA69B6524%22%2C%22msft_pagetype%22%3A%22fs_gallery%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22rectangle1_arti_0%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221667858138284%7C113169235020450640%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22NEWUSEN18%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22f80a13efe%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%2Far-AA11hIW4%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

af273c5110580a38f1448b2b103fd27c0585ae545c109b1be008f9eebf2c541b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
age: 0
x-xss-protection: 1; mode=block
x-request-id: 27b63514a67bd3699e26b0de6f0afb2d3f2781
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nosnippet, nofollow
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Content-Language,Content-Type,Cookie,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.14.0/ Frame 6F8D 153 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.14.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 06:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: AAEB7ZRXMGDARS0P
age: 56386
x-amz-server-side-encryption: AES256
content-length: 40241
x-amz-id-2: hNeklVAiiI0N/Nlq7Se+KmnngLLi3q2ZcZRaTohJ3eFsxuxFF5dHfVEUbxCGdmDkeyiL+y85fjc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 09:58:30 GMT
server: ATS
etag: "aa505988e9b89104864232dd5ae7e916-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes

GET
H2 200 adServe.do Show response
web-prem.ssp.yahoo.com/admax/ Frame 6F8D 3 KB
3 KB 242ms
179ms Script
application/x-javascript 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web-prem.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN18&tp=msft_muid%3D1CE0BF3AA74964D4368EAD6FA69B6524!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Db2b80e7499cc4f87ba96b13e63f207fd!msft_year%3D!msft_asid%3D1667858138284|113169235020450640!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4&gdpr=0&euconsent=&of=js

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

f16a3f85ddad83956772c7303d75781c01d7da00efe673f57870567817716b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:38 GMT
x-content-type-options: nosniff
server: ATS/9.1.10.25
age: 0
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 3153
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adchoicesi.png
o.aolcdn.com/ads/ Frame 6F8D 565 B
732 B 51ms
9ms Image
image/png 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoicesi.png
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA9) /
Resource Hash: b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 73664
x-amz-request-id: 12RZJV139J56FFCH
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 565
x-amz-id-2: mA9oER0yx5J1TmoEIAiyrZ+ukpAk/L07jTljxkpAvPjdQkuuhbgvc14vHZFctRodfRAgN+JZLfg=
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (frc/4CA9)
etag: "349bad1100a940608cb9109eb2b166a2"
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adchoices.png
o.aolcdn.com/ads/ Frame 6F8D 1 KB
2 KB 49ms
7ms Image
image/png 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.aolcdn.com/ads/adchoices.png
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB7) /
Resource Hash: 98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
x-amz-version-id: null
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 73663
x-amz-request-id: 6K87SCSW52QY1TQP
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1308
x-amz-id-2: fJE88YeOqDPpdRT1Z6DN7pVNSVzQXsdB+aaODPk2NHPxDsq5Q/4kqB1YoJFjJJf9z71VGqBYfr4=
x-amz-expiration: expiry-date="Sun, 28 Oct 5881629 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Apr 2019 19:06:05 GMT
server: ECAcc (frc/4CB7)
etag: "eec84c9335d53d358f4b61c925c376e9"
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: image/png
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adcount%7C2.0%7C5113.1%7C3779692%7C0%7C170%7CAdId=11043949;BnId=6;ct=2078289645;st=9778;adcid=1;itime=858138061;reqtype=5;guid=ej3e5a9hmivmq&b=3&s=ql;;impref=16678581382432252236;imprefseq=14101378...
25.ras.yahoo.com/ Frame 6F8D 1 B
297 B 126ms
117ms Image
application/x-javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://25.ras.yahoo.com/adcount%7C2.0%7C5113.1%7C3779692%7C0%7C170%7CAdId=11043949;BnId=6;ct=2078289645;st=9778;adcid=1;itime=858138061;reqtype=5;guid=ej3e5a9hmivmq&b=3&s=ql;;impref=16678581382432252236;imprefseq=14101378712478953;imprefts=1667858138;adclntid=1002;pvid=f80a13efe;kvgrp=f80a13efe;kvmsft_asid=1667858138284%7C113169235020450640;kvpg=www.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%2Far-aa11hiw4;kvmn=newusen18;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=7hd66fc;kvsecure=true;kvmsft_pagetype=fs_gallery;kvmsft_rid=b2b80e7499cc4f87ba96b13e63f207fd;kvmsft_muid=1CE0BF3AA74964D4368EAD6FA69B6524;kvmsft_ext_inv_cd=us;gdpr=0;

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:38 GMT
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: application/x-javascript
cache-control: no-store, no-cache
content-length: 1
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 loader.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 6F8D 2 KB
2 KB 84ms
7ms Script
application/javascript 23.36.163.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by: Host: web-prem.ssp.yahoo.com
URL: https://web-prem.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN18&tp=msft_muid%3D1CE0BF3AA74964D4368EAD6FA69B6524!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Db2b80e7499cc4f87ba96b13e63f207fd!msft_year%3D!msft_asid%3D1667858138284|113169235020450640!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-97.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 21:55:38 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: aBLVLynt4VtpFbIXfhXgTw==
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length: 980
x-ms-lease-status: unlocked
last-modified: Wed, 02 Nov 2022 09:21:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DABCB3A5D640AE
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 98063640-201e-006a-7ad3-eef98a000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.69
x-ms-version: 2009-09-19
akamai-request-bc: [a=23.36.161.69,b=176387791,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id: a8376cf
timing-allow-origin: *

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 6F8D 19 B
141 B 84ms
9ms Script
application/javascript 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58294,55953,58292,58160,55829,55859,55986,55965,55939,56554,57926&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web-prem.ssp.yahoo.com
URL: https://web-prem.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN18&tp=msft_muid%3D1CE0BF3AA74964D4368EAD6FA69B6524!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Db2b80e7499cc4f87ba96b13e63f207fd!msft_year%3D!msft_asid%3D1667858138284|113169235020450640!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4&gdpr=0&euconsent=&of=js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.25
age: 0
content-type: application/javascript

GET
H2 200 adEvent.do
prod-m-node-3112.ssp.yahoo.com/admax/ Frame 6F8D 43 B
171 B 376ms
7ms Image
image/gif 3.66.124.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3112.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=986583&grp=%3F%3F%3F&nl=1667858138788&rts=1667858138620&pix=1&et=1&a=737366b00bfb495c885cad82cab0e83d&m=aXAtMTAtMjItMTEzLTE2Mw..&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OztjNDFjNTliYjc3ZGU0MGMzOTBkZTg5NzAyNTQ4NTBlZjszMTU1OTk1NDsxNjY3ODU2NjQ4OzswOzswOztwYXNzYmFjay05NDUzOzsxOzE.&uid=y-992tnK1E2rMG8ldKxy8CKGYHBgSVSGXf4wrkLcCw6xzE%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&bkts=MzgjMTcx&af=7&dety=5
Requested by: Host: web-prem.ssp.yahoo.com
URL: https://web-prem.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN18&tp=msft_muid%3D1CE0BF3AA74964D4368EAD6FA69B6524!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dfs_gallery!msft_rid%3Db2b80e7499cc4f87ba96b13e63f207fd!msft_year%3D!msft_asid%3D1667858138284|113169235020450640!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.124.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-124-245.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
last-modified: Mon, 07 Nov 2022 11:05:32 GMT
server: nginx
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame 6F8D 69 KB
17 KB 97ms
20ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: K5X47MFKAPN2A371
age: 1662
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: G9fUX0RCIGKFw3tQnWijqKt0hqZoHEhCw5hDoLj01AYNLh0Vrxpi9mWze1MfQFERoifnvnw6DuQWqwVlcLUDKQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 v0.2.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 6F8D 3 KB
2 KB 26ms
7ms Script
application/javascript 23.36.163.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=19303913
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-97.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 647befbfc094fe8a447d3c2ec84a86f0f391bab0fae38accc6befe152f7c7334

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 21:55:38 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Tsuh0kCqJ5TGvV86rOPWvw==
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length: 1618
x-ms-lease-status: unlocked
last-modified: Fri, 04 Nov 2022 00:34:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DABDFC466AFBD2
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 882ea30a-d01e-0036-46f1-ef7683000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.69
x-ms-version: 2009-09-19
access-control-allow-credentials: true
akamai-request-bc: [a=23.36.161.69,b=176387947,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id: a83776b
timing-allow-origin: *

GET
H2 200 rectangle.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 6F8D 1 KB
1 KB 10ms
9ms Stylesheet
text/css 23.36.163.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/rectangle.css?v=19303913
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=19303913
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-97.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 77ab866268490d29f805187930e80a009f128c79b8ffab5af8a56f6f36476dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 21:55:38 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: vLLVRmUJb0IIYDqNDbg87A==
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length: 587
x-ms-lease-status: unlocked
last-modified: Wed, 02 Nov 2022 09:21:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DABCB3A63C25AD
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 26fcb6d0-301e-0023-58e1-eedc0a000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.69
x-ms-version: 2009-09-19
akamai-request-bc: [a=23.36.161.69,b=176388024,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id: a8377b8
timing-allow-origin: *

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 71ms
21ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858139092&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame 8AD0 8 KB
3 KB 78ms
7ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 264
content-encoding: gzip
content-length: 3220
content-type: text/html
date: Mon, 07 Nov 2022 21:55:39 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (frb/669E)
vary: Accept-Encoding
x-amz-id-2: ggsWaOn0Efv+hv2Hyy8x471GsfDC5UER/oNNM41LL8qhFySCHV+0GNUzhrpVXRX7w3D+m++vvyY=
x-amz-request-id: RHCWGEKH7028S64S
x-amz-server-side-encryption: AES256
x-amzn-internal-status: 304
x-cache: HIT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 125ms
37ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=MSFT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 70ms
17ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858139185&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 irisbannerajax Show response
www.msn.com/en-us/news/ 0
273 B 70ms
70ms XHR
text/plain 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/news/irisbannerajax?position=top&canvas=views&cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Requested by

Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: html

Response headers

strict-transport-security: max-age=1209600; includeSubDomains; preload
content-security-policy: default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 21:55:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-activity-id: b367d14b-4778-4841-84e1-f1b26dffa5aa
x-xss-protection: 1
x-ua-compatible: IE=Edge;chrome=1
pragma: no-cache
x-aspnetmvc-version: 5.2
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 13, sn: neurope-prod-entertainment, dt: 2022-10-31T16:39:24.0042472Z, bt: 2022-08-18T00:20:52.4879513Z}
x-msedge-ref: Ref A: B367D14B4778484184E1F1B26DFFA5AA Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:39Z
vary: User-Agent
access-control-allow-methods: HEAD,GET,OPTIONS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
access-control-allow-origin: *
x-fabric-cluster: pmeprodneu
cache-control: no-store, no-transform, no-cache
x-frame-options: SAMEORIGIN
x-appversion: 20220818_30431435

GET
H2 200 msftsync.html Show response
cdn.adaptv.advertising.com/msft/ Frame 1AB6 1 KB
2 KB 51ms
4ms Document
text/html 192.229.221.28
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adaptv.advertising.com/msft/msftsync.html
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF8) /
Resource Hash: 6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 419016
content-length: 1126
content-type: text/html
date: Mon, 07 Nov 2022 21:55:39 GMT
etag: "3e0945d7410acb79f4bc1c066c83cbbc"
last-modified: Wed, 22 Jan 2020 16:26:35 GMT
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
server: ECAcc (frc/4CF8)
x-amz-id-2: QjHxNrAEKqN/BsgGUKmYzqAss7QpWzm+VRnosPXte05gjphl88qoQO0Un/48r4FRCjud0REUvWI=
x-amz-replication-status: COMPLETED
x-amz-request-id: 3PEREVA334DHXS9J
x-amz-server-side-encryption: AES256
x-amz-version-id: zqeLDDuJFBlGL7Xo4iS44TeBMv3TBu.Q
x-cache: HIT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://www.bizographics.com/collect/?fmt=gif&pid=7850
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQICVTX4JJ6tKgAAAYRUF4wRS57bDcGMLj7yECSP-YbA8dKWg__LMOi1Lf23AlMmp1qd2nrz

43 B
349 B

172ms
155ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQICVTX4JJ6tKgAAAYRUF4wRS57bDcGMLj7yECSP-YbA8dKWg__LMOi1Lf23AlMmp1qd2nrz
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6CAA682B66D849BDAA2E366626A7C1C4 Ref B: FRAEDGE2010 Ref C: 2022-11-07T21:55:40Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAXs6Hv9ornYq+LnUgvTEQ==

Redirect headers

date: Mon, 07 Nov 2022 21:55:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 03B785604E1F40F4B32C61A723C687F4 Ref B: FRAEDGE1717 Ref C: 2022-11-07T21:55:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQICVTX4JJ6tKgAAAYRUF4wRS57bDcGMLj7yECSP-YbA8dKWg__LMOi1Lf23AlMmp1qd2nrz
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXs6Hv7AYi1hcgWuzTMtg==

GET
H2

200

silentpassport Show response
www.msn.com/en-us/news/secure/ Frame FE61
Redirect Chain

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1667858137&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1...
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033

239 B
484 B

55ms
55ms

Document
text/html

204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

/ ASP.NET

Resource Hash

0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
cache-control: no-transform, private
content-encoding: gzip
content-length: 185
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 21:55:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
vary: User-Agent
x-activity-id: 629d362d-0ec7-4503-9b7e-a25d5ca14da7
x-appversion: 20220818_30431435
x-aspnetmvc-version: 5.2
x-az: {did:37d945ac0c0d42688d25f35001ec7e96, rid: 14, sn: neurope-prod-entertainment, dt: 2022-10-31T15:20:53.0815544Z, bt: 2022-08-18T00:20:52.4879513Z}
x-cache: CONFIG_NOCACHE
x-fabric-cluster: pmeprodneu
x-msedge-ref: Ref A: 629D362D0EC745039B7EA25D5CA14DA7 Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:39Z
x-powered-by: ASP.NET
x-xss-protection: 1

Redirect headers

Cache-Control: no-store, no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 21:55:38 GMT
Expires: Mon, 07 Nov 2022 21:54:39 GMT
Location: https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02EPF000066C8 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-ms-request-id: 647a2f72-e1fa-4cda-b907-67f897df6545
x-ms-route-info: R3_BL2

GET
H2 200 mapuid
eb2.3lift.com/ 37 B
140 B 35ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/mapuid?suid=1CE0BF3AA74964D4368EAD6FA69B6524&sid=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fe9ee124797601f2fe9f526f39180e503aeeef09e5c04b77c0043a0b54e3b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 21:55:39 GMT
content-md5: BNP1vl19hqBVcu0nKGOnmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: H7mcMolNB3ylFmNKu7vsmFWrS8skae/ZjTCeGG/PJCePYuwTWzGzWGfY+qOwspNLxozyigFecYSN9TAoT/9vdw==
x-fb-trip-id: 686109401
x-fb-content-md5: f01553517d58e947f780ef9b95ad8dd0
cross-origin-opener-policy: same-origin-allow-popups
etag: "fa792df8799efc83c3e756d57ebd96ed"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 22:03:54 GMT

POST
H/1.1 200
OK 1.0
browser.events.data.msn.com/OneCollector/ 0
0 67ms
16ms Ping
application/json 52.178.17.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1667858139199&w=0&anoncknm=ANON
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.17.2 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 35 KB
35 KB 9ms
9ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431837
x-activityid: 0b267f8f-4e30-4b90-bde5-5e4f63f60ee4
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 35878
expires: Sat, 12 Nov 2022 21:52:56 GMT

GET
H2 200 msnhomepagehistory.aspx Show response
www.bing.com/ 2 B
1 KB 313ms
267ms XHR
text/plain 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/msnhomepagehistory.aspx?_=1667858138219
Requested by: Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
content-encoding: br
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-rMxLASUgtKDz9UVnuFSKLkPQSs/J97tOZibq6lsflJk='; base-uri 'self';report-to csp-endpoint
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc: h3=":443"; ma=93600
content-length: 6
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8CEA8A46EF244449CE49BFDD3E8B561 Ref B: MIL30EDGE1514 Ref C: 2022-11-07T21:55:39Z
x-cdn-traceid: 0.92a12417.1667858139.64d63e19
vary: Accept-Encoding
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.msn.com
cache-control: no-cache
access-control-allow-credentials: true
expires: -1

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 35 KB
35 KB 8ms
7ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431837
x-activityid: 0b267f8f-4e30-4b90-bde5-5e4f63f60ee4
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 35878
expires: Sat, 12 Nov 2022 21:52:56 GMT

GET
H2 200 TaboolaCookieSyncScript.js Show response
cdn.taboola.com/ 2 KB
1 KB 35ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/TaboolaCookieSyncScript.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: H.Y5st4f9YCLW_cyz9zrbO7e673uzGOr
content-encoding: gzip
via: 1.1 varnish
date: Mon, 07 Nov 2022 21:55:39 GMT
x-amz-request-id: R1ATA6X9TFJ0PHHW
age: 23763
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 817
x-amz-id-2: E0qjduBI3SC2P8nsxRkvpa2th5iTTuuyDKZuP+wyiRJTNQdMUre8puQFy6QZCHTS/Eptq7UFWYE=
x-served-by: cache-hhn4020-HHN
last-modified: Mon, 16 Oct 2017 10:26:53 GMT
server: AmazonS3
x-timer: S1667858139.238894,VS0,VE0
etag: "c82b00ef266759f04018438bb542679a"
vary: Accept-Encoding
content-type: application/javascript
abp: 20
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 90

GET
H2 200 MSNIdSync.js Show response
widgets.outbrain.com/external/publishers/msn/ 6 KB
3 KB 51ms
8ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c441b3ff7b6f71cbfd706e7baf727979da776efec08a72d09fecee3f87a0635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
content-encoding: gzip
last-modified: Sun, 24 Jul 2022 19:15:35 GMT
server: AkamaiNetStorage
etag: "76aa1244b261862921551cf16db7cea5:1658690246.164768"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2538
expires: Tue, 08 Nov 2022 01:55:39 GMT

GET
H2 200 sync.js Show response
ib.3lift.com/ 275 B
598 B 45ms
7ms Script
application/javascript 13.224.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/sync.js
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-100.fra2.r.cloudfront.net
Software: /
Resource Hash: c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:44:49 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Mon, 07 Nov 2022 21:44:49 GMT
x-amz-cf-pop: FRA2-C1
age: 650
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 275
x-amz-cf-id: Bh_RUggBvgNnt0Z4Wet-R3myf-2kx2jKk8EUhxDGZlQZS7MMBxXQQA==

GET
H2 200 AA12dL39.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 35 KB
35 KB 10ms
8ms Image
image/jpeg 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12dL39.img?h=1080&w=1920&m=6&q=60&o=f&l=f

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
last-modified: Mon, 07 Nov 2022 21:54:00 GMT
x-resizerversion: 1.0
x-source-length: 35293
x-datacenter: eastus
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=431837
x-activityid: 0b267f8f-4e30-4b90-bde5-5e4f63f60ee4
content-location: https://img.s-msn.com/tenant/amp/entityid/AA12dL39?h=1080&w=1920&m=6&q=60&o=f&l=f
timing-allow-origin: *
content-length: 35878
expires: Sat, 12 Nov 2022 21:52:56 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 302 KB
85 KB 24ms
13ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=3ab7f360337d8fa3363f3f6552074bd9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0670e85860c34c6cfa75ff654cf9298d5e190469034741a1a22d8a6bbb28fe6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 21:55:39 GMT
content-md5: isIhCyK07luIl7+4oj/XoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86719
x-fb-rlafr: 0
x-fb-debug: nmMUanOcMdGtPPtpNnnzGyU5cHBFgSjD+mJTy4aBfEaENomiYPqBkNdPYqTu588InuLp4twvr/n9ATS4cqyycg==
x-fb-content-md5: 32e1912c8ccff91d7e61b88a16c7bf2e
cross-origin-opener-policy: same-origin-allow-popups
etag: "f5e6734c96c12d0bbf2e15d007ef9829"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Nov 2023 20:46:43 GMT

GET
H2 200 c.gif
c.bing.com/ Frame 1AB6 42 B
231 B 37ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?aol_uid=nocookie&Red3=MSAOL_pd
Requested by: Host: cdn.adaptv.advertising.com
URL: https://cdn.adaptv.advertising.com/msft/msftsync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.adaptv.advertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:38 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03BFAECC192C41B0B43F6DE39AC06DE7 Ref B: FRAEDGE1706 Ref C: 2022-11-07T21:55:39Z
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 user.sync Show response
api.taboola.com/1.2/json/taboola-usersync/ 110 B
494 B 22ms
15ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.taboola.com/1.2/json/taboola-usersync/user.sync?app.type=desktop&app.apikey=e60e3b54fc66bae12e060a4a66536126f26e6cf8&response.callback=taboolaHandleUpdateUserId
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/TaboolaCookieSyncScript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 751f59c90f9badbec96ccc313b371788f884b71e5fc65a110a0cdd974e1165a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 07 Nov 2022 21:55:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
server: nginx
x-timer: S1667858139.282901,VS0,VE9
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 4796 37 B
139 B 11ms
8ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 07 Nov 2022 21:55:39 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 8AD0 38 B
155 B 9ms
9ms XHR
application/json 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: ATS/9.1.10.25
age: 0
content-type: application/json
access-control-allow-origin: https://tag.idsync.analytics.yahoo.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 53ms
36ms Fetch
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=223505105588011&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fi-bonds-how-to-buy-the-best-low-risk-investment-right-now%2Far-AA11hIW4%3Fcvid%3Ddd65628d39e541f5aee338174f251cff%26fullscreen%3Dtrue%23image%3D3&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ab7f360337d8fa3363f3f6552074bd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 07 Nov 2022 21:55:39 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: yPnRsKATZdxEulsVIsvfkqQ/qQoFa3Q59aRsg1WFVwiTA9RzZ0BV1U1VVKwB3vfCKKegC1vJyRIJ0Kt6x1nYxg==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 1607
Redirect Chain

https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=223505105588011&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df68afdc4...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...

0
0

103ms
88ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df68afdc4841e64%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff5dacf3b20dcfc%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ab7f360337d8fa3363f3f6552074bd9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Nov 2022 21:55:39 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: OiDivfrI7WOLBa4Uak0qm4oCzQ4ispCU9HjvhlYSG4rOMYpFfFzM50froKuADTtT4t409Rg8IKVXLm1M2keClg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 07 Nov 2022 21:55:39 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D223505105588011%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df68afdc4841e64%2526domain%253Dwww.msn.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.msn.com%25252Ff5dacf3b20dcfc%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmsn%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue%26width%3D450
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: qFI5sWAFDnKsquId2ZJJpug0QikmAcwIROzJnIrJE5H8mXnXVo3XA0bdbynrucAQ8tjxzlGm0E8Q5396e3aXMg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1

200
OK

async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F5C4
Redirect Chain

https://ib.adnxs.com/async_usersync_file
https://acdn.adnxs.com/dmp/async_usersync.html

52 KB
17 KB

31ms
6ms

Document
text/html

151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-d7451b69/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ba-816c38-4a252bf6/44-2e08a8-dc19049b/dd-f22302-45b8e775/64-4c5ce6-5599dabd/9e-a7a255-68ddb2ab/a9-ac9b58-68ddb2ab/f1-d0c6aa-cae48929/c7-47822a-f41d9e92?ver=20220818_30431435&fdhead=msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455&csopd=20201118012035&csopdb=20220120005548
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 62016
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 07 Nov 2022 21:55:40 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 678, 798945
X-Served-By: cache-lga13626-LGA, cache-hhn4052-HHN
X-Timer: S1667858140.280725,VS0,VE0

Redirect headers

AN-X-Request-Uuid: 996e3a6b-b8ca-471e-be2a-4df327a144e2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 21:55:40 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://acdn.adnxs.com/dmp/async_usersync.html
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 204 v1
match.sharethrough.com/sync/ 0
35 B 81ms
9ms Image
text/plain 52.28.129.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?supply_id=FPB1dLHF&supply_user_id=1CE0BF3AA74964D4368EAD6FA69B6524
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.129.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-129-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:40 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ 49 B
235 B 69ms
18ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=1CE0BF3AA74964D4368EAD6FA69B6524&external=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:40 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

POST
H2 200 auction Show response
srtb.msn.com/ 7 KB
3 KB 1861ms
1861ms XHR
text/html 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

271846eb68292b20c28155e3d96600c50305f5df0be1a6365c411847db04763f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
x-msEdge-clientId: 1CE0BF3AA74964D4368EAD6FA69B6524
Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-ms-flightId: msnallexpusers,muidflt16cf,muidflt26cf,muidflt51cf,muidflt56cf,muidflt314cf,audexedge2cf,bingcollabedge2cf,pnehp2cf,modcoglangt,platagyhz1cf,platagyhz3cf,audexhz1cf,ads-sbintlc,bingcollabhz1cf,bingcollabhz3cf,onetrustpoplive,shophp1cf,traffic-inc-ft,csmoney2cf,msnsapphire2cf,btrecrow1,1s-winauthservice,weather7cf,cstestisolationgroupcf,routentpring2c,1s-fcrypt,1s-rpssecautht,1s-brcolors,1s-cols-duo,healthfitness2cf,ads-engageyaeu,1s-xapntpseg,1s-compicsync,c48d9324,d6304272,scarlettbian_ctrl_pro,control-6gg2c686,1s-defaultscnc,1-ahi4f455
Content-Type: application/json

Response headers

date: Mon, 07 Nov 2022 21:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B95019892724E6D937363A6DCFCC3A6 Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:40Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=1827
timing-allow-origin: https://www.msn.com

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 94ms
61ms Preflight 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ms-flightid,x-msedge-clientid
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-ms-flightid,x-msedge-clientid
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Mon, 07 Nov 2022 21:55:39 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 940D4B6DB1334552A0BEB13D1A9204CC Ref B: FRAEDGE2022 Ref C: 2022-11-07T21:55:40Z

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame F5C4
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
935 B

14ms
13ms

Script
text/html

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:40 GMT
AN-X-Request-Uuid: d9637280-850b-40bd-b72c-0c4ab5090276
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:40 GMT
AN-X-Request-Uuid: 073d5b9a-9b32-4650-83cc-3ba4a6c72cd1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ 42 B
175 B 34ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=MSAOL_Video_pd&rid=b2b80e74-99cc-4f87-ba96-b13e63f207fd&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/news/technology/i-bonds-how-to-buy-the-best-low-risk-investment-right-now/ar-AA11hIW4?cvid=dd65628d39e541f5aee338174f251cff&fullscreen=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:40 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FF2557DEF7B47C5901963278BE740FE Ref B: FRAEDGE1706 Ref C: 2022-11-07T21:55:41Z
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=b2b80e74-99cc-4f87-ba96-b13e63f207fd&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us...
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D1CE0BF3AA74964D4368EAD6FA69B6524%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember...
https://m.adnxs.com/mapuid?member=226&user=1CE0BF3AA74964D4368EAD6FA69B6524&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D1CE0BF3AA74964D4368EAD6FA69B6524%26redir%3Dhttps%253A%25...
https://m.adnxs.com/mapuid?member=280&user=1CE0BF3AA74964D4368EAD6FA69B6524&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D1CE0BF3AA74964D4368EAD6FA69B6524
https://ib.adnxs.com/setuid?entity=483&code=1CE0BF3AA74964D4368EAD6FA69B6524

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=483&code=1CE0BF3AA74964D4368EAD6FA69B6524

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:41 GMT
AN-X-Request-Uuid: 5879d2a8-258b-42c5-8599-62fbb8702236
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:41 GMT
AN-X-Request-Uuid: f9b523ae-c716-4dc0-9b6a-0badbeb36b45
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/setuid?entity=483&code=1CE0BF3AA74964D4368EAD6FA69B6524
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSDB_pd&rid=b2b80e74-99cc-4f87-ba96-b13e63f207fd&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlefullscreenpage&rf=&tp=https://www.msn.com/en-us/news/...
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=1CE0BF3AA74964D4368EAD6FA69B6524&_rand=570090

43 B
186 B

74ms
47ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=1CE0BF3AA74964D4368EAD6FA69B6524&_rand=570090
Protocol: H2
Server: 104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:41 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 76695086eb9bbbc1-FRA
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0B41BF87B6141D598492E2CE7BFA420 Ref B: FRAEDGE1706 Ref C: 2022-11-07T21:55:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=1CE0BF3AA74964D4368EAD6FA69B6524&_rand=570090
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

1CE0BF3AA74964D4368EAD6FA69B6524
pr-bh.ybp.yahoo.com/sync/msn/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSOATH_pd
https://pr-bh.ybp.yahoo.com/sync/msn/1CE0BF3AA74964D4368EAD6FA69B6524

43 B
603 B

105ms
33ms

Image
image/gif

2a05:d018:d29:3602:1e36:6736:c41a:e1de
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msn/1CE0BF3AA74964D4368EAD6FA69B6524

Protocol

Server

2a05:d018:d29:3602:1e36:6736:c41a:e1de Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:55:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B66B390DAB30439081123442E9720B53 Ref B: FRAEDGE1706 Ref C: 2022-11-07T21:55:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://pr-bh.ybp.yahoo.com/sync/msn/1CE0BF3AA74964D4368EAD6FA69B6524
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cksync.php
hbx.media.net/ 44 B
316 B 75ms
38ms Image
image/gif 95.101.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=1CE0BF3AA74964D4368EAD6FA69B6524

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 07 Nov 2022 21:55:41 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 44
x-mnet-hl2: E
expires: Mon, 07 Nov 2022 21:55:41 GMT

GET
H2 200 m
cm.mgid.com/ 43 B
450 B 169ms
127ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=516415&c=1CE0BF3AA74964D4368EAD6FA69B6524&mode=inverse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 76695086dcdd9195-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F5C4 0
863 B 14ms
14ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:41 GMT
AN-X-Request-Uuid: a996c958-ca5b-4b07-a79a-29a91fd34ca8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa04146c77eee785ebaff74e53a64d00d.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 6F8D 12 KB
13 KB 35ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa04146c77eee785ebaff74e53a64d00d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c04734ca67c2aa9b23235e0407626f54972b25aba2ce3f226fa9ff0998fc200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 07 Nov 2022 21:55:42 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa04146c77eee785ebaff74e53a64d00d.jpg
age: 1684582
edge-cache-tag: 477880147078889529843208083064826804226,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477880147078889529843208083064826804226,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 903
req-referer: https://www.msn.com/
content-length: 12146
x-request-id: ae9d7b22887698244f5d3dcc7ddd4dc8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100108-IAD, cache-iad-kcgs7200055-IAD, cache-lax10633-LGB, cache-iad-kiad7000067-IAD, cache-hhn4060-HHN
last-modified: Sun, 18 Sep 2022 08:29:55 GMT
server: nginx
x-timer: S1667858142.229975,VS0,VE1
etag: "21e6c0874c828fadbb9302a21498ba94"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 77, 1

GET
H2 200 partnerserve
srtb.msn.com/notify/ Frame 6F8D 0
124 B 88ms
85ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/partnerserve?rid=b2b80e7499cc4f87ba96b13e63f207fd&r=swrect&i=1&d=TaboolaNetBidder&p=hp&a=00180e84-0219-46f1-a905-b670f70cda19&l=en-us&pb=https%3A%2F%2Fam-api.taboola.com%2F2.0%2Fjson%2Fmsn-msn-home%2Frecommendations.notify-available%3Fapp.type%3Dbidder%26app.apikey%3D69629143827c91b118c7e0dc9f2a4eb0059feae9%26response.id%3D__e555ba840fc6f495962e1968040fdb51__f5981aabded41dbf3f6a9698336393f3__%257E%257EV1%257E%257E-4262017941119568951%257E%257EEBYZ9AJsJD532ZWr6ImylbCppFmggzdyyhFJOtztT3XTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lStQk6jaQcGGDUiGnTk93_4FS8qr-f53vDbiQQMMys26kqmP4RPdRn4SdUE6vNUYP4VsctugegTGrW6OH2irluUsY9WGK0BXu53LZQ6xpzs-5IA_Q1djYX2rVGGDrmLWNzr5eJ4FmwWUM9dy0hJEfMIbYNuxkstGgcO4J05SVieVjmjOJUNmVbHiz5eFPri1G8yav7SoeidrbxBc9hZA0_A__text%26response.session%3Dv2_aa7476850504b72c9d017885695648e8_1CE0BF3AA74964D4368EAD6FA69B6524_1667858140_1667858140_CIi3jgYQy9c-GILt5Y7nleHJmgEgASgFMDg4m-MJQIyKEEirrdkDUKjsEFgAYABois_zvbbOzIZmcAA%26view.external-id%3Db2b80e7499cc4f87ba96b13e63f207fd%26viperAppType%3DSCONMSFT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40A07C0E8C1445B5ABC971D94FE06057 Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:42Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
content-length: 0
expires: -1

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame 6F8D 0
157 B 555ms
33ms Image
text/plain 34.149.12.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=24974048&cmp=27246784&sid=7697058&plc=328417229&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 21:55:42 GMT
Cache-Control: max-age=0
Connection: close
Expires: 11/06/2022 21:55:42

GET
H2 204 served
srtb.msn.com/notify/ Frame 6F8D 0
135 B 36ms
34ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b2b80e7499cc4f87ba96b13e63f207fd&r=swrect&i=1&p=HP&l=en-us&d=TaboolaNetBidder&b=chrome&a=00180e84-0219-46f1-a905-b670f70cda19&ii=1&c=14900985518220682176&bid=a0fed6a1-3ca7-4a23-a7b7-aad6bd242a7c&tid=HP-swrect-1&ptid=hp-swrect-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D68F5AE7448841B7A26D44CD358255CA Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:42Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 200 partnerserve
srtb.msn.com/notify/ Frame 6F8D 0
124 B 85ms
84ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/partnerserve?rid=b2b80e7499cc4f87ba96b13e63f207fd&r=swrect&i=1&d=TaboolaNetBidder&p=hp&a=00180e84-0219-46f1-a905-b670f70cda19&l=en-us&pb=https%3A%2F%2Fam-api.taboola.com%2F2.0%2Fjson%2Fmsn-msn-home%2Frecommendations.notify-visible%3Fapp.type%3Dbidder%26app.apikey%3D69629143827c91b118c7e0dc9f2a4eb0059feae9%26response.id%3D__e555ba840fc6f495962e1968040fdb51__f5981aabded41dbf3f6a9698336393f3__%257E%257EV1%257E%257E-4262017941119568951%257E%257EEBYZ9AJsJD532ZWr6ImylbCppFmggzdyyhFJOtztT3XTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lStQk6jaQcGGDUiGnTk93_4FS8qr-f53vDbiQQMMys26kqmP4RPdRn4SdUE6vNUYP4VsctugegTGrW6OH2irluUsY9WGK0BXu53LZQ6xpzs-5IA_Q1djYX2rVGGDrmLWNzr5eJ4FmwWUM9dy0hJEfMIbYNuxkstGgcO4J05SVieVjmjOJUNmVbHiz5eFPri1G8yav7SoeidrbxBc9hZA0_A__text%26response.session%3Dv2_aa7476850504b72c9d017885695648e8_1CE0BF3AA74964D4368EAD6FA69B6524_1667858140_1667858140_CIi3jgYQy9c-GILt5Y7nleHJmgEgASgFMDg4m-MJQIyKEEirrdkDUKjsEFgAYABois_zvbbOzIZmcAA%26view.external-id%3Db2b80e7499cc4f87ba96b13e63f207fd%26ppb%3DCLgE%26viperAppType%3DSCONMSFT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DFF3B72B8C4541BCB8374D1C58163D4B Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:42Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 204 viewed
srtb.msn.com/notify/ Frame 6F8D 0
133 B 84ms
83ms Image
image/gif 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/viewed?rid=b2b80e7499cc4f87ba96b13e63f207fd&r=swrect&i=1&p=HP&l=en-us&d=TaboolaNetBidder&b=chrome&a=00180e84-0219-46f1-a905-b670f70cda19&ii=1&c=14900985518220682176&bid=a0fed6a1-3ca7-4a23-a7b7-aad6bd242a7c&tid=HP-swrect-1&ptid=hp-swrect-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 21:55:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45407C13D6EB4EABB72737BF58CA066A Ref B: FRAEDGE1307 Ref C: 2022-11-07T21:55:42Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.msn.com/	1969-12-31 23:59:59	Name: _EDGE_S Value: F=1
.msn.com/	1970-01-20 16:39:14	Name: _EDGE_V Value: 1
.msn.com/	1970-01-20 16:39:14	Name: MUID Value: 1CE0BF3AA74964D4368EAD6FA69B6524
.bing.com/	1970-01-20 16:39:14	Name: MUID Value: 1CE0BF3AA74964D4368EAD6FA69B6524
.c.bing.com/	1970-01-20 16:39:14	Name: SRM_B Value: 1CE0BF3AA74964D4368EAD6FA69B6524
.c.bing.com/	1970-01-20 16:39:14	Name: SRM_M Value: 1CE0BF3AA74964D4368EAD6FA69B6524
.c.msn.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.msn.com/	1970-01-20 07:17:38	Name: ANONCHK Value: 0
.yahoo.com/	1970-01-20 16:03:35	Name: A3 Value: d=AQABBNp-aWMCECn4UA9ILB5O4z2fmlLFjekFEgEBAQHQamNzYwAAAAAA_eMAAA&S=AQAAArgXLzu1CrL64GSuEfrBfZU
.msn.com/	1970-01-20 16:03:14	Name: _SS Value: SID=00
.taboola.com/	1970-01-20 16:03:14	Name: t_gid Value: 3692c67d-082f-4401-a598-9701889366c1-tucta63045b
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: a74abf34a99c4effb7ffdc40fa976d86
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=1184&lt=1667858139&co=1
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DUGCPmI7yJRss44YEmhkt58Gz0Ulet1dGWNMJPm3lRIvny1AaMimz6hCei!ReUtKRN9XQr8D36YKTPM8y3M7qdFBKeam!sJxgxfPYM4mUdb8VS0brmhO2cw!LYJTyZeh1pn7Z!3RaqyxsK9ovWQAEotCYP7dlxtBiyn!eJO4BAlffEILPi4UVi3XN3yiNjJ2XlQHbRpnH6ljw5DXu7uw3fC51PpbUvjtkFIsxrQ1N12XxZsYQVaSIqJmj6WxJjrRcMHZaN32ePlke7cldcJz2md14ywBtLnc!fSsq!sIcYMNqSEdoBDOR9Hp5A$$
.bing.com/	1970-01-20 07:18:21	Name: SUID Value: M
.bing.com/	1970-01-20 16:39:14	Name: SRCHD Value: AF=NOFORM
.bing.com/	1970-01-20 16:39:14	Name: SRCHUID Value: V=2&GUID=142AC1143E9A446AB025C4C1CC3CB900&dmnchg=1
.bing.com/	1970-01-20 16:39:14	Name: SRCHUSR Value: DOB=20221107
.bing.com/	1970-01-20 16:39:14	Name: SRCHHPGUSR Value: SRCHLANG=de
.bing.com/	1969-12-31 23:59:59	Name: _SS Value: SID=1071A37B49086776167AB12E487F66C8
.bizographics.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.linkedin.com/	1970-01-20 08:00:50	Name: UserMatchHistory Value: AQJk8hUhI_axGwAAAYRUF4rIPmMfWgIWE74wr5lVvZ_G7jbHn7s6K10T7PPK4R1sXAShxi4rdAzW3g
.linkedin.com/	1970-01-20 08:00:50	Name: AnalyticsSyncHistory Value: AQLloz1C4AWIXwAAAYRUF4rIlRD0KH1-VbpDIsbVvknP1cXqoydQIgHWHMv7a-KlL-LCNDnC36XYauFGa6nUDw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:03:14	Name: bcookie Value: "v=2&01b55d30-cfef-4450-8a70-4b7e83c9e907"
.linkedin.com/	1970-01-20 07:19:04	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2832:u=1:x=1:i=1667858139:t=1667944539:v=2:sig=AQETQ9Jfmjtjsj4zGboNMgZUdYnunOwb"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:03:14	Name: bscookie Value: "v=1&202211072155391782659c-2ca9-4999-8afb-96f93a69a290AQHl4pka8bgtGJYwTkY54TY9ehivhCgI"
.linkedin.com/	1970-01-20 11:36:50	Name: li_gc Value: MTswOzE2Njc4NTgxMzk7MjswMjGXg3og7Lx+A+py/kKSkGhLFwlCgq8ZIwo5X/JJo/NJoA==
.adnxs.com/	1970-01-20 09:27:14	Name: uuid2 Value: 8076192537738606407
.mgid.com/	1970-01-20 07:17:39	Name: __cf_bm Value: P24ILtajdoHy.cFXl6C1dbqZ_PltJkrhcGkP.Wqmg9U-1667858141-0-AbKoIhyzk03KT91jIk5L2BCi5W1CkiZlL1aEjp5vQYhH53Clz6hR0zenMgJ27x9vdYT7IDAOe7VrIsEweeZQILU=
.adnxs.com/	1970-01-20 09:27:14	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GVRu__R[!]tbPl1N!yv_#NUau?].CN_s++Q8CZxQn#c/Owcz/VDFyBZ6DALSgur3cMw7K<QG=%9sk@3@'s>TOA5Qz
www.msn.com/	1970-01-20 07:19:04	Name: msaOptout Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://jac.yahoosandbox.com/0.14.0/jac.js Message: Allow attribute will take precedence over 'allowfullscreen'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25.ras.yahoo.com
acdn.adnxs.com
api.taboola.com
assets.msn.com
browser.events.data.msn.com
c.bing.com
c.msn.com
cdn.adaptv.advertising.com
cdn.js7k.com
cdn.taboola.com
cm.mgid.com
cms.analytics.yahoo.com
connect.facebook.net
eb2.3lift.com
hbx.media.net
ib.3lift.com
ib.adnxs.com
images.archive-digger.com
img-s-msn-com.akamaized.net
jac.yahoosandbox.com
jill.fc.yahoo.com
login.live.com
m.adnxs.com
match.sharethrough.com
o.aolcdn.com
p.adsymptotic.com
pr-bh.ybp.yahoo.com
prod-m-node-3112.ssp.yahoo.com
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
service.idsync.analytics.yahoo.com
srtb.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
tag.idsync.analytics.yahoo.com
tps.doubleverify.com
visitor.omnitagjs.com
web-prem.ssp.yahoo.com
widgets.outbrain.com
www.bing.com
www.bizographics.com
www.facebook.com
www.linkedin.com
www.msn.com
104.18.102.194
13.107.42.14
13.224.189.100
13.225.78.39
151.101.193.44
151.101.65.108
152.195.51.15
18.156.0.31
185.255.84.152
185.89.210.122
185.89.210.244
192.229.221.28
20.234.93.27
204.79.197.203
212.82.100.182
23.35.237.86
23.36.163.97
2606:2800:233:af6:eab:2108:1892:6d8
2606:4700:1::6813:884e
2620:119:50e7:101::9002:e19
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:16::215:14a3
2a02:26f0:3500:1b::1724:a392
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3602:1e36:6736:c41a:e1de
3.66.124.245
34.149.12.213
40.126.31.67
52.178.17.2
52.28.129.28
52.28.203.152
76.223.111.18
95.101.200.23
0670e85860c34c6cfa75ff654cf9298d5e190469034741a1a22d8a6bbb28fe6b
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
271846eb68292b20c28155e3d96600c50305f5df0be1a6365c411847db04763f
2c04734ca67c2aa9b23235e0407626f54972b25aba2ce3f226fa9ff0998fc200
2c441b3ff7b6f71cbfd706e7baf727979da776efec08a72d09fecee3f87a0635
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6cb1e52043af52e1fcfb5a4144d906ab002079685a5254067adad4705dc220
3e5639a0f3c8ceb8bd7f41d5a8ae80dcfb79d9235b352b490c6e69a8ef168fd9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
61565cdeb7961ad169146db291e9862280371911abff94523657fdbcca958d37
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
647befbfc094fe8a447d3c2ec84a86f0f391bab0fae38accc6befe152f7c7334
6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3
6fe9ee124797601f2fe9f526f39180e503aeeef09e5c04b77c0043a0b54e3b3c
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
751f59c90f9badbec96ccc313b371788f884b71e5fc65a110a0cdd974e1165a8
77ab866268490d29f805187930e80a009f128c79b8ffab5af8a56f6f36476dae
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8df298f72e201afd8d5f1044a62e43aecb8e83d781064c3377bad491b61273cc
98ea9aa66c97e340045e3a67e5e7cfc68f637ffe11fe999f92e6e8497eeb76dd
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
af273c5110580a38f1448b2b103fd27c0585ae545c109b1be008f9eebf2c541b
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
ba5e9ea4fe972e1511989124b40f17a5d5166d1de9743977eca847906b290706
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfd3cbe190ff4419805c621950182af31760e2936895879f25d02ce4ded7f759
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
ce584eb49735b3639eb58e5948225d6d9d971675026bf3087ea9b06869cc6860
cf3227032ad7be6e93b7ca2630d02481adc6eee0b6f4209e81aa2d2e93df2a57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
dc370ebe7676f8d87b119df32c22f62c9446951c3a99f48913f5dd2286b1d691
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e529be808bf040c9559acc389c7f7f7d3576b739813b23d6f3a729e2ac719554
ed4480643494d1c09bba080bb7cd1c5ce66d530c96618afe086af577ff0ba7b3
f16a3f85ddad83956772c7303d75781c01d7da00efe673f57870567817716b56
f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f879251e9cd7ef2abee03ac56ab0d54dc88f6ef7bb18d50337d8237c754e1824

www.msn.com Open in urlscan Pro 204.79.197.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

93 %HTTPS

32 %IPv6

25 Domains

45 Subdomains

34 IPs

6 Countries

1007 kBTransfer

2017 kBSize

33 Cookies

15 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msn.com Open in urlscan Pro
204.79.197.203 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

93 %
HTTPS

32 %
IPv6

25
Domains

45
Subdomains

34
IPs

6
Countries

1007 kB
Transfer

2017 kB
Size

33
Cookies

82 HTTP transactions
1 data transactions